Clean Software Update Packages in ConfigMgr with PowerShell

Over time Software Update Packages (read Deployment Packages, but with a proper name) most of the time are filled with unwanted Software Updates if no regular maintenance is performed, leading to unwanted Software Update content taking up unnecessary disk space. I’ve previously created a script to remove expired and superseded Software Updates from a Software Update Group that also removes the content. For most cases using this script or console extension is sufficient. But in some cases, you might have to attack the problem from another angle. In this post I’ll share a script that I’ve created for a good friend of mine that will clean up a Software Update Package from Software Updates that meets the criteria passed to the script.

Download the script

You can download the script from the following link:

Script documentation

Version 1.0.0 of the script contains requested features such as capabilities to be able to remove Software Updates that are either not deployed or was not required by any systems according to scan data. Since ConfigMgr environments never look the same, and different scenarios present themselves, the two main features of the script can selectively be chosen when the script is invoked, catering for different usage scenarios:

  • Remove Software Updates that are not deployed
  • Remove Software Updates that are not required on any systems

In future version, I’ll add additional capabilities, and if wanted from the community it could be turned into a console extension.


Use the script to clean a Software Update Package that contains Software Updates matching any or all of the criteria mentioned above. Below is an example of a Software Update Package that contains a set of Software Updates that match both criteria:

Follow the instructions below to run the script:

Before you can run the script, you’d need to identify the PackageID value of the Software Update Package you want to clean up. Use the value of the package and pass it to the -PackageID parameter.

  • Download the script from GitHub and place it on e.g. C:\Scripts.
  • Open an elevated PowerShell console and browse to where you saved the script.
  • Run the following command (remember to change the parameter values to suite your environment):
.\Clean-CMDeploymentPackage.ps1 -SiteServer CM01 -PackageID P0100067 -NonDeployedUpdates -NonRequiredUpdates -ShowProgress -Verbose

By using the -ShowProgress and -Verbose switches with the script, you’ll get an overview of the current progress together with detailed information regarding what the script is actually doing.

When the script has executed successfully and completed, the Software Update Package will no longer contain the Software Updates that got removed:

Nickolaj Andersen

Chief Technical Architect and Enterprise Mobility MVP since 2016. Nickolaj has been in the IT industry for the past 10 years specializing in Enterprise Mobility and Security, Windows devices and deployments including automation. Awarded as PowerShell Hero in 2015 by the community for his script and tools contributions. Creator of ConfigMgr Prerequisites Tool, ConfigMgr OSD FrontEnd, ConfigMgr WebService to name a few. Frequent speaker at conferences such as Microsoft Ignite, NIC Conference and IT/Dev Connections including nordic user groups.



Categories use cookies to ensure that we give you the best experience on our website.