Offline Servicing in SCCM is the process through which you can inject software updates in your operating system WIM files.
This process can alleviate your build and capture yearly/bi-yearly WIM updates that you most likely run in your enterprise. However, as much as this process is great to shorten your gold image updates, it’s still not perfect. Why? The answer is quite simple. Even if your gold image contains products such as Microsoft Office, offline servicing will not apply Office patches even though these are downloaded to your Software Update Point. Only core Windows applications can get patched through this process.
What are the type of core applications that you can apply patches to? Obviously, Windows, Internet Explorer, .Net Framework and so on and so forth. (also called CBS, for Component Based Servicing)
SCCM Offline Servicing Overview
Here’s what happens in the background when you start the SCCM Offline servicing process :
- SMS_Executive starts the SMS_Offline_Servicing_Manager either via a schedule or manually, depending on how you configured it
- SCCM copies your WIM in a temporary folder
- The WIM gets mounted (or extracted if you will) to a mount directory
- By using DISM the Offline Servicing will attempt to see if a given software update is applicable (installed or not) to your WIM file. If not, it injects it
- This gets repeated for all software updates
- The image gets unmounted and the WIM is rebuild
- A backup of the WIM is created
- The new WIM gets copied back to its original location
- Your distribution point gets updated (if you chose to update them) or else, you should plan to update them
How to Initiate SCCM Offline Servicing
So now that we have all this theory explained, let’s get our hands dirty. How do we actually do this?
- From the SCCM console, navigate to Software Library / Operating System / Operating System Images
- Right click on your image you wish to inject patches to and choose Schedule Updates
- You can either choose to select all software updates or only a subset. Make sure the correct architecture is selected for your Wim and click Next
- Set a Schedule if you want to plan ahead, if not, choose As soon as possible. To your choosing, select to Continue on error and Update the distribution points with the image, click Next
- Validate your selections and click Close
Monitoring
You can monitor the process via 3 log files :
- OfflineServicingMgr.log – ConfigMgrInstallPath\Logs
You can refer to the high level steps above to match the numbers in the screenshots with the steps
- SMS_Executive calls SMS_OFFLINE_SERVICE_MANAGER (1)
- A backup is taken (2)
- WIM file gets mounted (3)
- Updates get applied (4)
- WIM gets unmounted (5)
- The backup copy is moved (6)
- WIM gets copied back (7)
- DISM.log – Windows\Logs\Dism\DISM.log
You can also view the details of what DISM does patch per patch in this log. Take heed though, DISM.log tends to be very chatty/verbosy.
- DistMgr.log – ConfigMgrInstallPath\Logs
To view your WIM file get distributed on all your DPs.
Here’s to hoping this clears up the whole Offline Servicing for you all!
14 Comments on “Inject Software Updates in your WIM using SCCM Offline Servicing”
I have a windows 64 bit image i’m tring to schedule 4 updates that are listed. it goes through the process, but does not install them. in the update tab is list them as applicable. what can I do to get past this. I get an error fail to install error code 2095 I even try to inject these manaually and I still cannot get them into the image. this is very important that I get these four updates into this image
Same problem here (Ent 2016 LTSB wim) :
When performing the steps to update the .wim file with the latest Win10 updates, everything looks great: the selected updates are successfully added to the image. And with deployment it all looks good too.
But after deploying the TS to a new computyer, for some reason, these same updates that were already slipstreamed in the image will get offered by Software Center again, and the computer will try to install them again. I can’t find out why this happens. When looking at the Update history on this new client computer, the slipstreamed updates are not even there ?
Even worse, sometimes SCCM will even try to install older Cumul. Updates for Win10 than the ones already slipstreamed in the wim file? It makes me wonder if I should even bother at all updating my wim file every month, since this is definitely not working the way it is intended.
I mean, what’s the point of waisting time installing updates on your wim file, if they are being reinstalled again after deployment anyway ? MS needs to fix this.
Does anyone know how to configure the disk used for mounting the wim? It’s trying to use the disk we’ve installed ConfigMgr on, with 30GB free, instead of the one with 100GB+ free.
Under Administration –> Sites –> Config Site Components –> OS Deployment. Change “Auto” to the drive letter you want to use.
Can I still build machines while the update process is running?
Hi,
I injected updates from 2017-11 to 2018-01 into my 1709 WIM, but when I image a machine I don’t see the updates installed and Windows is telling me its missing critical updates.
Has anyone else experienced this?
Mine fails when unmounting the image…tried twice now, I’m using SCCM 1706 trying to service a Win 10 1703 image on Server 2012 R2 with latest updates.
Can you update a Windows 10 1703 image (wim file) with updates for Windows 10 1709? Or can you inject updates to raise the 1703 build to 1709?
Hi AJP,
Why no grab the latest WIM for 1709?
I don’t think you can upgrade a WIM offline from 1703 to 1709.
For sure the offline servicing will not help for this.
Jonathan
I’m still confused as to how to appropriately use this function. I select all the updates, but it seems to be pulling the list of updates from MS? So there’s a crap ton of updates that do not at all apply to our environment. And I sure the heck am not going to write down all the updates kb’s, and then go through this list one by one unselecting stuff. 😐
You need to fix this Microsoft. I’m getting tired of this half-finished stuff hitting the market.
Have you tried using the filter option under the ‘Select/Unselect All’ checkbox.
Just type the OS yo u are using 😉
Same here… 1610 wim, aplied the sept rollup via offline servicing… all looked good.
Built a machine, and it promptly downloaded and installed the rollup.
Not good.
I have the same issue what Rob has. Has anybody a solution or a point where i can look?
We have some issues when using this method, I was wondering if you could shed a light.
We are deploying windows 10 pro (14393). Our SCCM runs at 1610.
When I perform the steps to update the .wim file with the updates everything looks great, DISM logs look good, updates are successfully added to the image.
And with deployment it all looks good too. When the deployment is finished, when I run “winver” it shows the correct updated buildnumber (in our case 14393.1198).
But then the trouble starts, because for some reason the same updates that were slipstreamed in the image will get offered by Software Center again, and the computer will try to install them again. I can’t seem to find out why this happens. It feels like SCCM doesn’t detect the updates that were slipstreamed.
The only solution for us so far has been to use the non-updated .wim and add a “apply updates” step to our task sequence. Downside is that this takes much longer.
Am I overlooking something?