Updating Windows Servers – SCCM Patch Deadline Behaviour

Posted on Updated on

In the last few years SCCM has been introducing new features to the software update workflow to help with server update scenarios. Features such as Server Groups, maintenance windows, and Pre and Post deployment actions allow an unprecedented level of control over how and when servers are patched.

Top 10 Reasons to use SCCM for Server Updates

So what are some of the benefits of using SCCM to update servers compared to other tools like WSUS? Consider the following:

  1. Granular Deployment Control – Unlimited number of Collections based on Technology and Business requirements
  2. Automated Maintenance Windows – Patches will only deploy during scheduled maintenance windows
  3. Pre and Post Automation – Run Scripts before and after Updates (Example:  Create a VM snapshot)
  4. Restart Management – Control over Server restart behaviour
  5. Automated Deployment Rules – Automate repetitive business logic based patching scenarios based on predetermined selection criteria such as platform, product, classification etc.
  6. Update Templates – Create scenario based templates to accelerate patching and minimize errors
  7. Rich reporting – Dozens of canned reports for updates management and status as well as the option for custom reports
  8. Bandwidth management and optimization – Use local repositories and peer caching to minimize the amount of network load and accelerate deployments.  Schedule and throttle bandwidth usage based on time of day.
  9. Server Group Control – Logic based on number, percent and order of servers to be patched at any given time.  Ideal for clusters and load balanced services.
  10. Query based targeting – richer targeting based on asset inventory data

That’s a lot of control and conceptually difficult to understand. I used to love the superflows in the old SMS documentation. I’ve created a miniflow of my own to help you understand how some of the new features can be used to take better control of the server update process.

One thought on “Updating Windows Servers – SCCM Patch Deadline Behaviour

    Damien Solodow (@DSolodow) said:
    March 19, 2019 at 8:47 pm

    The box between “Install Updates” and “All Servers Patched” should probably say “Run Post-Deployment Script”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s