Part 24 - Automatic Deployment Rules (ADR) in SCCM

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
as you know in the previous video we looked at mental software updates and we created manually software update group and then we deployed it to a collection so in this video we are going to look at automatic deployment fools so automatic deployment fools they will make life loss easier so which means we do not have to create software update groups manually all the time and deploy these groups all the time to the certain collection okay so what we are going to do today we are going to look at how we can create automatic deployment rule and then we will use this rule to deploy updates so we will have a look at this in this video hello everyone this is your sing welcome to my channel techniques solutions okay so I have locked on to technics - SEO won and this is a standalone primary site and in here we will create ADR and then we will deploy that ADR so few things that you should remember before you create your ADR and just make sure that you know that what is the end client so in my case the end client will be Windows 10 1903 and the reason why you should know that beforehand before you create your ADR because you have to make sure that the updates the products and classifications are configured for that product for that client so which is in my case it is Windows 10 1903 so to do that in the workspaces in the console so go to administration and then in the sites in the side configuration in the navigation pane extend that and then in the site's node you will see your site in my case it is a techniques main site a site code is Tek so select that and here we will click on in the ribbon configure site components and click on software update point okay so it will open a new window where we can configure products and classifications so in products here I have selected Windows 10 19:03 and later ok I'll scroll down so Windows 10 1903 and later is selected apart from that in the classifications I have selected selected critical updates definition updates and security updates okay so in the products I have also selected Windows Defender and but for this ad are the one that we are going to create in this video I'm not going to use Windows Defender as an example okay so I am just taking as an example Windows 10 version 1903 and later ok so once you're happy with the products and classification if you change anything make sure you click apply and then click on OK so I haven't changed anything so I will just cancel this one and once you are happy with the products and classification then you go to software library in the workspaces click on that and then in here we will go to software updates extend that and all software updates ok so you might have to run your sync manually or maybe you can wait for the automatic sync to occur if you have made any changes in the products or classifications okay so in this case I haven't made any change so I don't have to run the sync again because I know that the updates that I want for the adrs they are available so what I will do is to make sure that we have updates available for Windows 10 1903 so I will add criteria here so that we can filter updates just to make sure that updates are available so I will add criteria and I will add products here and then add it so here I will change it Windows 10 version 1903 and later select that and then I will click on search so it will filter updates only for Windows 10 version 1903 and later so you can see that there are many updates available here okay so I can create an ADR for Windows 10 version 1903 and later okay so to create a DRS so in software updates navigation pane in this one we have automatic deployment rules so click on that node and then here you can see that I created test EDR just to see that if it works or not in the test environment so it worked and so what we'll do is we will create a TR first and then it will create a deployment package you can see that there is a deployment package which actually linked with ADR which I created test ADR okay so that deployment package then it has updates so it will create a software group so which is here test ADR software group so this is what we are going to do so first of all we will create automatic deployment rule so right click here and then create automatic deployment and we will name it so I will name it test ATR - you can add a description if you like I will add a description windows that this ADR is for windows 1903 and later ok so here in the templates section you can pick a template if you want but I'm not going to pick any template this is a Patch Tuesday template you can do that but I won't do that so I will pick collections of each collection you want to deploy this area to so I have one collection which is techniques computers and it has it has three clients and all these three clients are Windows 10 1903 version so I will select this click OK and so here each time the rule runs and finds new updates so it will add to an existing software update group so we want to create a new software group ok so we don't want to add to an existing one we will create a new software group select that this option and enable the deployment after this rule is run yep that's fine so click on next so next one is deployment settings so you can use wake-on-lan if you want and detail level I think I will go with only success and error messages and here we have two options so I will go with the bottom one which is automatically deploy also for updates found by this rule and approve any license agreements ok so let's go on to the next page so next one is software updates so what software updates we want so we want product and also I will pick language which is English and supersede it and that's all so language is English click OK and product is Windows 10 1903 and later here it is Windows 10 version 1903 and later so superseded items no and also I will add architecture as well because I have only 64-bit clients I don't want to add 32-bit updates so architecture is 64-bit click OK and once you do that you can also preview what's available so if we click on preview so these are the updates which will be added to the rule okay so in the preview window you can preview so for example if I change architecture or if I change superceded to maybe yes and you will see that in preview I wouldn't see anything ok so it will show you what is available and what not so I will click on no click OK and in the preview you can see that these updates are available all right so I will click on close and then click on next so that's the evaluation schedule so I'll run the rule after any software update point sync so whenever the sync runs so this rule will run as well after that sync will finish so in the test lab I'm running this sync every one hour because I don't turn on these machines all the time so I just want sync to occur whenever I just turn it on for 2 hours 3 hours or any time that I use it so I'm happy with that you can change that if you like you can make another schedule if you want sir but I will stick with that run the rule after any surface update point sync and then click on next so Diploma deployment schedule client local time that's fine as soon as possible deadline is as soon as possible as well for the test lab however it depends on your production environment if you want to pick a specific time and let's click on next so here user experience so user notifications I will to display in software Center and only show notifications for computer restart so I will actually would like to see all notifications and deadline behavior software update insulation system restart if necessary so here as well suppress the system restart if you want you can select server or workstation you can configure that option so I won't pick any options so I will leave it as it is and also here we have right filter handling for Windows Embedded devices so commit changes at deadlines or tearing a maintenance window so that is fine I can go with that and also software update deployment re-evaluation after restart so if any update in this deployment requires a system restart sorry the relation will occur after restart that is fine okay so let's go ahead and the next one is alerts I'm not going to configure any alerts so let's move on so here we will create a new deployment package and we will name it