Update Management

Please take a few minutes to submit your idea or vote up an existing idea. All of the feedback you share in these forums will be monitored and reviewed by the Update Management engineering team.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support SharePoint updates or don't attempt to apply them

    The service currently detects missing SharePoint updates and will attempt to apply them, however, this reliably fails with error code 0x80240020. This appears to be a known issue in general when installing SharePoint updates remotely, with the best practice being to install SharePoint updates manually due to the requirement to run PSConfig after installation. Further, when the updates fail, the service attempts to install the failed updates again around 40 times. These all fail, and result in a "bloated" Windows Update history of install failures.

    SharePoint updates should either be supported by this service or explicitly blacklisted so that updates…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  2. servers with pending reboot should not show as compliant

    Don't turn a recently patched server to compliant before the server has been rebooted (after patching). the existing implementation turns a recently patched server to compliant before it's restarted and can lead a person to forget to restart the server and leaving the patches not yet applied.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Patch order with dependencies

    Create patch groups that can run either parallel or dependent on other patch groups. Ensuring certain servers do no patch at the same time or are being patched in a specified order rather than parallel.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  4. Update of on premises Hyper-V and or S2D Cluster

    An Hyper-V / S2D Cluster needs an tailored mechanism for patching. Otherwise you will disrupt your on premises workload with a scheduled update management deployment.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to refresh the 'Update Management' blade.

    I cannot be sure that the window I'm looking at is up-to-date. A refresh button would give me confidence in this.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  6. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. add the possibility to approve updates

    Now, the only thing you can do is allow only ALL updates from one or more categories. We like to have more control over which updates will be installed. Basically the same as you can do in WSUS by approving or declining specific updates.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  8. View suppressed updates in portal log

    As an engineer
    I want to see which updates were not installed because they were ignored by an exclusion rule in the portal output
    So that I know why an update has not been applied

    When a list of exclusions is in place and an update has been released that will be excluded, the yum update process output does not display the updates that will not be installed. Instead it displays output like the following:

    Getting available updates...

    Discovering 'security' packages...
    Discovered 5 'security' package entries.

    List of packages to be updated:
    []

    I would expect that it would list…

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  9. Promote updates across subscriptions

    As an engineer
    I want to be able to promote updates across environments in different subscriptions
    So that I have confidence that an update does not impact my application

    We have VMs in different environment subscriptions (dev/test/prod) across difference log analytics workspaces. We would like an update to be automatically applied to the dev subscription before being applied to the test and then the prod subscription. This will allow us to have confidence that the update does not impact the VMs and the applications deployed to them.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  10. OMS Gateway as the updates repository

    Is it possible for updates to be downloaded on the OMS Gateway server and forwarded to clients?
    I do not want to use the WSUS server as a repository.
    I would like OMS Gateway server to connect directly to update.microsoft.com and download the required update itself.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support for "Optional" Update Deployment

    Azure Update Management does not currently consider updates that are flagged as "Optional" by Microsoft. When pointing clients to Windows Update or Microsoft Update, SQL Server Service Packs come in as "Optional". As such, when using Azure Update Management + Microsoft Update (NOT WSUS) the SQL Server Service Packs are not deployed. They need to be installed via another means (SCCM, manually etc.)

    Please add support for Optional Updates in Azure Update Management so we can deploy SQL SP's this way.

    This only applies to full SQL SP's and not SP Updates which are not flagged as optional in Microsoft…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure CLI for Azure Automation

    Like to automate the Onboarding VM into Azure Automation using CLI or Terraform module while provisioning the VM ..

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Update Management Solution: Installation of updates without providing time zones

    It seems to me that it will be very helpful to add the possibility to configure the installation of updates by local time on the client. ie: We have servers (on premise) that are in many time zones and I want them to be in one group and that all installs updates at the same time. This requires creating multiple groups and setting different time zones. It would be ideal to set the time, eg 3.00 am - without time zone configuration - the zone would be read from the client.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  14. Make it possible to run Update Management pre and post scripts on Hybrid Workers

    The new pre and post scripts feature for Update Management is great:
    https://azure.microsoft.com/en-us/updates/update-management-dynamic-groups-prepost/

    However, having to use wrapper/parent runbooks for running runbooks on non-Azure machines makes it tedious, especially for those not familiar with using Azure PowerShell to interact with Azure Automation.
    https://docs.microsoft.com/en-us/azure/automation/pre-post-scripts#interacting-with-non-azure-machines

    It would be very convenient and more user friendly if pre and post script could be invoked directly on Hybrid Workers, just like regular runbooks can.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add "Drivers" as an update classification.

    Drivers are automatically being pushed when "Select All" is selected for update classification. We need the option to exclude the "Drivers" classification from updates. I opened a ticket on this with Microsoft and was told to post it here.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Fix "week days" scheduling so that it sticks

    When I choose "week days" as my scheduling option, it only works for the first run of the schedule. The next scheduled date takes on the same day of the month as the first run, and when I go to edit the schedule, it has reverted to "Month days". This means I must continually check on my schedules and adjust them after each run. Please fix. Thanks.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  1 comment  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  17. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  18. Export Deployment Run Report

    It would be helpful to be able to export a deployment run report directly from the update management blade. Also, It would be helpful to have the same export function on the Update Management dashboard for multiple machines. The export from OMS/Log analytics can be used but usually needs to be manipulated to show the same story.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Reboot notification to end users

    Add a customized time for notifications of pending reboots if a reboot is needed after patches is done if a user is detected logged onto a server.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  20. List Machines with their FQDN instead of the Computername without Domain suffix

    At the Moment Computers are listed without their Domain Suffix. If you have multiple Domains/Subdomains you have no chance to know which Machine belongs to which Domain if you have naming guides, like

    contoso-dc01.michigan.contoso.com
    contoso-dc01.newyork.contoso.com

    because you will see two machines with "contoso-dc01".

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Update Management

Categories

Feedback and Knowledge Base