ADR Available Deployments
I would like to see ADR's support the creation of Available deployments in addition to Required deployments. We have some business cases where a certain subset of servers are aren't allowed to "push" software updates to until the server/app owners have verified the patches.
The issue is that these servers don't have connectivity to the internet so we have to deliver them via ConfigMgr. By creating an Available update using an ADR, it streamlines our ability to "deliver" the updates to all systems, and allow the Patching Team, or App/Server owner to patch according to their own business schedules.
Dustin Hedges
shared this idea
on our short term radar.
17 comments
-
Jeff Rubin
commented
We need this ability too. We have lab machines in an isolated network that we only want to advertise software updates and essentially make it optional. A deployment deadline in the future takes care of this, but it downloads the updates to the ccmcache folder which we do not want. It's wasted bandwidth and wasted CPU cycles as these machines are reverted to a base snapshot on an almost daily basis. We assume making the deployment "available" instead of "required" would solves this.
-
Simon Brouillard
commented
@Peter: as a workaround, you could set a maintenance windows for update deployment of 5 mins in 10 years from now (on your server manual collection) and on your deployment, do not allows installation and reboot outside the Maintenance window, that would have almost the same behavior as available, at least that is what we do for our server(s) to simulate available deployment.
-
Vid3al
commented
The possibility of creating an ADR--> SUG--> Deployment with the option "Available" (All automated) is important! We have thousands of servers and not all of them are automatically updatable. Many servers must be updated manually especially if they do not have access to the Internet.
Many servers can not have maintenance windows with a definite time frame, there are operations that in the case of updates, you have to act manually to manage those hot and delicate services provided by these servers.It's important to have this chance! -
Richie Schuster SCCMOG.COM
commented
When? :)
-
peter kluver
commented
@Gregor Achmed: This is not "a perfect way" at all. For example a big IT infrastructur can have several thousands of servers, and you might not have the time (or other priorities) to install updates within the 12 months window. There are several reasons why there could be server(s) who only allow a maintenance window for example every 2 years. Available must mean at all times available, so no deadlines whatsoever.
-
Gregor Achmed
commented
Not sure if this is still relevant but..
the perfect way to make ADR's available is to set a deadline to 180 Days or 12 Monaths or whatever. It works perfectly and you will definetaly start the installation manually in the next 12 Months.
just let your client choose a day in the next X-Amount Days and done. -
Jeremiah Hunt
commented
This would be a huge boon as I presently have a server infrastructure that cannot auto apply updates but needs to be available.
-
peter kluver
commented
This request is open for more then1 year and 9 months now. I hope it will be available in the new release.
The current option we will use is to let the ADR's run at patch tuesday, for the available SUGs we would NOT enable the Deployment. Then we need to run a powershell script to kickoff after the ADR's have ran, search for the "Available" SUGs (use it in your SUG names), put them on "Availabe" instead of "Required" and after that Enable the deployment.
A tricky solution because if the script for some reason doesn't run, we are behind on patches. I would love to see the Available deployment option in the ADRs!
-
DG
commented
Been wanting this for years now. Hope to see this feature very soon! Was disappointed it didn't make it into the 1806 release.
-
Henrik
commented
Any update on this ?
-
Markus
commented
+10
We need this feature too. -
Christoph
commented
scheduled installations in an automotive and engineering environment is not always possible - many computers must run for days or even weeks without a reboot - without beeing interrupted by updates - so we really need the option to make it available.
-
Tony
commented
+1 I really need this function as well. I'm working with computers that deal with life and death situations. These computers need to be installed in a controlled timeline with the enduser.
I see others here seems to create the job and deployment from the ADR but modify it afterwards to a available job. Is that a possible and secure solution?
-
Anonymous
commented
You have in general tab on ADR "enable deployment after this rule is run" option. If you uncheck this, new created updates will wait for enabling them to deployment. Even if you create deployment that is "available" not "required" - it wait max 12 months and reach deadline time and install.
-
Anonymous
commented
+1 . I created ADR with my schedule. Every time after ADR starts, Deployment is created with new Deploymet Settings. In the Deployment Settings type is set as Required. I'm tired every time to track this, go and change the Required on the Available . It is very bad. I need to be set Available but not Required. I set it to Available, but after the ADR has been triggered, the Required parameter is set again. Is this normal behavior? Please add Available type possible in to ADR.
-
Andrew Stalker
commented
+1 here. Currently working with a customer to migrate patching from WSUS to SCCM. They are not currently in a position to automate scheduled installations so want to use an ADR but only make Software Updates available so individual server admins can control their own update times
-
Markus
commented
I also miss this function! Then i would not need my workaround:
- ADR with required deployment to dummy collection
- add an available deployment to the software update group (created by adr)