The final component of updates in Intune is set in the Policy tab, in the Configuration Policies with the “Microsoft Intune Agent Settings” template (Figure 8). Future updates will be automatic processed by the rules. After the rule is saved, use the Run Selected button to apply the rule to all currently available updates. When finished on the deployment screen, click Next and then Finish to save the rule.
MICROSOFT INTUNE MANAGE WINDOWS UPDATES UPDATE
If a restart is needed to complete the update process, Intune will force a restart without the option to restart later. When a deadline is enforced, updates will be installed as soon as the deadline passes.
MICROSOFT INTUNE MANAGE WINDOWS UPDATES INSTALL
Updates that are approved by the rule will start to download and install at the first maintenance window or user interaction with the Intune client depending on your configuration polices, which we will look at below. Setting the deadline does not control when updates will start trying to install. There are a couple points to note on this feature: At the bottom of the deployment screen you can control the deadline for computers to have the approved updates installed. On the Deployment screen (Figure 7) select and add the groups that should receive the approved updates.
Give your rule a name, and then select the Product Categories and Update Classifications that will be automatically approved. Go back to the Admin tab, select Updates from the menu list, scroll down to the Automatic Approval Rules (Figure 5), and click the New button. While you could individually review each update, Intune provides automatic approval rules, which can automatically approve updates for selected products and updates categories. Note that “As soon as possible” will set the deadline to the previous midnight and will start a required install (including a forced restart if needed) the next time each endpoint checks in with Intune. Finally, set the Approval dropdown to “Required Install” and the Deadline to your desired deadline. Select and Add the group you want to deploy the update to. Select the update to approve from the list, and then click on the Approve link above the list. You can also change the filter directly from the dropdown menu in the list view (see Figure 3).įrom the list we can approve or decline each update individually or select multiple updates that need the same approval. In Figure 2, the “3 Need additional approvals” warning is applied by the “Needing additional approvals” filter. The links will take you into the All Updates list with one of several filters applied. Each status box is also a clickable link. The Overview page (see Figure 2) gives you a quick overview of necessary maintenance tasks-for example, if available updates need approval. Make sure to click the Save button at the bottom of the page once you’re done.Īfter selecting what updates will be reviewed in Intune, go to the Updates tab. In other words if you don’t select a product or update classification you will never see those updates, but selecting just the updates you need will make sorting through updates easier. Note that this is just the gatekeeper controlling the updates that can be approved or declined later by an administrator or by an automatic approval rule. Here you set the Product Categories and Updates Classifications which Intune will check for updates. The first place to go when starting to manage updates in Intune is the updates section under the Admin tab (see Figure 1). This blog post will focus on the Windows Update capabilities for Windows PCs in Microsoft Intune, including selecting which updates are approved or declined, what updates are automatically approved, and controlling when updates need to be installed. It has a number of tools available to manage mobile devices, PCs, and applications, which can be overwhelming when you try to understand the capabilities of each different service. Evaluating the capabilities and limitations of device management solutions can be a challenge.
0 kommentar(er)
