- SmartDeploy: Rethinking software deployment to remote workers in times of a pandemic - Thu, Jul 30 2020
- Outlook attachments now blocked in Office 365 - Tue, Nov 19 2019
- PolicyPak MDM Edition: Group Policy and more for BYOD - Tue, Oct 29 2019
Automatic deployment rules (ADRs) take software update deployments to a level far beyond WSUS. They allow you to granularly specify exactly how, when, and what software updates to install on your machines. They rely on collections and deployments. Let’s configure those first.
We are going set up update groups and rules for Windows 8.1. You will need to repeat this process for each operating system that you support. In Part 1, we showed how to create a collection based on the operating system name. You can see the operating systems that you support when you are creating a new query by clicking the Value button under Criterion Properties. Be sure to use “%” symbols to broaden your collection query.
Be sure to use % symbols to broaden your collection query.
Creating a baseline update group for Windows 8.1
Launch the Configuration Manager Console. Navigate to Software Library\Software Updates\All Software Updates. Ensure that your software update point has synced. Syncing will just show updates; none should be downloaded yet.
View showing all software updates synced
In the top right, select Add Criteria. Select the Product and Superseded boxes. Under the Search box, change the product to Windows 8.1 and change Superseded to No. Click Search again to filter your updates to show only active 8.1 packages.
Our custom search for active 8.1 updates
Select all of the updates, right-click, and choose Create Software Update Group. Name your group Baseline: Windows 8-1.
Under Software Updates, navigate to Software Update Groups. Select your new baseline group and choose Deploy from the Home menu. Rename your deployment to Baseline: Windows 8-1. For the deployment collection, choose your Software Updates - Windows 8.1 Clients (or 8.1 test group) that you created in Part 1.
Naming our baseline update deployment
Under Scheduling, change the installation deadline to an appropriate time for your environment. I prefer to give my clients a full two weeks before the installation deadline hits.
Properly setting the installation deadline to off-peak times will reduce user frustration
User Experience allows us to customize notifications, installations, and restarts. If you would prefer your users to not be notified about pending installations, change the notification to Display in Software Center, and only show notifications for computer restarts. Leave the remaining items at their default values.
Setting the User Experience for our baseline update deployment
Continue through the wizard until you reach Deployment Package. Select Create a new deployment package. Name it Windows 8.1 Monthly Updates. Set the package source to a share on your primary server. You will need to manually create the share/folder path. The screenshot below shows you the structure that I use.
Deployment package update folder
On the summary page, select Save As Template and name your template Baseline Updates. Your updates will now download and begin deployment. You can view the actual packages by navigating to your Windows 8.1 Deployment Packages folder on your primary server. Remember to repeat this process for each product that you plan to update.
Creating the automatic deployment rule
The baseline deployment ensures that your clients have all of their past updates. Now, you need a method to ensure future updates are applied. Under Software Updates, select Automatic Deployment Rules – Create Automatic Deployment Rule.
Name your rule ADR: Windows 8-1 Monthly Updates. Select Patch Tuesday under Templates and specify your deployment (8.1) collection. Proceed to Software Updates and add/edit the following:
- Date Release or Revised: 1 week (7 days)
- Product: Windows 8.1
- Update Classification: Critical, Security, Updates
A one-week release period allows you to rerun the rule if needed.
Specifying filters and search criteria
On the Evaluation Schedule screen, change the run time to occur on the second Wednesday of each month. Ensure that the run time for the rule is after the sync schedule set up in Part 1. In the screenshot below, the sync schedule is set for 12:00 AM. The rule runs at 3:00 AM.
Setting the evaluation schedule for the ADR
Set your deployment schedule and user experience as was done for the baseline deployment. Be sure to adjust the installation schedule to an off-peak time. Under Deployment Package, select your previously created Windows 8.1 package.
Once done with the wizard, you can immediately run the rule against a test group or wait for the rule to process on schedule. Remember to create an automatic deployment rule for each product that you plan to update.
In our final part, we will cover maintenance windows, monitoring, and update troubleshooting.
Read the latest IT news and community updates!
Join our IT community and read articles without ads!
Do you want to write for 4sysops? We are looking for new authors.
