Forum Discussion

thomasdw's avatar
thomasdw
Copper Contributor
Mar 28, 2024

Automated patching AVD multi-session hosts

Hello community,

We are using Azure Automation Update Management currently to patch Azure Virtual Desktop (AVD) hosts. It's marked to retire on 31st of august 2024 and it's advised to migrate to Azure Update Manager.

Azure Update Manager however doesn't list Windows 10 or 11 as a supported OS 😞

 

When scaling the environment we don't want hosts to start patching when they are powered on once a month when there is a high demand.

 

Currently Windows Client is listed as an unsupported OS: Azure Update Manager support matrix | Microsoft Learn
Is this also the case for Windows 10/11 multisession OS?

 

Is there a preferred way to manage updates for AVD hosts, besides working with a golden image (which also needs maintenance)?

The alternative would have to be Intune. Only option than are a bunch of Windows Update For Business settings in Intune. But the logic to auto-start/stop before/after patching would have to be rebuild = step backwards Deleted.

How are you installing Windows Updates on your session hosts. Anyone in the same situation or with the same question?

 

Kind regards,

Thomas

  • thomasdw 

     

    Yes you are right that Windows 10 or 11 are not supported by Azure Update Management at the moment and we cannot see the roadmap yet

  • denis89's avatar
    denis89
    Brass Contributor
    Azure Automation Update Management didn't support Windows 10/11 either.
    But in fact I also see no other convenient way to handle the updates while scaling AVD SessionHosts and have a fixed maintenance window, so we have to migrate to it. Intune lacks so many features for us on this side.
    The new Azure Update Manager also updates Windows 10 and 11 machines even though it is not officially supported. The CMDlets to automate the update assignments seem to be buggy at the moment unfortunately.
    A downside of the new Update Manager is that if you have machines in availability sets they won't get patched parallel and it would exceed every maintenance window.
    • 22MT22's avatar
      22MT22
      Copper Contributor

      I'm also in the same position. What did you do in the end. Currently working on moving our avd hosts to intune, and I assume we will need to create a configuration profile for windows update for business. To be honest I think it's quite poor that they haven't added support for avd hosts.

       

Resources