Considerations When Deploying Office 365 Client Updates Using ADRs in SCCM
A customer contacted me the other day because their Office 365 client updates were not released to clients in a timely fashion.
Their configuration was one Automatic Deployment Rule (ADR) for all client updates, with the following configuration:
- Date Released or Revised last 1 day
- Office 365 client updates enabled
- Evaluation schedule: Every Second Tuesday at 23:55
This is a fine setup except for the following scenarios:
- Out of band patches are not included
- Windows Defender Definitions in Configuration Manager will not be up to date as they are released more frequently
Software Updates released by Microsoft are generally released on Patch Tuesday, which occurs every Second Tuesday of each month at 10 AM Los Angeles time.
Living in Sweden, this should be around 7 PM.
Looking at the Windows Updates, we can see that all of them were released at 7 PM.
Office 365 Client Updates however, do not follow this timing, as you can see in the below picture:
The effect of the configuration was that the latest Office 365 patches were not included when the ADR was evaluated.
There are a number of ways to handle this.
- Increase the evaluation frequency of your Automatic Deployment Rule, if you are only using one to handle client updates.
- Create a separate Automatic Deployment Rule for Office 365 Client Updates.
For more information about the issues regarding timezones and ADRs, please refer to the following link: https://blogs.technet.microsoft.com/scott/2016/08/10/scheduling-software-updates-to-run-on-patch-tuesday/
Updates related to Automatic Deployment Rules in System Center Configuration Manager Technical Preview 1801: https://docs.microsoft.com/en-us/sccm/core/get-started/capabilities-in-technical-preview-1801
About the author
Daniel Classon works as a Senior Consultant at Mansoft, focusing on Microsoft Configuration Manager, Windows 10 and Powershell