Considerations when deploying Office 365 client updates using Automatic Deployment Rules in ConfigMgr
A customer contacted me the other day because their Office 365 client updates were not released to clients in a timely fashion.
Their configuration was one Automatic Deployment Rule (ADR) for all client updates, with the following configuration:
- Date Released or Revised last 1 day
- Office 365 client updates enabled
- Evaluation schedule: Every Second Tuesday at 23:55
This is a fine setup except for the following scenarios:
- Out of band patches are not included
- Windows Defender Definitions in Configuration Manager will not be up to date as they are released more frequently
Software Updates released by Microsoft are generally released on Patch Tuesday, which occurs every Second Tuesday of each month at 10 AM Los Angeles time.
Living in Sweden, this should be around 7 PM.
Looking at the Windows Updates, we can see that all of them were released at 7 PM.
Office 365 Client Updates however, do not follow this timing, as you can see in the below picture:
The effect of the configuration was that the latest Office 365 patches were not included when the ADR was evaluated.
There are a number of ways to handle this.
- Increase the evaluation frequency of your Automatic Deployment Rule, if you are only using one to handle client updates.
- Create a separate Automatic Deployment Rule for Office 365 Client Updates.
For more information about the issues regarding timezones and ADRs, please refer to the following link: https://blogs.technet.microsoft.com/scott/2016/08/10/scheduling-software-updates-to-run-on-patch-tuesday/
Updates related to Automatic Deployment Rules in System Center Configuration Manager Technical Preview 1801: https://docs.microsoft.com/en-us/sccm/core/get-started/capabilities-in-technical-preview-1801
About the author
Daniel Classon works as a Senior Consultant at Mansoft, focusing on Microsoft Configuration Manager, Windows 10 and Powershell
- How to install .NET Framework 3.5 on Windows Server 2012, Windows Server 2016 and Windows 10 966,050 views
- Issue with mounting new ISO files from TechNet in Windows 8 and Windows 8.1 Preview 63,837 views
- 2 steps to solving SCCM deployment error “sending with winhttp failed; 80072ee7” in Windows PE 31,550 views
- Powershell: Script to set Outlook 2010/2013 signature using information populated from Active Directory 32,098 views
- How to get PXE to work in Hyper-V for Legacy Boot 108,236 views
- How to force specific sites to always run in Compatibility View using Group Policy 143,821 views
- How to change between a Full Installation (GUI) and Server Core in Windows Server 2012 64,082 views
- How to solve WDS issue with DHCP port conflict 12,114 views
- Hyper-V: Issue when starting virtual machine from downloaded ISO file 7,471 views
- Command to check Bitlocker status in Windows 10 119,067 views