Continuing on the theme of the last few posts and updating and distributing software via Windows Intune, I thought it was time to address a few of the issues I’ve encountered since working with Windows Intune. These may be publically documented, but if so, I haven’t seen the links yet.
The first mystery I encountered was the discrepancy between the traffic showing on the client NIC properties during the update process. The best way to explain this is that it seems that Windows Intune will front load many of the updates that are approved for that machine, even if they aren’t going to be installed this time round. This means that if you really wanted to monitor the traffic, you need to do it prior to each reboot, and sum it up for the total traffic received. Otherwise you will see scenarios where there is almost no traffic generated for a large number of system updates which appear to have been downloaded to install.
There was one file in particular which highlighted what was happening, and that was the Windows 7 SP1 file being copied into the C:WindowsSoftwareDistribution folder a reboot or two before it’s installation. My aggressive update and update auto approval is heavily responsible for the amount of traffic generated, but the end result is still good.
That also confirmed something I was curious about, which was how Windows Intune treated the SP1 installation. Was it like Windows Update, where it would determine what updates were actually required, or the WSUS approach of giving the client the full binary for installation. In this case, it’s the full installation, which aligns more with the view that Windows Intune’s update approval process is like WSUS in the cloud, with Windows Update really just providing the back end infrastructure.
The second mystery solved was the problematic KB2523130 hotfix. Turns out that it isn’t required once Service Pack 1 of Office 2010 is installed, thus the high number of install failures I was seeing with it. This also reinforced my view around staying away from monolithic installation approaches, I’ve removed this update from my managed software list without any need to create or update any existing packages.