Makes sense, thanks to everyone for the help.
From: [email protected] [mailto:[email protected]] On Behalf Of Sherry Kissinger Sent: Tuesday, October 21, 2014 8:56 AM To: [email protected] Subject: Re: [mssms] Software Updates - ADR "The only way you could make it so those 10 machines don’t get MS14-058 is to not deploy the whole Oct SUG to those 10 machines or rip out MS14-058 from the Oct SUG deploy it to all 100 machines and then create a specific MS14-058 SUG and deploy it to the 90 that don’t have the problem right? " Yes, that's right. a group is a group--and based on what you the human said--deliver (if applicable) all the updates in this group. Just because you the human decided "oh, except for these 10 machines, they shouldn't get KB x, y, or z"... you'll have to break it out. On Tuesday, October 21, 2014 5:20 AM, sccmfun <[email protected]> wrote: Is there anyway (I don’t think there is) to exclude a certain update from a SUG deploying on a specific machine? So let’s say you have 100 machines in your environment and you have 7 patches for October one of them being MS14-058 in your monthly SUG and you deploy the Oct SUG to all 100 machines. You figure out that 10 of those machines out of the 100 have a problem with MS14-058. The only way you could make it so those 10 machines don’t get MS14-058 is to not deploy the whole Oct SUG to those 10 machines or rip out MS14-058 from the Oct SUG deploy it to all 100 machines and then create a specific MS14-058 SUG and deploy it to the 90 that don’t have the problem right? Thanks From: [email protected] [mailto:[email protected]] On Behalf Of Paul Winstanley Sent: Tuesday, October 21, 2014 5:49 AM To: [email protected] Subject: Re: [mssms] Software Updates - ADR I've run a similar set up in a non-prod environment and it works well. There's no need to separate out OS types as the endpoint will determine what SU is required. Create an ADR that is then pointed to a new Deployment Package every 12 months to avoid the limit. I like to keep things as simple as possible but environments scenarios may not cater for this simplicity. On Tue, Oct 21, 2014 at 10:38 AM, sccmfun <[email protected]> wrote: How do you guys structure your monthly updates? I’ve created the following ADR’s that download the patches for my OS’es, which include all the updates from way back when to now. Win7 – deployed to Win7 Collection Windows 2008 – deployed to Win 2008 Collection Windows 2012 – deployed to all Win 2012 collection All patches / All OS’es (used for overall compliance reporting but not deployed so I don’t have the 1000 update limit) I end up with 4 deployments but am struggling the best way to do ongoing monthly patching. Should I create a 5th ADR called monthly and just add all patches for all 3 OS’es into that SUG and target one collection that has all my OS’es in it (All OS collection) ? How do others do it on a monthly schedule? I also have all my machines in maintenance windows and used that to “trigger” the actual deployment time on the machines. Thanks
