Update Management

Please take a few minutes to submit your idea or vote up an existing idea. All of the feedback you share in these forums will be monitored and reviewed by the Update Management engineering team.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 3rd Party Patching

    3rd Party Patching (Adobe, Java, etc)

    64 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    triaged  ·  4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  2. servers with pending reboot should not show as compliant

    Don't turn a recently patched server to compliant before the server has been rebooted (after patching). the existing implementation turns a recently patched server to compliant before it's restarted and can lead a person to forget to restart the server and leaving the patches not yet applied.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Update Management: enable creating schedules for offline VMs

    We have machines that are periodically offline, but still should be patched. Currently, Update Management does not allow us to target VMs that have been offline for more than 12h. This blocks at least 10% of our population from being scheduled.

    From an operations perspective, this does not make a lot of sense. Why not enable targeting all VMs that are registered as a HWG? You could do the 12h check with an optional override like "yes I know it has not reported for 12h or more, but I want to schedule it anyway". Of course, we would need this…

    19 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently re-evaluating a number of our timeouts. We’ll likely bump this up to 96 hours; this is enough time to account for long weekends while at the same time not keeping old potentially de-allocated machines visible in the experience.

  4. Ability to reinstall

    Installed and configured with a workspace which is now gone, the extension is orphaned with no option to reinstall or redeploy. Error shows:

    The solution cannot be enabled on this VM because the VM already has the management agent but the workspace associated with the agent cannot be found within the subscription: {guid}

    Ability to reinstall or reconfigure to another workspace would help

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  5. cluster-aware updating

    The agent should check if all cluster nodes are up and running, befor a update is started

    16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Email when updates finish with summary or attachment of results

    Need an email notification when the deployment is complete with summary of which servers were successful/failed. I do not want an email per server.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability to deploy optional updates

    We would like the ability to push optional updates just like you can with WSUS.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add a Set-AzAutomationSoftwareUpdateConfiguration cmdlet to modify an existing Update Management configuration

    'New-' and 'Remove-' cmdlets already exist, however, currently there isn't a cmdlet to 'Set-' to modify existing configurations.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  9. Update Pipeline

    It would be really helpful if you could describe a pipleine in Update Management, and get the updates to flow through that pipeline.

    e.g. You have a Dev, Test and Production Environment.
    You want to keep machines up to date, but do not want to affect Production users with faulty pathes.

    If you could describe an update pipleine, saying, deploy any updates to Dev, then to test then to prod, this would ensure updates can be developed and tested against before they reach production.

    When patch tuesday arrives, these patches would be available for your 1st environment in the pipleine,…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. Email compliance reports

    Have the option to automatically schedule compliance reports to be sent via email from Update Management. This would be good to be able to do on both a generic high-level account view, encompassing all VM's, as well as on completion of a Deployment Schedule. This would be similar to how you can schedule email compliance reports with both ConfigMgr and WSUS. Our customers love using Azure Update Management, however, the lack of email reporting is an issue for many of them.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. Ability to run scripts throughout patching

    We can run pre/post scripts, but that is not useful when patching a web farm, cluster, or complex application that needs careful handling. It would be great to have the ability to run scripts throughout patching; pre patching a node, pre/post reboot, post patching a node... this way I can start/restart services, validate functionality after patching a node, or even manage cluster nodes myself throughout a patch cycle.

    With pre/post scripts I cannot suspend/resume cluster nodes as I patch through them in a group, nor can I ensure my services are stopped/started as required by my app owners. There is…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  12. Create service tag for update mangement

    Seemingly the AzureMonitor service tag contains everything needed to be able to run update management without needing to enable outbound access to the entire Internet, with the exception of eus2-jobruntimedata-prod-su1.azure-automation.net. Our security team doesn't like outbound any rules - a service tag to cover updating would be nice

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  13. retry option for failed server

    when a deployment fails because of one or few servers failed,, please provide an option to retry them later again. We can fix the underlying issue with the servers (like connectivity, server hang, access etc) first and then patch those individual servers to make the report success.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. Use Availability Set Update Domain for auto grouping

    If deploying updates to VMs that are part of an Availability Set, it would be great to be able to create one schedule for all VMs in the set, then have Update Management use the AV set Update Domain to apply updates to VMs in groups based on the Update Domain.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  15. Compliant/non-compliant servers tile on Dashboard

    We can pin a tile that links directly to an Automation Account's Update Management pane but it provides no useful data. It would be nice to have a server compliance dashboard tile much in the same fashion as the Intune one.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. Show number/details of Successful updates deployed

    The current update management screen for the summary of a previous update deployment only shows Failed/Not Attempted/Not Selected against the list of updates that were installed during the window.

    For reporting purposes it would be useful to have another column 'Successful' which would show the amount of times the update was installed.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  17. Ability to install updates in parallel instead of sequential

    Right now Update Management uses the WUA agent to kick off installs of updates, and I understand that can only to this sequentially per update. I would be great to leverage the SCCM agent (when possible) to kick off patching in parallel (it is possible), otherwise it will take forever to just get a few updates installed and my MW's arent long enough.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  18. Remove restrictions of maintenance window for update deployment job

    Currently, the maintenace window can't be less than 30 minutes and no more that 6 hours. Some customers would like to set the window more longer since they wonder that some update programs coundn't be deployed during the windw. It would be nice if you could remove this restriction.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  19. Support boolean parameters in pre/post scripts

    A runbook with boolean parameters cannot be set as a pre or post script in a scheduled update deployment. The UI when configuring the script has a dropdown to specify the value, but it is passed as a string ("True", "False", or ""). Ideally, it should be possible to pass these values, but failing that the UI should not present a dropdown that implies it should work.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  20. Optimizer to automatically generate deployments

    Provide a simple means to provide:
    1. Maintenance Window
    2. Dependency rules / chains (i.e. 48 hours after system in dynamic group named test, then perform deploy to group named production)
    3. Rolling updates for clustered applications
    4. Validation post-patching (could be as simple as the update agent has reported post-reboot initially) and then halt deployment of related-nodes (if it is defined as part of a cluster)

    Then allow for update manager to create deployments automatically by feeding this information into an optimizer.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

← Previous 1
  • Don't see your idea?

Update Management

Categories

Feedback and Knowledge Base