Sie sind auf Seite 1von 18

In this document you will see how to Create Automatic Deployment Rule in SCCM 2012 R2.

ADRs fill a large gap in software update functionality that existed in

ConfigMgr 2007, as there was no way to automatically download and assign updates. Thanks to Microsoft for introducing the ADR's which have the ability to
automatically approve updates and deploy
them. You typically use this method of deployment for your monthly software updates
(generally known as Patch Tuesday)
and for managing definition updates.
When the rule runs, software updates are removed from the software update group (if using an existing group), the software
that meet a specified criteria (for example, all security software updates released in the last week) are added to a software update group,
the content files for
the software updates are downloaded and copied to
distribution points, and the software updates are deployed to client computers in the target collection.

Create Automatic Deployment Rule In SCCM 2012 R2

To create ADR, right click on Automatic Deployment Rules under Software Library > Software Updates and click Create Automatic Deployment Rule.

Specify the name for the ADR. Choose the template, click Browse and select the target collection for update deployment. Next choose Create a new Software
Update Group.
If you choose to add to an existing update group, a new one is created the first time the ADR is evaluated and reused for each subsequent evaluation
of the ADR. If you choose to use a new update group, then a new update group is created for every evaluation of the ADR. Leave the box checked for Enable the
deployment after this rule is run. Click Next.
On the Deployment Settings page, choose the detail level as Only success and error messages. Next, choose Automatically deploy all software updates found by
this rule and approve any license agreements. Click Next.
populate an update deployment with references to updates based on a pre-defined filter similar to console filters described in All Software Updates
section. A
subset of the filter criteria is displayed on this page, where you select and define the criteria for finding the updates for inclusion in the update

I will be choosing the following property filters.

1) Date Released or revised for last 2 months.

2) Updates to be in English language.
3) Updates target Windows 7 Product.
4) Updates have to be Critical updates or Security Updates.

Click Next.
page lets you configure when you want the ADR rule to be evaluated. This is important because the ADR rule runs as per the schedule that you
configure here so
configure this carefully. For convenience, it also shows the SUP synchronization time so you can coordinate the two times. Note - It doesnt make sense to run an
ADR evaluation more frequently than the SUP synchronization time because there will be no new updates to find. You can also disable the automatic, scheduled
evaluation of an ADR, leaving it to be initiated manually. In this example I will choose to run the rule after SUP synchronization. So my rule would be run every
days when the SUP sync happens. Click Next.
Specify the schedule details for the deployment, set Time based on to UTC. Choose the Software available time to As soon as possible and Installation deadline to
7 days. I know 7 days is a lot of time, you could choose your settings here. Click Next.
User Experience - Choose the settings as shown in the below screenshot and click Next.
Alerts - I haven't configured anything here. Click Next.
Click Next.
need to specify a deployment package. Click on Browse and select the deployment package. If you have not created one then click on Create a new deployment
package. If you want to know the steps to create deployment package click this link.

What are Deployment Packages - Similar to software distribution packages, deployment packages are
simply the collection of files needed for a set of updates. They must have a source folder and be available to clients by assigning them to distribution points. There is
no way to create a deployment package from the console, you can only create one using the Deploy Software Updates Wizard or the Download Software Updates
Choose Download software updates from Internet. Click Next.
Complete the wizard. Click Close.
for sometime and on the client machine launch the software center. We see that the deployment is scheduled to run 7 days after the creation of
rule i.e. on 29th.
On the client machine we also see a software updates notification.

- I am making this change to show the updates deployment quickly. We know that updates will be deployed on 29th. Instead of waiting for next 7
days I will now
change the evaluation schedule of the ADR. Right the ADR rule and click on Properties. Click Evaluation Schedule and choose Run the rule on a schedule.
I have
set the rule to run every one hour (You need not try this on Production environment, just stick to the schedule that you had configured earlier). Click OK.
On the client machine open the software center and now we see that the updates are scheduled to install on 23rd at 1:27 PM.
At 1:28 PM we see that the status of updates were seen as Waiting to install. The updates are not being installed.
The updates have been installed and the client machine needs to a restart.
After the client computer is restarted, launch the control panel, click on Programs > Programs and Features and click on Installed Updates. You should now see the
list of updates installed on the client machine deployed via ADR.
1) Once you deploy the ADR, the status of that new deployment should be checked regularly by looking at Monitoring | Deployments.

2) Review ruleengine.log for troubleshooting purpose.