CM Deploying 3rd Party Updates to Collections (Patch My PC)
- Katelyn Russell
- Daniel Vega
EPM created and manages the Automatic Deployment Rule (ADR) that adds the 3rd party updates provided by Patch My PC into a Software Update Group (SUG). Similar to how clients are added to a maintenance window collection, clients can be added to either the "Include" or "Exclude" device collection.
- Include collection: Clients will be included in receiving 3rd party updates.
- Exclude collection: Clients added to it do not get 3rd party updates from this SUG.Â
The cycle explained
The Patch My PC catalog is updated once per week on Sundays at 11am. On Tuesdays at 11am the ADR for "3rd Party - Include" will add any new updates to the Software Update Group. Updates will show up as 'Available' in Software Center beginning Tuesday afternoons after devices check in after 11 am. On Thursday at 11am the deadline is met and devices will install any applicable updates if the application is closed. If the application is open, the deferral schedule of prompting once per day will begin. Users can defer via the toast notification. Â The deferral period ends on Monday at 11 am and if the application is still open it will be closed and updated.
When the cycle begins anew compliance numbers will initially drop and rise throughout the week peaking on Monday after the deferral period ends.
To see a list of which 3rd party application updates are included, refer to the 3rd Party Updates List page for the list of applications.Â
How do I add clients to this collection?
There are several ways to add clients to collections.
In the Configuration Manager console, navigate to Assets and Compliance.
If it's not expanded, expand Overview, then expand Device Collections.
Continue to expand and navigate through your subscription > Software and Update Maintenance > Software Updates and select the collection that you want to add clients to.
For third party updates, select the ..."Software Updates - 3rd Party - Include" collection.
Click on the Properties icon (top right) in the Ribbon and then click on the Membership Rules tab.
Then click on the Add Rule drop down.
- Use a Direct Rule to directly add clients. (Static)
- Use a Query Rule to automatically add clients based on the created rule. (Dynamic)
- Use Include Collections to add clients from the membership of another collection.
How are these collections used to update 3rd party applications?
The membership of these collections are included in the collection where the updates are deployed. Any device you add to the membership of the "Include" collection will be included in 3rd party patching, and any devices you add to the exclude collection will be excluded from 3rd party patching.
If a device exists in both the Include and Exclude collection? The "Exclude" membership wins.
With that in mind, one could add All xxxx Clients to the Include collection, then add a direct or query rule in the Exclude collection. This reduces complication and also eliminates collection update lag versus creating other collections and excluding them.
What is the deadline behavior for these updates?
When the installation deadline is reached, a software update installation will be performed. If a restart is needed it will not be enforced so as to not interrupt the user. Restarts would apply during a maintenance window.
What happens if the application is open?
Visit the page entitled Third Party Application Updates for an example of the user experience. If the application is open when an update is ready to be installed, the user will receive a toast notification and the ability to postpone the installation up to five times, after which the application will be closed and updated.
Compliance Reports
Curious as to the compliance status of 3rd party updates for your collection? You can specifically access a compliance report for Patch My PC deployed updates here Client Software Update compliance by collection (Patch My PC)
From the Collection Name dropdown, choose your collection that ends in Software Updates - 3rd Party - Include.
Related Information
-
Page:
-
Page:
EPM is available to IT Support Organizations (ITSOs) with any endpoint management questions. If you have a question about a specific endpoint client, please reach out to your local endpoint client support organization.
Welcome to the University Wiki Service! Please use your IID (yourEID@eid.utexas.edu) when prompted for your email address during login or click here to enter your EID. If you are experiencing any issues loading content on pages, please try these steps to clear your browser cache.