With expedited updates, you can speed the installation of quality updates like the most recent Update Tuesday release or an out-of-band security update for a zero-day flaw. If you’re using an automated script instead of the PowerShell console, you can use the PSCredential Class to automate usernames, passwords, and credentials. Once the Graph PowerShell SDK is installed and you are signed in, you’re ready to start scripting common actions in the deployment service. You'll need to sign in with an account assigned to one of the required roles to consent to the permissions specified under scopes in this command.Ĭonnect-MgGraph -Scopes "" The deployment service is currently available through the beta endpoint of the Microsoft Graph, so you’ll need to set your user profile to the appropriate API contract.įinally, use the Connect-MgGraph command to sign in. You must use version 1.6.0 or higher to use the deployment service:įrom this point on, every command will use the prefix Mg, which stands for Microsoft Graph. If you have already installed the Microsoft Graph PowerShell SDK, you can update the SDK and its dependencies using the following command.
You can install the SDK in PowerShell Core or Windows PowerShell using the following command: Once you’ve installed PowerShell, ensure that you are running the latest version of the Microsoft Graph PowerShell SDK to be able to use the deployment service’s commands. To learn how, see install PowerShell for your operating system. If you don’t already use PowerShell, your next step is to install a supported version of PowerShell. Getting started with the Microsoft Graph PowerShell SDK To learn more, see Assign Azure AD roles to users and Assign a role to an Intune user.
Devices have installed the update described in KB4023057 - Update for Windows 10 Update Service components (or newer)Īssigning user roles for delegated permissions in PowerShell.Subscription service and device prerequisites for the Windows Update for Windows Update for Business deployment service.Prerequisitesīefore getting started, the following prerequisites must be met: With PowerShell and the Windows Update for Business deployment service, you can deploy an expedited update, which overrides your default steady-state update settings and deploys the latest available updates so that your managed devices meet the minimum required Windows revision as quickly as possible. In this case, you may want to deploy this update faster than your default update ring configuration. Let's say that Microsoft releases an update addressing a a high-priority security vulnerability or a quality fix for a critical line of business application that is crucial for your organization.
Walkthrough: How to deploy an expedited quality update Now let's dive into a concrete example to demonstrate how you can leverage deployment service capabilities through PowerShell. It provides a simple way to get total control over how updates are deployed to your organization. In addition to Microsoft Graph APIs (currently in public preview), you can also use the Microsoft Graph PowerShell SDK to explore the latest functionality of the deployment service and quickly script and automate common update actions. In case you aren't yet familiar with it, the Windows Update for Business deployment service provides cloud-based control over the approval, scheduling, and safeguarding of content delivered from Windows Update-enabling you to meet your organization's update and compliance goals no matter where your devices are on the planet. Starting today, you can use PowerShell in tandem with Microsoft Graph APIs to utilize the Windows Update for Business deployment service.