Automatically Add Required Patches to Pkg

On a recent ConfigMgr 2012 engagement, I was migrating a customer from using standalone WSUS to CM12 Software Updates.  They requested to have the ability at ‘bypassing’ the steps required for downloading and distributing patches.  Using CM12′s Automatic Deploy Rules (ADR), I was able to set up a process which would auto detect and distribute required patches to their organization so that they could rapidly deploy updates.  To do this:

  1. Create an “empty” collection that will NEVER contain any members
  2. If you do not have one already, create an “All Distribution Points” group with all DPs
  3. Create a new ADR in the console
  4. General page: add an appropriate name, target the EMPTY collection, and add the patches to an existing Software Updates Group
  5. Deployment Settings page: use defaults
  6. Software Updates page: add filters for
    • Product (Win7, Win8, WinXP, etc.)
    • Required (>0)
    • Superseded (No)
    • Title (-”service pack”) => using the minus before the name will exclude anything with that string in the title)
      adr1
  7. Evaluation schedule page: Run the rule after any Software Updates sync (if only doing once per day) or set to run only overnight
  8. Deployment schedule page: for safety, set both the availability and deadline for 12 months in advance
    adr2
  9. User Experience page: use defaults
  10. Download Settings page: select both options to “Do not install”
  11. Deployment Package page: create a new package or use an existing package
    adr3
  12. Distribution Points page: add your “All Distribution Points” group
  13. Complete the remainder of the wizard with your desired patch download and language preferences
  14. After completion of the ADR, run it to ensure that patches are downloaded…then you’re good to go for the future!

 

email

Written by , Posted .