SCCM – Backup Software Update Groups

  • Article

Introduction

There are many situations in which the integration between SCCM & WSUS being the SUP (Software Update Point Role) may gather issues along the way, so it’s important to have these backed up besides the actual SCCM database via the Site Backup maintenance task.

As these objects do not contain an export function for a .MOF file extension, there is another method in which this can be done via PowerShell.

So we will go through the following

  • Backup of the Software Update Groups
  • Recovery of the Software Update Point Groups

With SUGs they contain the WSUS updates which would have already been synchronized into SCCM, so if recovering from any disaster situation these would also count as objects which would have to be re-created in order to support you WSUS patching schedules if utilising these.

Though you can indeed run a report on the SUGs and obtain a detailed list of each SUGs updates, you will still need a method to re-create this without needing to go through the administrative effort of recreating them manually.

Backup of the SUGs

So firstly you will need to obtain the lists of the SUGs as well as the updates within them so use the following lines.

$SUGs = Get-CMSoftwareUpdateGroup | ForEach-Object {$_.LocalizedDisplayName}

ForEach ($SUG in $SUGs) {(Get-CMSoftwareUpdate -UpdateGroupName $SUG | ForEach-Object {$_.LocalizedDisplayName}) | Out-File <Directory to file>.$SUG.csv}

This should allow you take a record of each of the SUGs and also all of the windows updates that are contained within them.

Recovery of the SUGs

These lines focus on an individual recovery of each depending if only one or all are missing.

$SUG = “” # Add Software Update Group Name Here

$CheckIfExists = Get-CMSoftwareUpdateGroup – Name $SUG

If ($CheckIfExists -ne $null) {Write-Host “Software Update Group Already Exists”} Else {Write-Host “Software Update Group does not exist and needs to be created”; New-CMSoftwareUpdateGroup -Name $SUG}

$UpdatesExport = Import-CSV <Directory to File> -Header Updates # Add location of the exported file in the quotation marks

$UpdatesExport | ForEach-Object {$_.Updates} {Add-CMSoftwareUpdateToGroup -SoftwareUpdateGroupName $SUG -SoftwareUpdateName $_.Updates}

This should be able to achieve the following

  • Check if the SUG exists and if not create it
  • Add any missing windows updates which should belong to the SUG

Create these scripts and save them, Ideally have the Backup SUG lines run on a suitable interval to have a checkpoint of them.