Complete Guide to Deploy Edge Updates using SCCM ADR

This post covers the steps to deploy updates to Microsoft Edge browser using SCCM ADR (Automatic Deployment Rule). This is the easiest way to keep your Edge browser updated on all the machines.

In this past I have published several posts on deploying updates using Configuration Manager (Including third-party updates). Some of them were focused on Automatic Deployment Rules. In my opinion, ADR’s are really powerful because they have the ability to automatically approve updates and deploy them.

Using ADR’s saves lot of your time because you create an ADR only once defining all the settings and it runs based on the schedule. Unlike the manual updates deployment where you select set of software updates is selected the ConfigMgr console and these updates are deployed to the target collection.

A very nice feature in SCCM 1910 is you can create Edge application and deploy it to your estate. However there is one thing that you need to keep in mind. The Edge application that Configuration Manager creates for you is actually a PowerShell script. This script turns off automatic updates for Edge so they can be managed with Configuration Manager.

In this post I will be covering the steps to deploy Edge updates using SCCM ADR. If you are looking to deploy Microsoft Edge using Microsoft Intune, check this post.

Prerequisites

  • First of all to create an Edge application and deploy it using Configuration Manager, refer these posts. This guide assumes that you already have the Edge browser deployed to all the machines.
  • Ensure you have installed and configured the Software Update Point role.
  • Most of all, if you don’t see Microsoft Edge updates in the console, ensure you have enabled the Updates classification under Software Update Point properties > Classifications. In addition to that under Software Update Point properties > Products, select the Microsoft Edge product for synchronization. If it’s already selected, proceed with the deployment.

In the next step, you will learn how to deploy the latest updates to Edge browser.

Create Automatic Deployment Rule for Microsoft Edge

Before you deploy Edge browser updates, create SCCM ADR (Automatic Deployment Rule) using the below steps.

  • Launch Configuration Manager console.
  • Go to Software Library > Overview > Software Updates.
  • Right click Automatic Deployment Rules and click Create Automatic Deployment Rule.
Create Automatic Deployment Rule
Create Automatic Deployment Rule

Create new Software Update Group

On the General page, specify the name for this ADR. For Template, click the drop-down and select Patch Tuesday. Next, click Browse and select the target device collection.

Every time this rule runs and finds new updates,  you may either choose add it to existing Software Update Group or create a new Software Update Group every time. Select Create a new Software Update Group. Click Next.

Specify Automatic Deployment Rule Settings
Specify Automatic Deployment Rule Settings

On the Deployment Settings page, choose the detail level as Only success and error messages. Next, select Automatically deploy all software updates found by this rule and approve any license agreements. Click Next.

Deployment Settings
Deployment Settings

Software Updates – Property Filters and Search Criteria

This section here – Software Updates is important. A subset of the filter criteria is displayed on this page, where you select and define the criteria for finding the updates for inclusion in the update deployment.

I am going to select following property filters. In your case you may alter the criteria based on your requirements.

  • Date Released or Revised – Last 2 weeks (14 days)
  • Product – Microsoft Edge
  • Update Classification – Updates

After you make the above selection, click Preview.

Software Updates Criteria
Software Updates Criteria

Based on the property filters and search criteria that you defined above, in the preview updates window you can see the applicable or relevant updates. Since you have specified only Microsoft Edge as the product, it lists the updates for Beta, Dev and stable channel.

Preview Microsoft Edge Updates
Preview Microsoft Edge Updates

ADR Evaluation Schedule

On the Evaluation Schedule page, you need to define when this ADR runs. I am going to select Run this rule on a schedule option. On the Custom Schedule box, select recurrence schedule to Monthly and recur every 1 month. To be more precise I want to run this SCCM ADR on every second Wednesday of the month.

We know that Patch Tuesday is always the second Tuesday of every month. It is also referred to as Update Tuesday. So let’s assume that we have a patch Tuesday updates released for Edge and we deploy the same updates the very next day.

