destruxion Posted December 6, 2013 Report post Posted December 6, 2013 Hello, I have about 8 labs (Windows 7, ~20-35 machines per each lab) spread across campus. These labs have Deep Freeze on them. We've recently started implementing SCCM 2012. What would be the best practice to update these machines that are frozen across campus? Each lab currently has their own separate scheduled maintenance time with Deep Freeze at some time within the night where it would check for updates from our WSUS server and then install them. We still have this WSUS server, but we now have SCCM 2012 on it also. I'm not sure how having SCCM 2012 on this server will now effect how these machines try to get updates from WSUS. What is the best practice for keeping all of these machines up to date? Do I have to create an ADR for each lab and correspond it to the scheduled maintenance time? Quote Share this post Link to post Share on other sites More sharing options...
Southerner Posted February 2, 2015 Report post Posted February 2, 2015 Faronics has told me that we can either set Deepfreeze to handle the windows update (turn off windows update in Windows but set DeepFreeze for a windows update window) or let SCCM do it and not set a Windows update maintenance window. Until we started running into the DF service getting corrupted I would and still do set the bios to automatically turn the computers on 10 minutes before DF thaws the machines for maintenance (1AM in our case). With the computers thawed you can have SCCM deliver windows updates in a normal fashion but during the prescribed window. The DF task scheduler could be set up to run other updates on other days and times. I update Sophos on one day. I have not started trying to update JRE or Adobe but those could be done. Faronics has a white paper on SCCM and DeepFreeze. I think it mostly just tells you how to run the command line tool to thaw a machine prior to installing something or freeze it when done but it does give you insight into what might be done and how. DeepFreeze has been a good product for us and has saved us a lot of headaches. I have about 8 labs (Windows 7, ~20-35 machines per each lab) spread across campus. These labs have Deep Freeze on them. We've recently started implementing SCCM 2012. What would be the best practice to update these machines that are frozen across campus? Each lab currently has their own separate scheduled maintenance time with Deep Freeze at some time within the night where it would check for updates from our WSUS server and then install them. We still have this WSUS server, but we now have SCCM 2012 on it also. I'm not sure how having SCCM 2012 on this server will now effect how these machines try to get updates from WSUS. Quote Share this post Link to post Share on other sites More sharing options...
