Update Date Filtering: Skip Download / Installation of Recently Deployed Updates

In the most recent release of BatchPatch we added functionality that enables you to easily filter out recently published/approved updates during download and installation. In many environments there is a need or desire to be able to apply updates to computers only if the updates are at least X days old, where X is a value that is configured by the administrator. So, for example, it might be the case that during monthly maintenance in September the administrator desires to install all Windows Updates that were published or approved for August. And then in October the administrator would apply the updates released in September, and so on, so that the entire environment is always one month “behind” in updates that have been released. You can now do this using BatchPatch without adding any extra work.

You can see the setting called ‘Update Date Filtering’ under Tools > Settings > Windows Update in the screenshot below:

2015-09-22 15_09_41-Settings

This filter instructs BatchPatch to compare the current date to the LastDeploymentChangeTime property of each update. The LastDeploymentChangeTime property is printed as a date (yyyy-MM-dd) next to each updated listed in the BatchPatch.log file. You can see this easily in the ‘Remote Agent Log’ column when performing a check for available updates in BatchPatch. In the below screenshot I’ve displayed the ‘Remote Agent Log’ column with the middle-click field viewer. For the sake of this tutorial I circled the date entries in green.

2015-09-22 15_33_50-Program Manager

Important note about LastDeploymentChangeTime:
***When updates are obtained from ‘Windows Update’ or ‘Microsoft Update,’ the LastDeploymentChangeTime property is equivalent to the date the update was published by Microsoft. However, when updates are obtained from WSUS, the LastDeploymentChangeTime property is equivalent to the date the update was approved in WSUS.***

So, when you set the ‘Update Date Filter’ value to something greater than 0, BatchPatch will only download/install updates that were published / approved at least X days ago, where X is the value that you’ve input. For example, if you set this value to 30, updates that were published / approved any time between today and 29 days ago will *not* be installed by BatchPatch. Only updates that were published / approved 30 or more days ago will be installed. Once the setting has been saved, there is nothing else special that needs to be done. You would simply initiate the regular download and/or installation of Windows Updates using one of the options on the BatchPatch ‘Actions > Windows Updates’ menu, such as “Download and install updates + reboot if required.” This action will initiate the normal download/install process on selected computers, but updates will only be installed if they were deployed/approved more than 29 days ago.

This entry was posted in Blog, General, Tutorials and tagged , . Bookmark the permalink. Both comments and trackbacks are currently closed.