Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

← Ideas

ADR Available Deployments

I would like to see ADR's support the creation of Available deployments in addition to Required deployments. We have some business cases where a certain subset of servers are aren't allowed to "push" software updates to until the server/app owners have verified the patches.

The issue is that these servers don't have connectivity to the internet so we have to deliver them via ConfigMgr. By creating an Available update using an ADR, it streamlines our ability to "deliver" the updates to all systems, and allow the Patching Team, or App/Server owner to patch according to their own business schedules.

313 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Dustin Hedges shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

30 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    This is a huge concern where I work too. What's the point of ADR's if we can't also create an ADR to only make Windows updates show up Available in Software Center? We have a couple hundred specialized devices that absolutely cannot be patched at all automatically and need to be patched manually. Not allowing the type of deployment to be changed to Available until after the rule runs and downloads the updates is ridiculous. Now, I will have to revert back to the old way of deploying the SUG every month that just makes the updates show up in Software Center as Available.

  • Bradley Fox commented  ·   ·  Flag as inappropriate

    This has been on "short term radar" for almost 2 years now. I can't believe this is a heavy lift as it would just require on additional option in the deployment. Please implement this.

    Currently, I let the ADR create the required deployment as disabled then I have to come in every month and change the deployment to Available then enable it.

  • Jeff commented  ·   ·  Flag as inappropriate

    There's really two issues to address here, if Microsoft is indeed a newer, better Microsoft under Satya.

    1. Yes please stop artificially limiting this feature. And that's really what needs to be done here. No one is asking for you for new code - this feature is available in other areas of the same product. It was simply a choice by MS to not allow for the use of this feature here.
    2. Which leads to the second issue. A 'Better Microsoft' is a Microsoft that gets off its ego driven high horse, and stops forcing certain options, or enforcing the limitation or removal of options, based on someone at Microsoft deciding how things should be done in some environment they do not understand. And environments outside of Microsoft offices are CLEARLY environments Microsoft does not understand. Stop trying to ENFORCE your idea of how work should be done, because it just harms your reputation every single time you do that. Make your products feature - rich, not feature - poor. Make them FLEXIBLE, not rigid. If you have a feature, make it widely available - instead of using it as a medium to tell people how things ought to work in some environment you clearly do not understand.

  • Waingro commented  ·   ·  Flag as inappropriate

    We need this terribly. I can't even believe it isn't an option. We deploy updates as available to unknown systems and specific groups who get white-glove update installation service. With the current setup this is a manual process or I have to spend cycles to script it out. Either effort is pointless when the tool is capable and should be doing it already.

  • Levi Stevens commented  ·   ·  Flag as inappropriate

    It would be nice to have this, I end up creating deployments "12" months in the future for mandatory time.

  • Todd Mote commented  ·   ·  Flag as inappropriate

    The way I do this is I "deploy" the SUG created by the ADR again as Available. My ADRs reuse the same SUG every month. So every month when the SUG updates from the ADR, the Required deployment gets updated and because it's on the same SUG, my Available deployment gets updated. Each of my OS/Office SUGs has two deployments on it, one Required and one Available. It would be nice to have the ADR do both, but it's a little manual work to get the desired result.

  • C commented  ·   ·  Flag as inappropriate

    Any updates on this? djam's comment says "short term radar" and it's been over a year now since this comment...

  • Jeff Rubin commented  ·   ·  Flag as inappropriate

    We need this ability too. We have lab machines in an isolated network that we only want to advertise software updates and essentially make it optional. A deployment deadline in the future takes care of this, but it downloads the updates to the ccmcache folder which we do not want. It's wasted bandwidth and wasted CPU cycles as these machines are reverted to a base snapshot on an almost daily basis. We assume making the deployment "available" instead of "required" would solves this.

  • Simon Brouillard commented  ·   ·  Flag as inappropriate

    @Peter: as a workaround, you could set a maintenance windows for update deployment of 5 mins in 10 years from now (on your server manual collection) and on your deployment, do not allows installation and reboot outside the Maintenance window, that would have almost the same behavior as available, at least that is what we do for our server(s) to simulate available deployment.

  • Vid3al commented  ·   ·  Flag as inappropriate

    The possibility of creating an ADR--> SUG--> Deployment with the option "Available" (All automated) is important! We have thousands of servers and not all of them are automatically updatable. Many servers must be updated manually especially if they do not have access to the Internet.
    Many servers can not have maintenance windows with a definite time frame, there are operations that in the case of updates, you have to act manually to manage those hot and delicate services provided by these servers.It's important to have this chance!

  • peter kluver commented  ·   ·  Flag as inappropriate

    @Gregor Achmed: This is not "a perfect way" at all. For example a big IT infrastructur can have several thousands of servers, and you might not have the time (or other priorities) to install updates within the 12 months window. There are several reasons why there could be server(s) who only allow a maintenance window for example every 2 years. Available must mean at all times available, so no deadlines whatsoever.

  • Gregor Achmed commented  ·   ·  Flag as inappropriate

    Not sure if this is still relevant but..
    the perfect way to make ADR's available is to set a deadline to 180 Days or 12 Monaths or whatever. It works perfectly and you will definetaly start the installation manually in the next 12 Months.
    just let your client choose a day in the next X-Amount Days and done.

  • Jeremiah Hunt commented  ·   ·  Flag as inappropriate

    This would be a huge boon as I presently have a server infrastructure that cannot auto apply updates but needs to be available.

← Previous 1

Ideas: Software Updates

Categories

Feedback and Knowledge Base

(thinking…)