Since many years, SCCM was able to manage Office updates and patching using different methods. SCCM CB latest version introduced loads of new ways for managing Office 365 application updates in a better way. SCCM uses the Software Update workflow to update Office 365 application update management. SCCM CB latest version has a special dashboard for Office 365 Client management. You can use this dashboard to manage your organization’s office 365 apps. In this post, we will see How to Deploy Install Office 365 Software Updates with SCCM CB ADR. More details available in the video tutorial here.
What is the High-level Workflow of O365 updates Deployment via SCCM CB?
SCCM CB Office 365 Automatic Deployment rule can create an end to end workflow. This will help us to automate Office 365 app installation and management. I have another post How to Deploy and Install Office 365 Applications via SCCM CB.
1. Office publishes Office 365 app updates metadata to Microsoft Update service
2. SCCM gets the notification about the updates from Microsoft update services via scheduled WSUS sync
3. SCCM refers to office CDN for file list and downloads required files to on-prem SCCM server share. This can be done using SCCM ADR (Automatic Deployment Rule) or normal Software update process.
4. SCCM Clients get new policy to deploy the new updates for Office 365 apps as per the scheduled deployment
What are the prerequisites to Manage Office 365 Software Updates via SCCM CB?
At high-level, there are 3 prerequisites to manage Office 365 updates/patches via SCCM CB. I assume that all the devices are already managed via SCCM CB, and all the SCCM client prerequisites are already met.
#1 and #2 – Enable Classification and Product for Office 365 Updates
To manage Office 365 updates via SCCM CB, we need to enable following classification and product. Navigate via SCCM console – \Administration\Overview\Site Configuration\Sites. Click on Settings – Configure Site Components – Software Update point component – Properties. Go to Classification tab and enable Updates.
Once updates from classification tab is enabled (to support Office 365 update), you can go to Products tab to enable “Office 365 Client“. More details available in the video tutorial here.
#3 – Enable Client Settings for Office 365 updates
To manage Office 365 updates via SCCM CB, we need to enable following settings. Navigate SCCM console via \Administration\Overview\Client Settings. Go to Client Settings – Software Updates tab – Enable Management of Office 365 Clients = YES.
How to Create Automatic Deployment Rule for Office 365 Updates?
Use Automatic Deployment Rule Wizard (from Office 365 Client Management node) to automate Office 365 application updates/patches through SCCM CB. By using ADR, you can eliminate the repetitive process to create Software Update Group, Packages, and Deployments.
You can automatically deploy software updates by adding new software updates to an update group associated with an active deployment. You can use an automatic deployment rule (ADR) to create a new deployment for complex scenarios. Be very careful before creating and implementing SCCM ADR. I would recommend to test ADR in pre prod environment before implementing this in production. Video tutorial here has end to end details about this process.
What should be the search criteria for Office 365 Updates?
Search Criteria is the brain of SCCM ADR. You should be careful while selecting the criteria to add new updates to existing Software Updates group. In this post, I added search criteria to include Monthly channel updates for last one month. The software updates that meet the specified criteria are added to the associated software update group. Following are the details of criteria which I selected.
Date Released or Revised ==> Last Month
Product ==> Office 365 Client
Title ==> Update – Monthly Channel
You can use other Office 365 updates channels as well in the criteria.
- Monthly Channel (formerly Current Channel)
- Monthly Channel (Targeted)
- Semi-Annual Channel (Differed Channel)
- Semi-Annual Targeted (formerly First Release for Deferred Channel)
Don’t forget to hit the PREVIEW button to check whether you are getting expected results of the search. More details available in the video tutorial here.
Specify the settings for the Automatic Deployment rule and to automatically deploy all software updates found and approve any license agreement.
Specify the Recurring schedule for the Office 365 Updates ADR
You can select either of the options “Run the rule after any software update point synchronization,” or you can select to run SCCM CB ADR as per your schedule.
Configure schedule details for the deployment.
In this ADR wizard, you need to confirm whether ADR rule for Office 365 App update is completed. The package is deployed to DPs, Scheduled the deployment, etc.. I selected all the default settings.
Specify the schedule deployment time :- There are 2 options to set the deployment time. The time can be client’s local time or Universal Coordinated Time (UTC). The default setting is Local client Time. More details available in the video tutorial here.
Configure Office 365 Software update available Time
Specify when software updates should be available for users in Software Center. Once this ADR rule is run, software updates will be distributed to the DP servers. Office 365 software updates are available to install as soon as possible or as per the schedule. I normally set this as ASAP so that the user can go into SCCM CB software center and run.
Installation Deadline for SCCM CB Office365 Software Updates
You can specify a deadline for required Office 365 updates in this section of ADR wizard. The deadline is determined by adding the deadline time to the installation time. When the deadline is reached, required office 365 software updates will get installed on the device. I have selected Deadline is 7 days from deployment available time. Or you can have deadline As Soon As Possible and that will help you to deploy apps at the earliest time on the device.
You have another granular option while setting up installation deadline. Delay enforcement of this deployment according to user preferences, up to the grace period defined in client settings. More details available in the video tutorial here.
User Experience behaviour of SCCM ADR for Office 365 Updates
The default user experience behaviour is Hide in Software Center and All notifications. There are loads of granularity options in setting up the deadline behaviour, Device restart behaviour, Write filter handling for Windows Embedded (IoT) devices and Software updates deployment re-evaluation behaviour upon restart. If any Office 365 software update in this deployment requires a system restart, run updates deployment evaluation cycle after the restart.
As you can see in the above picture, the office 365 updates are stuck at 50% downloading on Windows 10 machine. I couldn’t find a solution for it while writing this post. I will keep this post updated whenever I have an update on the resolution or fix for this issue.