This scenario continues the idea of the automatically generated virtual machine, adding automatic patching and basic application deployment. All the pieces will fit together in the next post.
With this example I want to point out that you don’t necessarily have to do everything in Orchestrator. Since it relies a lot on SCCM, there is a lot of flexibility in this runbook, it’s up to you how much do you automate in Orchestrator and what it remains to be done in SCCM.
This is what I have configured in SCCM (but can be automated if wanted in Orchestraor)
- I created an empty collection named “SMEvent”
- I created a software update group that was deployed to the “SMEvent” collection
- I deployed the 7Zip application to the “SMEvent” collection.
It’s not my intention to dive into SCCM right now, but just in case bellow are my settings for the Software Updates and for the Application Deployment. Long story short, since this is a brand new VM, and not yet in use I used the “As soon as possible + “Required” + “Allow restart outside business hours” combo.
SCCM – Software Update Deployment
SCCM – Application Deployment
I started the runbook with an Initialize Data activity, where I defined the ComputerName parameter.
Add collection Rule
Next using the “Add Collection Rule” activity, we will add to the “SMEvent” collection, the computer received as a parameter .
Update Collection Membership
Now let’s update our collection, using the “Update Collection Membership” activity
Perform Client Action
We are going to use the “Perform Client Action” activity three times. First, for our newly added computer we will force the process by updating the “Machine Policy Retrieval & Evaluation Cycle”. I also modified the link to wait 5 minutes before continuing, just to be safe that the Machine Policy is executed successfully.
Next, we perform the “Software Update Scans and Deployment”
and finally the “Application Deployment Evaluation Cycle”, in my runbook named as “App Deployment”
If you were to go with the full Orchestrator automation you could just create the collection with Orchestrator, add the computer to it, deploy the updates and the applications, wait for the restart and delete the collection. As I said, it’s up to you how much automation you really need in this scenario.
Now we are getting closer to the final part: