Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Jo Di Piazza

My feedback

  1. 53 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Update Management » Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently reviewing enhancements around approved and time-delayed patching.

    In the interim – there are two ways to achieve your scenario “exactly same updates” in Dev & then Prod, by either manipulating the OS behavior or tweaking the AUM config:

    1. - Host the updates locally using Microsoft WSUS [https://docs.microsoft.com/azure/automation/automation-configure-windows-update#make-wsus-configuration-settings] or Reposync utility from RedHat [https://access.redhat.com/solutions/23016]or Ubuntu Landscape [https://docs.ubuntu.com/landscape/], etc. And the configure the update service or package manager of all your machines to use the local update source. In this way the updates installed when using Update Management will only be what is available in your local patch server which is running (say) WSUS or RH Reposync. And if the patch server remain unchanged in 2-3 weeks when you start update schedule for Prod, they will also fetch updates from same local patch server and have exactly same updates as your non-prod.
    1. - Use the…
    Jo Di Piazza supported this idea  · 
    An error occurred while saving the comment
    Jo Di Piazza commented  · 

    Hi all,

    We really need the ability to sanction a specific set of patches, and migrate them through our environments (Linux and Windows). Applying a 'moving target' of patches can be operational suicide. It would be a really helpful feature, and mean we wouldn't need to look at alternative solutions. Thank you.

Feedback and Knowledge Base