Intune Automate Updates Assignment

 

How to create and configure an Automate Updates Assignment task?

Automate Updates Assignment is designed to enhance your patch management process by automating the deployment of updates for Intune-managed systems. This streamlines the entire process of keeping applications up-to-date, reducing manual effort and ensuring that your systems are consistently protected with the latest patches.

Benefits of Automate Updates Assignment:

  • Streamlined Patch Management: Automatically deploy updates to all or selected applications, saving time and reducing the risk of oversight.
  • Customizable Deployment: Choose from options such as updating specific applications, all installed applications, or all except selected ones, tailoring updates to your organizational needs.
  • Efficient Assignment: Define target device groups and assignment settings to precisely control which device groups receive which updates, enhancing your deployment strategy.
  • Automatic Handling of New Updates: Newly released updates are automatically published and assigned to the relevant task assignment groups, ensuring your systems stay current with minimal manual intervention.

Prerequisites

Verify that you have the permissions listed on this page and ensure you also have the following necessary permissions for the Automate Updates Assignment task:

  • Directory.Read.All
  • Group.Read.All
  • AuditLog.Read.All
  • GroupMember.Read.All

Steps to Create an Automate Updates Assignment task:

  1. Open the PCP Console: Navigate to the Intune Tab and select Automate Updates Assignment task, then click Create New Task.
  2. Provide Task Details:
    - Enter a name for the task.
    - Choose the severity level of the patch.
  3. Select the Applications for Automate Updates Assignment task:
    - Update Specific Applications: Deploy the patch only to selected applications.
    - Update All Installed Applications: Deploy the patch to all Intune-managed applications.
    - Update All Installed Applications Except: Deploy the patch to all applications except those specified.
  4. Deployment Template (if needed): If you require a deployment template for the selected application, choose it and click Next.
  5. Configure Assignment Settings:
    - Select the target Device group for the deployment.
    - Choose the Group mode: Include or Exclude.
  6. Define the Assignment settings to specify the target.
  7. Save the Assignment Settings:
    - Save the settings. Optionally, select the Device group for devices available for enrollment and save this setting as well.
  8. Verify Task Creation:
    - The task will be created and listed in the Automate Updates Assignment task view.
    - Select the task to review the Summary of Assignment settings and applicable patches.

Summary View

Patch View

Note:

  • Once created, assignment groups are automatically linked to already published updates. Patches that are not yet published will be automatically published and assigned to the relevant groups.
  • New updates will be automatically published and assigned to the corresponding task assignment groups during each PatchDB sync.

    • In case if this problem continues, kindly contact support