| Branch | Build status | Last commit | Latest release | PowerShell Gallery | GitHub |
|---|---|---|---|---|---|
master |
 |
 |
  |
 |
 |
PSCMSnowflakePatching is a PowerShell module used to remotely invoke the install of software updates deployed to Microsoft Endpoint Configuration Manager clients.
With this module you can:
- Pass a list of one or more computer names, a ConfigMgr device collection ID, or interactively choose a ConfigMgr device collection
- For each host, invoke the install of all software updates deployed to it
- See realtime feedback and result from each patch job written to the PowerShell console
- Receive an output object when patching is complete for all hosts with the results
To read more of a discussion about how to use this module, see my blog post Patching Snowflakes with ConfigMgr and PowerShell.
- Invoke-CMSnowflakePatching
- Invoke-CMSoftwareUpdateInstall
- Get-CMSoftwareUpdates
- Start-CMClientAction
Invoke-CMSnowflakePatching is the primary function of interest in this module. The others are actually helper functions for it, however I decided to make them public functions as they might be useful for you for other needs.
In order to use PSCMSnowflakePatching, here are the requirements:
- For each host you wish to target for remotely invoking the install of software updates, they must be reachable using PowerShell Remoting. Here is the Microsoft doc for PowerShell Remote requirements: (about_Remote_Requirements](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_remote_requirements)
- Microsoft Endpoint Configuration Manager PowerShell module must be installed
- You, or the service running the code, must have access to Configuration Manager itself in order to retrieve device collections and its members.
- You, or the service running the code, must have permissions on the remote hosts to:
- Reboot
- Query WMI classes and invoke methods in the
root\CCMnamespace- A quick and dirty way to test, import the module and run the below safe commands and if no errors are thrown, you're probably OK:
Start-CMClientAction -ComputerName 'hostname' -ScheduleId 'MachinePolicyEvaluation'
Get-CMSoftwareUpdates -ComputerName 'hostname'Install and import:
Install-Module PSCMSnowflakePatching
Import-Module PSCMSnowflakePatchingMake one or more update available to a target system by deploying it from Microsoft Endpoint Configuration Manager.
For example, I deployed a handful to my test collection and executed the below:
$result = Invoke-CMSnowflakePatching -CollectionId 'P0100016'Write-Host is used to produce realtime feedback about the process:
Within the $result variable is the output object, which could be handy for your other automation needs:
By default it doesn't reboot or make any retry attempts, but there parameters for this if you need it:
-AllowRebootswitch will reboot the system(s) if any update returned an exit code indicating a reboot is required-Attemptsparameter will let you indicate the maximum number of retries you would like the function to install updates if there was a failure in the previous attempt
- Pass alternate credentials for connecting to remote hosts
- Consider using PendingReboot or Test-PendingReboot from the gallery to make the
IsPendingRebootreflect more than just the newly installed updates exit code