Note – You can change this schedule and set it according to your requirements. Not every organization would want to deploy the patch Tuesday updates very next day. Since I am testing the Edge ADR Updates deployment in my SCCM lab setup, I am going to go with this configuration.

Click OK.

Evaluation Schedule
Evaluation Schedule

ADR Deployment Schedule for Edge Updates

On the Deployment Schedule page, set Time based on to Client Local Time. Choose the Software available time to As soon as possible and Installation deadline to 7 days (this is by default). However 7 days is a lot of time, so I am going to select As soon as possible. Click Next.

Updates Deployment Schedule
Updates Deployment Schedule

User Experience – Choose the settings as shown in the below screenshot and click Next.

User Experience Settings
User Experience Settings

Create Edge Updates Deployment Package

The deployment package consists of Edge updates and you must create a new deployment package. Select Create a new deployment package and specify Name and Description.

Next, specify the package source. Specify a folder to store Edge Updates. When the SCCM ADR runs, it downloads the Edge updates to this folder.

Click Next.

Create Microsoft Edge Updates Deployment package
Create Microsoft Edge Updates Deployment package

Click Add button and specify the distribution point or DP groups to host this content. Click Next.

Specify Distribution Point
Specify Distribution Point

For download location, select Download software updates from the internet. Click Next.

specify ADR download location
specify ADR download location

Click Next.

specify update languages for the product
specify update languages for the product

On the Download Settings page, click Next.

SCCM ADR Edge Updates
Software Updates Download Settings

Finally on the Summary page, verify all the details. You may save it as a Template. Click Next.

SCCM ADR Edge Updates

The SCCM ADR for Microsoft Edge updates is ready. You just need to wait for this ADR to run and deploy the Edge updates.

SCCM ADR Edge Updates

Edge Updates

When the ADR runs, it downloads the Edge updates and stores in the folder specified in Deployment Package step.

SCCM ADR Edge Updates

Monitor Edge Updates Deployments

In order to speed up the updates deployment, I altered the deployment schedule and triggered this ADR manually. As per our settings, whenever the ADR runs and downloads the updates, it puts them into new Software Update Group.

If you visit Monitoring > Overview > Deployments, you should see the new ADR deployment entry. Right click the software update deployment and click View Status.

In my case the ADR has successfully done it’s job and we can see that all the machines within that device collection show as Compliant.

Monitoring the ADR

You may go to any of the client computer and open WUAHandler.log file. When I deployed Edge browser using SCCM, I remember I deployed a stable build and the version was 79.0.309.68.

In the log file you can clearly see that new build 80.0.361.62 is deployed over the existing build. The update ID here is ddaec3b6-3757-4951-81c4-cd4117876d11.

1. Update (Missing): Microsoft Edge-Stable Channel Version 80 Update for x64 based Editions (Build 80.0.361.62) (ddaec3b6-3757-4951-81c4-cd4117876d11, 201)	WUAHandler
Async installation of updates started.	WUAHandler
Update 1 (ddaec3b6-3757-4951-81c4-cd4117876d11) finished installing (0x00000000), Reboot Required? No	WUAHandler
Async install completed.	WUAHandler
Installation of updates completed.	WUAHandler
WUAHandler.log
WUAHandler.log

You can also open the Edge browser and check the version to determine if you are running the latest build.

Check the Edge version
Check the Edge version

Now that we know the ADR has deployed the Edge browser updates, you can also find more information about this deployment by visiting the Reports section.

Go to Reports > Software UpdatesB Deployment Management. Click Management 3 – Updates in a deployment.

In the report select the deployment and you will find more details about the updates in this deployment. Note that only Stable channel updates were deployed to 4 of my computers. And for rest for the builds, it is listed as Not Required.

SCCM ADR Edge Updates

Related Posts
guest
2 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Muthaiah

Thanks. you are doing great job..

Martin

Do you need to set any additional settings via the Edge GPOs for this?

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More