Update Deployments
Update
deployments are similar to advertisements because they control the
details of actually deploying and installing updates on managed
systems. The next sections discuss creating update deployments,
deployment deadlines, and scheduling when using maintenance windows.
Creating Deployments
There are two methods to create a new deployment:
- Select a set of updates from the Update Repository, right-click them, and choose Deploy Software Updates.
- Right-click an update list and choose Deploy Software Updates.
The
only difference between the two options is that the first uses updates
you manually selected, whereas the second uses updates from a list you
preconfigured. Creating deployments
using a list is preferred because the list persists after you create
the deployment and is available for other things, in particular
reporting.
Both options launch the Deploy
Software Updates Wizard. You use the wizard to configure the details of
the deployment, which are the same as the details used to configure a
deployment template. The wizard gives you the option to use a
previously created template, in which case ConfigMgr copies all the
settings from the template to the deployment. The New Update Deployment
Wizard prompts for any settings not configured in the template.
Additionally, you can specify the following:
Start time for the deployment
Whether or not the deployment is mandatory, and a deadline time
To use Wake On LAN
To ignore maintenance windows
Similar
to update lists, deployments are replicated down a ConfigMgr hierarchy
from parent sites to their children. However, instead of being
available for use at the down-level sites, replicated deployments are
enforced where applicable. Thus, if you create and apply a deployment
at a parent site on a collection that contains systems from child
sites, the deployment is enforced by the child site. This model is
useful for centralized administration and enforcement of software
updates in an organizational hierarchy; it forces compliance with the
policy established at the top level without any intervention by
down-level administrators.
Deployment Deadlines
A
distinction between update deployments and advertisements is that
rather than provide a mandatory time for installation, update
deployments use deployment deadlines. Deployments are optionally
available to users until the specified date and time, and they are
enforced after this date and time. This is an oft-misunderstood concept
and bears restating: Updates in a deployment are not forced to install
until after the specified deadline.
Users
can manually initiate the deployment until the deadline. By default,
ConfigMgr prompts users to initiate deployments with a system tray
balloon notification, basing the notification interval on the deadline
according to Table 3.
Table 3. Default Deployment Notification Intervals
| Deadline | Notification Interval |
|---|
| More than 24 hours away | Every 3 hours |
| Less than 24 hours away | Every hour |
| Less than 1 hour away | Every 15 minutes |
You
can customize these default intervals by going to the Reminders tab of
the Computer Client Agent Properties dialog box. You get to this dialog
box by navigating to Site Database -> Site Management -> <Site Code> <Site Name>
-> Site Settings -> Client Agents in the ConfigMgr console,
right-clicking Computer Client Agent, selecting Properties from the
context menu, and then clicking the Reminders tab. Figure 8 shows an example of this tab. If necessary, you can completely suppress notifications for specific deployments.
At
the time of the deadline, the ConfigMgr agent reevaluates compliance
status of the local managed system to determine which updates are still
applicable, and then schedules installing the updates.
Deployment Packages
Analogous
to software distribution packages, deployment packages (Site Database
-> Computer Management -> Software Updates -> Deployment
Packages) are simply the collection of files needed for a defined set
of updates. You manage update packages identically to software
distribution packages—they must have a source folder and be available
to clients by installing them on distribution points.
There are two structural differences between software distribution packages and deployment packages:
Deployment packages do not have customizable programs and therefore do not have a Programs subnode in the console.
Deployment
packages contain specially formatted updates and accordingly have an
Updates subnode, where you can add and remove updates.
Although the console does not include a specific selection to create a deployment package, there are two methods to create one:
- Choose to download updates on the first page of the Update List Wizard .
- Select updates in the update repository or an update list. Then right-click and choose Download Software Updates.
The second method launches the Download Updates Wizard, displayed in Figure 9. This wizard has three main pages:
Deployment Package—
On this page, you can choose to use an existing package or create a new
one. If you create a new package, you must give it a name and specify a
source location. ConfigMgr will download the applicable files for the
chosen updates to the source location. The source location must be a
UNC (\\<servername>\<share>)
location and the current user of the ConfigMgr console must have
security credentials to access that UNC location. Additionally, the
wizard has some other pages for new package-specific information:
Distribution Points
Data Access
Distribution Settings
Note: Deployment Packages Are Not Linked
Update
lists and deployment packages are not linked to each other, and updates
added to a list are not automatically added to any update packages you
create from the list. The reverse of this is also true—updates added to
a package are not automatically added to update lists used to create
the package.
Similarly, deployments and
deployment packages are also not linked to each other. Adding updates
to a deployment package will not add them to any deployments.
Download Location— Choose to download updates from Microsoft using an Internet location or from a network location.
Language Selection—
Many updates are localized and only applicable to corresponding
localized versions of Windows. On this page of the wizard, you choose
which localized updates to download. It is a best practice to select
only the languages that exist in your environment, thus minimizing the
amount of Internet traffic to download your selected updates.
Tip: Package Source Folder
When
creating a new package, ConfigMgr creates the source folder if it does
not already exist. The user account of the current ConfigMgr console
user is used to create this folder and must have security credentials
to do so.
