ADR Available Deployments
I would like to see ADR's support the creation of Available deployments in addition to Required deployments. We have some business cases where a certain subset of servers are aren't allowed to "push" software updates to until the server/app owners have verified the patches.
The issue is that these servers don't have connectivity to the internet so we have to deliver them via ConfigMgr. By creating an Available update using an ADR, it streamlines our ability to "deliver" the updates to all systems, and allow the Patching Team, or App/Server owner to patch according to their own business schedules.
on our short term radar.
Any updates on this? djam's comment says "short term radar" and it's been over a year now since this comment...
+1000 to this.
Jeff Rubin commented
We need this ability too. We have lab machines in an isolated network that we only want to advertise software updates and essentially make it optional. A deployment deadline in the future takes care of this, but it downloads the updates to the ccmcache folder which we do not want. It's wasted bandwidth and wasted CPU cycles as these machines are reverted to a base snapshot on an almost daily basis. We assume making the deployment "available" instead of "required" would solves this.
Simon Brouillard commented
@Peter: as a workaround, you could set a maintenance windows for update deployment of 5 mins in 10 years from now (on your server manual collection) and on your deployment, do not allows installation and reboot outside the Maintenance window, that would have almost the same behavior as available, at least that is what we do for our server(s) to simulate available deployment.
The possibility of creating an ADR--> SUG--> Deployment with the option "Available" (All automated) is important! We have thousands of servers and not all of them are automatically updatable. Many servers must be updated manually especially if they do not have access to the Internet.
Many servers can not have maintenance windows with a definite time frame, there are operations that in the case of updates, you have to act manually to manage those hot and delicate services provided by these servers.It's important to have this chance!
Richie Schuster SCCMOG.COM commented
peter kluver commented
@Gregor Achmed: This is not "a perfect way" at all. For example a big IT infrastructur can have several thousands of servers, and you might not have the time (or other priorities) to install updates within the 12 months window. There are several reasons why there could be server(s) who only allow a maintenance window for example every 2 years. Available must mean at all times available, so no deadlines whatsoever.
Gregor Achmed commented
Not sure if this is still relevant but..
the perfect way to make ADR's available is to set a deadline to 180 Days or 12 Monaths or whatever. It works perfectly and you will definetaly start the installation manually in the next 12 Months.
just let your client choose a day in the next X-Amount Days and done.
Jeremiah Hunt commented
This would be a huge boon as I presently have a server infrastructure that cannot auto apply updates but needs to be available.
peter kluver commented
This request is open for more then1 year and 9 months now. I hope it will be available in the new release.
The current option we will use is to let the ADR's run at patch tuesday, for the available SUGs we would NOT enable the Deployment. Then we need to run a powershell script to kickoff after the ADR's have ran, search for the "Available" SUGs (use it in your SUG names), put them on "Availabe" instead of "Required" and after that Enable the deployment.
A tricky solution because if the script for some reason doesn't run, we are behind on patches. I would love to see the Available deployment option in the ADRs!
Been wanting this for years now. Hope to see this feature very soon! Was disappointed it didn't make it into the 1806 release.
Any update on this ?
We need this feature too.
scheduled installations in an automotive and engineering environment is not always possible - many computers must run for days or even weeks without a reboot - without beeing interrupted by updates - so we really need the option to make it available.
+1 I really need this function as well. I'm working with computers that deal with life and death situations. These computers need to be installed in a controlled timeline with the enduser.
I see others here seems to create the job and deployment from the ADR but modify it afterwards to a available job. Is that a possible and secure solution?
You have in general tab on ADR "enable deployment after this rule is run" option. If you uncheck this, new created updates will wait for enabling them to deployment. Even if you create deployment that is "available" not "required" - it wait max 12 months and reach deadline time and install.
+1 . I created ADR with my schedule. Every time after ADR starts, Deployment is created with new Deploymet Settings. In the Deployment Settings type is set as Required. I'm tired every time to track this, go and change the Required on the Available . It is very bad. I need to be set Available but not Required. I set it to Available, but after the ADR has been triggered, the Required parameter is set again. Is this normal behavior? Please add Available type possible in to ADR.
Andrew Stalker commented
+1 here. Currently working with a customer to migrate patching from WSUS to SCCM. They are not currently in a position to automate scheduled installations so want to use an ADR but only make Software Updates available so individual server admins can control their own update times
I also miss this function! Then i would not need my workaround:
- ADR with required deployment to dummy collection
- add an available deployment to the software update group (created by adr)