How to Use Automatic Deployment Rules (ADRs) with Patch My PC Updates
Setting up automatic deployment rules for Patch My PC updates is simple. In the guide below, we will review the basics of ADR’s for Patch My PC updates and how you can include or exclude specific products.
Topics covered in this article:
- How to Setup an ADR for Patch My PC Specific Updates in ConfigMgr
- Each Time the Rule Runs and Finds New Updates
- Excluding or Including Specific Products in Automatic Deployment Rules
- Full List of Titles for Products in Our Update Catalog
- Removing/Filtering Specific Updates from Automatic Deployment Rules (Video Guide)
How to Setup an ADR for Patch My PC Specific Updates in ConfigMgr
If you want to create an automatic deployment rule specific to Patch My PC third-party software updates, we recommend using the following criteria.
Superseded = No
Update Classification = Critical Updates, Security Updates, Updates
Vendor = Patch My PC
If you want to include or exclude specific products in your ADR criteria, please see the section Excluding or Including Specific Products in Automatic Deployment Rules.
Note: Patch My PC uses a single vendor and product due to limitations on how many third-party categories and be published to WSUS. For more information, you can review Publishing operation failed, too many locally published categories.
One common mistake we see is when customers create a deployment package, they specify the WSUSContent folder and the deployment package source. If the WSUSContent folder is specified as the package source, ConfigMgr will automatically delete all the third-party update content published to the WSUSContent folder causing updates to fail to download into a deployment package.
Each Time the Rule Runs and Finds New Updates
A common question we get is whether to use the “Create a new Software Update Group” or “Add to an Existing Software Update Group“.
Create a new Software Update Group (SUG)
- Can assist with reporting in some cases.
- Software Update Reports commonly target a SUG. When you have a SUG for each ADR run you can get good point-in-time reporting
- The ‘release date’ of a patch can offer similar info, but if you care about the exact time a patch was deployed in your environment for the first time, creating a new SUG each time is your only option
- Each SUG will have a smaller number of updates.
- There is a limit of 1000 updates per SUG
- Generally, this is not an issue for third party updates, as you will not have this many non-superseded updates
Add to an existing Software Update Group
- Keeps count of Software Update Group’s low, one per ADR. No need to maintain SUG sprawl.
- Can make it more difficult to do a staggered rollout of updates
- If your ADR creates any deployment with a DEADLINE shorter than your ADR evaluation period, you will see some machines potentially never update.
- Example: ADR Runs and has a schedule set to daily
- Creates deployment with a deadline in the future, 7 days for example, which will be 7 days from the time the ADR runs
- ADR runs again the next day, previously created deployment now has deadline pushed out again based on settings. Machines targeted by this may never hit their deadline.
- Example: ADR Runs and has a schedule set to daily
- The key to keep in mind is the ADR will be using the same SUG, AND it will be overwriting the deployment for that SUG each run as well.
Note from Microsoft Docs: Decide whether to add software updates to a new or existing software update group. In most cases, choose to create a new software update group when the ADR runs. If the rule runs on a more aggressive schedule, you might choose to use an existing group. For example, if you run the rule daily for definition updates, then you could add the software updates to an existing software update group.
Excluding or Including Specific Products in Automatic Deployment Rules
In some scenarios, you may want to remove specific updates from an automatic deployment rule. You can use the title filter to exclude the specific update title from the ADR search criteria.
Here’s an example of an ADR that will deploy all Patch My PC updates with no filters:
Here’s how you can add a title filter if you wanted to exclude any 7-Zip update from your ADR. Title: -7-Zip
If you want to include specific products in and ADR, you can remove the – before the title filter, as shown above.
Full List of Titles for Products in Our Update Catalog
You can find a full list of the title filters to use to exclude specific products below:
8×8 Virtual Office Desktop
Adobe Acrobat DC
Adobe Acrobat Reader DC
Adobe Digital Editions
Adobe Flash Player 32-bit/64-bit ActiveX
Adobe Flash Player 32-bit/64-bit Plugin
Adobe Flash Player 32-bit/64-bit PPAPI
Adobe Shockwave Player
AdoptOpenJDK JDK with Eclipse OpenJ9
AdoptOpenJDK JDK with Hotspot
AdoptOpenJDK JRE with Eclipse OpenJ9
AdoptOpenJDK JRE with Hotspot
AirSquirrels Reflector Teacher
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Autodesk Design Review 2018
Blue Jeans Outlook Addin
Box For Office
Box Tools (Box Edit)
Cisco AnyConnect Secure Mobility Client
Cisco WebEx Meetings
Cisco Webex Productivity Tools
Cisco WebEx Teams
Citrix HDX RealTime Media Engine
Dell Command Update
Dell Display Manager
ESET Endpoint Security
ESET File Security
ESET Remote Administrator Agent
Google Drive File Stream
Google Earth Pro
K-Lite Basic Codec Pack
K-Lite Mega Codec Pack
Lenovo System Update
Mersive Solstice Client
Microsoft .NET Core Runtime
Microsoft .NET Core: Runtime & Hosting Bundle
Microsoft .NET Core SDK
Microsoft Azure CLI
Microsoft Azure Storage Explorer
Microsoft Mouse and Keyboard Center
Microsoft Power BI Desktop
Microsoft SQL Management Studio
Microsoft SQL Server Reporting Services
Microsoft Visual C++ 2015-2019 Redistributable
Microsoft Visual Studio Code
Mimecast for Outlook
Mozilla Firefox ESR
Nitro Pro Enterprise
OCZ SSD Utility
Oracle Java 6/7 (x64) to Java 8 (x64) Migration
Oracle Java 7
Oracle Java 8
Oracle Java SE Development Kit 8
Oracle MySQL Workbench
Oracle VM VirtualBox
PDF Split And Merge
Plex Media Player
R For Windows
RealVNC (VNC Server)
Remote Desktop Client for Windows Desktop
Remote Desktop Manager Enterprise
Remote Desktop Manager Free
Right Click Tools
SketchUp Make 2016
SketchUp Pro 2016
SketchUp Make 2017
SketchUp Pro 2017
Splunk Universal Forwarder
Telerik Progress TestStudio Ultimate
VLC Media Player
VMware Horizon Client
VMware Remote Console
VMware Workstation Player
Zoom Outlook Plugin
Zoom Skype for Business Plugin
Zscaler Client Connector
Removing/Filtering Specific Updates from Automatic Deployment Rules (Video Guide)
The video guide below describes how to use title filters to exclude products from ADRs with Patch My PC.