Creating Patch-Rollout-Rules

Patch-Rollout-Rules are created using the New-EmdbPatchRolloutRule cmdlet.


Examples:


Hint: The execution of these examples requires a connected PowerShell drive.


When creating a new Patch-Rollout-Rule, the mandatory parameters that must be supplied, are the name and - depending on the action selected - other parameters. The default action is "Download and Assign". This implies a valid assignment target to be specified:


$MyPatchRolloutTarget = Get-EmdbGroup "emdb:\rootDSE\Managed Users & Computers\Patch Assignments"

New-EmdbPatchRolloutRule "AutoPatchAssignment" -PolicyTargets $MyPatchRolloutTarget


Patch-Rollout-Rules support the EvaluationOrder-parameter. During evaluation of the rules, the order of evaluation is an important aspect. The rule from above could therefore be created with in a more sophisticated way:


New-EmdbPatchRolloutRule "AutoPatchAssignment" -PolicyTargets $MyPatchRolloutTarget -EvaluationOrder 1


In order to create Patch-RolloutRules that apply only to specific Patch-Packages or Patch-Categories, the IncludeFilterList-parameter is used, as the following example shows:


$MyPatchRolloutTarget = Get-EmdbGroup "emdb:\rootDSE\Managed Users & Computers\Patch Assignments"

$MyPatchCategory = Get-EmdbPatchCategory "emdb:\rootDSE\Global Software Library\Patch Library\Adobe Flash"

New-EmdbPatchRolloutRule "AutoPatchAssignment" -PolicyTargets $MyPatchRolloutTarget -IncludeFilterList $MyPatchCategory