test idiot to package and you can add description as well if you like and the package source so this is where it is going to save all the downloaded content downloaded updates so I will browse to my network share which is applications I think I have used this one in the previous video as well so in the updates folder I will create a new folder I will select that and here sending priority just for this video I will just make it high and click on next so before I go ahead and this is very critical very important permissions of this folder so I will quickly show you the permissions I have configured for this folder ok so this is the server attack next - TCO one where I have applications share drive so if I check the properties and let's check the permissions in permissions I will click on customize so you can see that in permissions you can see that I have added a techniques - su one so this is the system account this is computer system account I have added and I have given full control apart from that in the shear as well so I have given the computer account full access to the share as well apart from my SCCM account as well however in in that case it is going to use the computer account in the ADR cases it is going to use the computer accounts to download updates and put the updates there ok so let's go back to our ADR so I've showed you the permissions what I have on applications shared Drive which is applications here inside applications we have updates and updates Windows 10 updates 0-3 okay so let's click on next so here we will provide information about distribution points and I will add distribution point which is techniques - SEO one click on next so download location so we are going to download software updates from the internet so I'm sticking with this option and then click Next so that's an language it is English and I'm pretty happy with that download settings download software updates from the DP and deployment options as well download and install software updates from the DP ok so if the software are not available on this distribution point in current neighbor site boundary download content from Microsoft I'm not going to check it because we want the clients to download updates from the distribution point so click on next you will see summary here on this page and then we will move on to the next one where we will see the progress ok so click on next so here's the progress and it is all done and we will close this so now you see a TR - which is Windows 1903 and later so and also if we click on deployment packages you see that there is a test area to package which we just created ok so it is in progress at the moment and you will see success soon but this package at the moment doesn't have anything if you right-click and click on show members you won't see anything in here the reason being because we have to run the ADR to see that if it will get something if we run this ad R and then area - and then it will add updates to the deployment package which is test area - package alright so now what we have we have two options first option is to wait for the sync to occur and then once the sync will occur this area - will run the sink finishes or the second option is we can run it now so I would prefer it's just the lab environment I would just run it straight away so what I will do is on test EDR - I will right-click and I will run it now so right now so you have initiated an action that's fine click OK and then so in the deployment packages we will see that in test area 2 we will have more members ok so there you go we can start seeing some members here so this is the first member which has came up and also if we click on software update groups we will see a new group here which will be test idea - group ok so we will wait for it and in the meantime we can have a look at the logs so what are the logs which we should look for when we run automatic deployment rule or when automatic deployment rule runs by itself so to check logs let's go to file explorer and we will browse to the root directory of configuration manager which is local disk C and then Program Files and we have microsoft configuration manager open that and in here we have logs so open logs in here we have rule engine dot log ok so open that log so we have some information here let's have a look ok so I looked into the log it's saying updating package Tech triple 0 1 2 ok so this is the package where it is adding the content so let's have a look at the package for ad r2 so deployment packages and we have test area to package which is Tech triple 0 1 2 so you can see that it has added the content to Tek triple 0 1 2 so that rule rule dot that log actually rule in general log is very important log for the automatic deployment rules so now let's check if we have a software update groups so in software update we can see that we have test ad r2 which is available so that compliant it shows zero so now we can check deployment so in the details pane here just go to deployment and we can see that it is deployed two techniques computers so what I will do is now I will turn on PC - zero - which is here PC - zero - I have installed Windows 10 19:03 and it does not have any updates so let's see if we can see any updates in software Center on PC - zero - so I will log on to this one now okay so I have logged on to PC - OH - and I fired up software Center at the moment I do not see any updates so what I will do is I will force PC - OH - to check software updates so to do that I will go to control panel and open configuration manager so in configuration manager I will go to actions and I will run software updates to deployment evaluation and software updates scan cycle okay and on the client which is PC - 0 - we can check a log which will tell us if it actually found any updates or not so what we will do is let's just minimize software Center for now and we will open file explorer in we will go to this PC and windows in the in there in the windows folder so we will open CCM folder and in here we have a logs folder so here we have all the logs for the software center client so we will look for updates deployment log so which is here updates deployment let's just open that and here we will see that if it has found any updates for this operating system or not so currently we can see that it couldn't find any updates it says total actionable updates zero so what we will do is we can force it one more time and then maybe we will give it more time to realize that there are updates available okay so let's go to actions again and then we will run software update deployment evaluation and scan cycle we should see that it should have triggered that we are evaluating updates okay so at the moment it couldn't find anything so what I will do I will keep an eye on this and then let's see how long it takes to realize that there are updates available and it will download all these updates from our SCCM server ok so it took about like 10-15 minutes and the log tells us that it has actually picked up some updates so it is updates deployment log so we can see that it before it shows that there is no update available and total actionable update zero but then afterwards it figured out like there are updates available so now if we go to our Software Center we can see that it has picked up all these updates for that Windows 10 19:03 and it is downloading and installing all these updates ok so so this is how the ADR Zopa right so this is just an example ADR so you can create your own ADR and also you can it depends on the what type of environment production environment you have what type of end clients you have and you can create your own areas which will suit your needs in this video we had a look at how we can deploy software updates with the help of ad our automatic deployment rules if you feel like this video was informative make sure you give it a thumbs up and also show your support by subscribing to my channel and click on the bell icon to get the latest updates as well I will see you in the next video
Info
Channel: TekNex Solutions
Views: 12,046
Rating: undefined out of 5
Keywords: sccm, system center configuration manager, automatic deployment rule, windows updates, updates management, manaual updates
Id: hW4h9nfMw9w
Channel Id: undefined
Length: 20min 26sec (1226 seconds)
Published: Tue Oct 01 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.