Tell us your idea, suggestion, or issue with Update Management!

The possibility to "pin" a patch set for X number of days

The possibility to "pin" a patch set for X number of days, giving you the possibility of deploying and verifying the same set of patches across individual envs. In other words: same patchset on DEV servers on Monday, Test servers on Tuesday, etc. and Production on Sunday.

34 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Jo shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • ivan borghetti commented  ·   ·  Flag as inappropriate

    the selection of patches that we want to include is a good option however i think the request is different , i will put an example in Linux since i am not very experienced with Windows. Lets say i patch my dev environment today and we have 50 patches in the repo that i apply to my servers. In 2 weeks i will need to patch my prod servers however in the repo there are now 60 patches and in some cases there are also new versions for patches that i applied in dev. A good example would be a kernel versión. In this case it would be really difficult to be able to manage all those variables which today in onprem or with different tolos are managed with local repos (sccm , red hat satellite , tanium ) or with the package reléase dates , for instance , apply the packahes released from x to y only .

  • Guy Gibson commented  ·   ·  Flag as inappropriate

    We are looking for something similar. Tiues to Patch tuesday. So for example starting on the 3rd monday of the month we want to apply 7 update sets across 1 Monday night, 2 Tues, 2 Wed and 3 Thurs night. in that order.

    Recuring 3 rd (MTWTFSS) every month doesnt't work. If the month starts on a Wed, then the acutal order above will end up being 2 Wed, 2 Thur, 1 Mon, 2 Tues.

  • Seb commented  ·   ·  Flag as inappropriate

    We'd like to say: 'update the system with all packages that were available on the 1st of March, at 00:01'. In this way, we could run the update on the 5th of March for DEV, 12th of March on ACC, etcetera, but the result would be the same.

    The same functionality is for example available if you use Red Hat Satellite (or Spacewalk), but it would be much more preferable to integrate this within Azure Patch Management.

  • Javier Negro Dieste commented  ·   ·  Flag as inappropriate

    It's a bit cumbersome to have update warning and have to see that they are antivirus definition lists of the same day.
    It would be great if we could allow how many days/hours until the solution warns us of missing updates of 'definition' classification.

Feedback and Knowledge Base