Update Management

Please take a few minutes to submit your idea or vote up an existing idea. All of the feedback you share in these forums will be monitored and reviewed by the Update Management engineering team.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Pause function for schedule of Update Management

    We need the function that it can temporarily disable the Update Management schedule.

    We would like to disable the Schedule for Update Management. However, if we want to skip the Update Job, we should delete it or manual modify the schedule date that runs periodically.
    in addition, if we delete schedule, we have to recreate it.
    There seems to be no function to disable the schedule in the Update Management console. Also, there was no such command in PowerShell

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  2. Update Management: enable creating schedules for offline VMs

    We have machines that are periodically offline, but still should be patched. Currently, Update Management does not allow us to target VMs that have been offline for more than 12h. This blocks at least 10% of our population from being scheduled.

    From an operations perspective, this does not make a lot of sense. Why not enable targeting all VMs that are registered as a HWG? You could do the 12h check with an optional override like "yes I know it has not reported for 12h or more, but I want to schedule it anyway". Of course, we would need this…

    25 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently re-evaluating a number of our timeouts. We’ll likely bump this up to 96 hours; this is enough time to account for long weekends while at the same time not keeping old potentially de-allocated machines visible in the experience.

  3. Systems that get an error when scanning via WSUS should be reported as 'not assessed' instead of 'compliant' if scan fails for x days

    When the app pool for a WSUS server is stopped or not running, and a client computer scans against it, it fails with an error. This error does not get surfaced in the AUM dashboard. Systems experiencing this error are listed as 'compliant', they should be listed as 'not assessed'.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add a compliance policy for update management allowing to define acceptable delay

    As soon as patches are available, VMs are automatically displayed as non-compliant. However, it often requires review, tests, ...

    It could be great to be able to create a policy that allows to define for each kind of update what delay before applying the upgrade is acceptable or not and associate this with "shortcuts" to help to plan upgrades according to policy.

    Example - A policy states that important security updates needs to be deployed during the next 12h
    * VMS are displayed as compliant during 12h (but something indicates that they require updates)
    * A button allows to plan…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Update Pipeline

    It would be really helpful if you could describe a pipleine in Update Management, and get the updates to flow through that pipeline.

    e.g. You have a Dev, Test and Production Environment.
    You want to keep machines up to date, but do not want to affect Production users with faulty pathes.

    If you could describe an update pipleine, saying, deploy any updates to Dev, then to test then to prod, this would ensure updates can be developed and tested against before they reach production.

    When patch tuesday arrives, these patches would be available for your 1st environment in the pipleine,…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  6. SCCM vs Update Management

    Would like to understand feature difference between SCCM and update management.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability to run scripts throughout patching

    We can run pre/post scripts, but that is not useful when patching a web farm, cluster, or complex application that needs careful handling. It would be great to have the ability to run scripts throughout patching; pre patching a node, pre/post reboot, post patching a node... this way I can start/restart services, validate functionality after patching a node, or even manage cluster nodes myself throughout a patch cycle.

    With pre/post scripts I cannot suspend/resume cluster nodes as I patch through them in a group, nor can I ensure my services are stopped/started as required by my app owners. There is…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. 1909 Feature Pack

    1909 Feature pack will not install using update management. Can this be fixed?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  9. Please list OS Names in Update Management>History. We need to work on failed patches and install patches manually.

    Please list OS Names in Update Management>History. We need to work on failed patches and install patches manually.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add the ability to global exclude patches

    Currently, the only way to exclude a patch is to exclude it on each patching schedule. Please add a way to globally exclude patches to reduce the need to change every schedule.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add ability to create a new schedule and configuration (New-AzAutomationSoftwareUpdateConfiguration) using an existing computer group query.

    I already have pre-existing computer groups (Azure and Non-Azure Machines) created and can manually create update scheduled in the portal to use group queries. However, I cannot do the same via the powershell New-AzAutomationSoftwareUpdateConfiguration cmdlet.

    Add ability to create a new schedule and configuration (New-AzAutomationSoftwareUpdateConfiguration) using an existing computer group query.

    Also, feel free to reach out to me directly.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  12. there should be stop and run options should be available in update management job

    update management- right now if we want to disable/enable or rerun the job, its not possible in azure update management provisioned jobs
    it should be available.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add a export option in the Update Management view

    It would be nice to be able to export the list that you have filtered out in the Update Management view. As it is right now, you can't take the information to another step.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email compliance reports

    Have the option to automatically schedule compliance reports to be sent via email from Update Management. This would be good to be able to do on both a generic high-level account view, encompassing all VM's, as well as on completion of a Deployment Schedule. This would be similar to how you can schedule email compliance reports with both ConfigMgr and WSUS. Our customers love using Azure Update Management, however, the lack of email reporting is an issue for many of them.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. servers with pending reboot should not show as compliant

    Don't turn a recently patched server to compliant before the server has been rebooted (after patching). the existing implementation turns a recently patched server to compliant before it's restarted and can lead a person to forget to restart the server and leaving the patches not yet applied.

    33 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable Update approval

    It would be great to have a option to approve / decline updates directly in the Update Management UI

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  18. Use Availability Set Update Domain for auto grouping

    If deploying updates to VMs that are part of an Availability Set, it would be great to be able to create one schedule for all VMs in the set, then have Update Management use the AV set Update Domain to apply updates to VMs in groups based on the Update Domain.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  19. i want this offf of my computer...i did not put on it was done remotely can anyone help me

    what is this program someone put it on my com0uter I want it and everything associated with it taken off how do I do this?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  20. Create service tag for update mangement

    Seemingly the AzureMonitor service tag contains everything needed to be able to run update management without needing to enable outbound access to the entire Internet, with the exception of eus2-jobruntimedata-prod-su1.azure-automation.net. Our security team doesn't like outbound any rules - a service tag to cover updating would be nice

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

← Previous 1 3 4 5 6 7
  • Don't see your idea?

Update Management

Categories

Feedback and Knowledge Base