Automate 12 includes a fully featured Patch Manager for scheduling the deployment of Microsoft Windows Patches. While it can be complicated at first, we’ve put together a few tips so that you can get the most out of the Patch Manager.
The priority of a group is determined by its position in the list. The group at the bottom of the list has the highest priority, while the group at the top has the lowest. You can move groups by highlighting one and click the up/down arrow buttons to move it.
Adding and Removing Groups
When upgrading to the Patch Manger, many of the older groups from the previous patching system were imported in. These groups, and any other unused groups, can be removed. Click the Group Actions icon and choose Remove Group.
Deferring Windows 10 Feature and Quality Updates
With Patch 3, Automate has introduces options to defer Windows 10 feature and quality updates. Updates can be deferred for up to 365 days. You can also adjust the service branch that Windows 10 machines are in.
Effective policy of a machine
At times, a machine may be in more than one group. If this happens, you can check the effective policy of a machine to determine which patching policies are actually being applied. To do so, click the Devices icon in the patch manager. Navigate to the machine you’d like to review and click it. In the below window, click Groups and you’ll see the “Effective Policy” line.
Automatically Approve and Deny Patches
Patches can be automatically approved and denied based on varying factors. Typically, you’ll want to automatically approve or deny a patch based on its category. Approval policies can be adjusted under Configuration > Approval Policies.