Spent some time this afternoon writing a PowerShell script that created a Automatic Deployment Rule for ConfigMgr 2012 (SCCM). The script is using the native SCCM cmdlets and also creates a Software Update Deployment Package that the ADR is using.
The script
The script is using new CmdLets in so make sure to have the latest System Center Configuration Manager Cmdlet Library installed. The System Center Configuration Manager Cmdlet Library can be downloaded here: http://www.microsoft.com/en-us/download/details.aspx?id=46681
You can check the version number of the ConfigMgr module by running:
Get-Module -Name ConfigurationManager | Select-Object -Property Name,Version
Below is the script, would love to get your feedback on it.
Create-AutomaticDeploymentRule.ps1
<#
************************************************************************************************************************
Created: 2015-05-27
Version: 1.2
Disclaimer:
This script is provided "AS IS" with no warranties, confers no rights and
is not supported by the authors or DeploymentArtist.
Author - Johan Arwidmark
Twitter: @jarwidmark
Blog : https://deploymentresearch.com
************************************************************************************************************************
#>
Import-Module $env:SMS_ADMIN_UI_PATH.Replace("\bin\i386","\bin\configurationmanager.psd1")
$SiteCode = Get-PSDrive -PSProvider CMSITE
Set-Location "$($SiteCode.Name):\"
$Collection = "SUM Workstations Pilot"
$ADRName = "Client Updates 2015"
$SiteServer = $Env:COMPUTERNAME
$SiteServerFQDN = "$SiteServer.$Env:USERDNSDOMAIN"
$DeployPackageLocation = "\\$SiteServer\Sources\Software Updates\$ADRName"
$Products = "Windows 7","Office 2010"
$UpdateClassifications = "Critical Updates","Security Updates","Service Packs","Update Rollups","Updates"
$Severity = "Critical","Important","Moderate"
if (Get-CMDeviceCollection -Name $Collection)
{
# All good
Write-Output "$Collection collection found, continue"
}
Else
{
Write-Warning "Oupps, $Collection collection does not exist"
Break
}
# Create Software Update Deployment Package
if (Get-CMSoftwareUpdateDeploymentPackage -Name $ADRName)
{
# All good
Write-Output "$ADRName Software Update Deployment Package found, continue"
}
Else
{
Write-Warning "$ADRName Software Update Deployment Package does not exist, create it"
$NewDeploymentPackage = New-CMSoftwareUpdateDeploymentPackage -Name $ADRName -Path $DeployPackageLocation
}
# Distribute the Software Update Deployment Package
Start-CMContentDistribution -DeploymentPackageId $NewDeploymentPackage.PackageID -DistributionPointName $SiteServerFQDN
if (Get-CMSoftwareUpdateAutoDeploymentRule -Name $ADRName)
{
# All good
Write-Output "$ADRName Automatic Deployment Rule already exist"
}
Else
{
Write-Output "$ADRName Automatic Deployment Rule does not exist, create it"
$Schedule = New-CMSchedule -DayOfWeek Monday -WeekOrder Third -Start ([Datetime]"08:00")
New-CMSoftwareUpdateAutoDeploymentRule `
-CollectionName $Collection `
-DeploymentPackageName $ADRName `
-Name $ADRName `
-AddToExistingSoftwareUpdateGroup $False `
-AlertTime 4 `
-AlertTimeUnit Weeks `
-AllowRestart $True `
-AllowSoftwareInstallationOutsideMaintenanceWindow $True `
-AllowUseMeteredNetwork $True `
-AvailableImmediately $False `
-AvailableTime 7 `
-AvailableTimeUnit Days `
-BulletinId "MS" `
-DateReleasedOrRevised Last1month `
-DeadlineImmediately $True `
-DeployWithoutLicense $False `
-DisableOperationManager $True `
-DownloadFromInternet $True `
-DownloadFromMicrosoftUpdate $True `
-EnabledAfterCreate $True `
-GenerateOperationManagerAlert $True `
-GenerateSuccessAlert $True `
-Language "English" `
-LanguageSelection "English" `
-NoInstallOnRemote $False `
-NoInstallOnUnprotected $True `
-Product $Products `
-RunType RunTheRuleOnSchedule `
-Schedule $Schedule `
-SendWakeUpPacket $False `
-Severity $Severity `
-SuccessPercent 99 `
-Superseded $False `
-SuppressRestartServer $True `
-SuppressRestartWorkstation $False `
-UpdateClassification $UpdateClassifications `
-UseBranchCache $False `
-UserNotification DisplayAll `
-UseUtc $True `
-VerboseLevel AllMessages `
-WriteFilterHandling $True `
}
# Additional common parameters
#-DeadlineTime $True `
#-DeadlineTimeUnit Hours `
#-MicrosoftAsVendor $True `
#-ArticleId "100" `
#-Location $DeployPackageLocation `Note: Due to a documentation bug, or CmdLet bug, pick one, the DeployWithoutLicense is set to false. Which sets the “Automatically deploy all software updates found by this rule, and approve any license agreements”.
´
Properties from the created ADR.
Happy Deployment, Johan
Can you use this to copy an existing ADR and if so how please 🙂 thanks
Sorry, nothing I have tried
Hi Johan,
Thanks for this informative article. WHat I have been running into while setting up ADRs in GUI is the inability to use "AND" condition for search criteria i.e. if I want to exclude updates with '1709' or '1803', I cannot do it.
I was wondering if PowerShell allows for this with '-Title'
https://docs.microsoft.com/en-us/powershell/module/configurationmanager/new-cmsoftwareupdateautodeploymentrule?view=sccm-ps#-title
Type: String[]
Parameter Sets: (All)
Aliases: Titles
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Sorry, I haven't tried adding title filters with PowerShell. / Johan
Hello,
Yes, I have expanded the script with several updates … one of those adding the Title for include or exclude of a given title.
Add this to the function to create the ADR
-Title $Titles `
Define the title based on your needs … this excludes Win10 v1709 updates from being DL.
$Titles = "-Windows 10 Version 1709"
Cheers!
Roy
@RoyLiv7 (Twitter)