kabirhussein Posted October 25, 2012 Report post Posted October 25, 2012 Hi All Please let me know what is the best practise method for Window patch updates on SCCM 2012, should we do one of the following: Have saved software update groups which download patches and automatically download and deploy (every month) Manually check each window update and download and update to test Servers first (every month) or another solution which is the best method to deploy updates. Also Endpoint updates what is the best practise to deploy AV updates - every day?? many thanks Quote Share this post Link to post Share on other sites More sharing options...
narcoticmind Posted October 25, 2012 Report post Posted October 25, 2012 I'd like to hear some opinions too... so far what I've thought of: Workstations / Servers in production: One ADR and Collection for certain product, fully automated deployment (reboots also), contains only the updates NEEDED >= 1, SUPERSEDED = NO One ADR and Collection for certain product, partially automated deployment (admin or some one else has to do the reboot), contains only the updates NEEDED >=1, SUPERSEDED = NO Workstations / servers go to the correct collection based on Active Directory OU. Workstations / Servers in OSD: One ADR and collection for certain product, fully automated deployment (reboots also), contains ALL the updates for the Product in case which are not superseded (for example all Windows 7 x64 SUPERSEDED = NO) Workstations / Servers go to the correct collection by including the Build / Install collections to OSD Update collection ADRs run every month after the updates are synchronized and get deployed right away. Thought on this approach? Quote Share this post Link to post Share on other sites More sharing options...
tmiller_hockey Posted October 25, 2012 Report post Posted October 25, 2012 This is the guide I used by Brian Thorp. SCCM 2012 - Automatically Updating Systems (1).pdf Quote Share this post Link to post Share on other sites More sharing options...
narcoticmind Posted November 3, 2012 Report post Posted November 3, 2012 Still wanting to hear some opinons on my approach? Quote Share this post Link to post Share on other sites More sharing options...
Kingen Posted November 4, 2012 Report post Posted November 4, 2012 One ADR for Win7 Needed = 1, auto install, but no auto reboot. One ADR for Server Needed = 1, auto install, and auto reboot at service windows 01.00 @ saturday night's. One ADR for Server Hyper-V HOSTS, needed = 1, auto install, and auto reboot at service windows 01.00 @ Friday nights. That's how i usually set it up, works great Quote Share this post Link to post Share on other sites More sharing options...
