Forum Discussion

grocadmin's avatar
grocadmin
Copper Contributor
Dec 09, 2025

Configuration Manager ADR for Windows Servers Not Deploying Updates

Hi everyone,

 

We recently deployed Configuration Manager 2503 in our environment. The environment consists of the following:

  • 1 Primary Site Server including Distribution Point role in head office,
  • 1 Distribution Point server for a field office location, and
  • 1 Site database server.

 

We followed some articles or links online to deploy the Software Update Point on the primary site server that includes the Distribution Point role. The SMS_WSUS_CONFIGURATION_MANAGER, SMS_WSUS_CONTROL_MANANGER, and SMS_WSUS_SYNC_MANAGER components show a green checkmark and OK status.

 

We followed some online articles or links to also create an Automated Deployment Rule as well. Despite creating the Automated Deployment Rules, it does not seem that updates are deploying to the targeted servers that are part of a Device Collection in Configuration Manager.

 

Please advise what we should review to remediate this issue. Thanks.

software update management

1 Reply

  • Simone_Termine's avatar
    Simone_Termine
    Copper Contributor
    Dec 16, 2025

    Hi ​@grocadmin,
    when ADRs don’t seem to deploy updates to servers, it’s usually not one big mysterious problem, but one of a few “broken links in the chain”. The chain is basically: 

    • is the ADR actually producing something?
    • are your ADR filters really matching “Windows Server” updates?
    • even if the deployment exists, is content actually available on your DPs?
    • are the servers scanning and reporting compliance?

    If you want a fast diagnosis trick: pick one recent update and do a manual deployment to a tiny test collection (1–2 servers).

    • If manual deployment works, the core infra is fine and the ADR criteria/content workflow is the issue.
    • If manual deployment fails too, then it’s boundaries/content/client scanning.

    If you can share just these 3 pieces, it becomes very easy to pinpoint:

    1. After running the ADR, does the Software Update Group contain updates or is it empty?
    2. Do you see the ADR-created deployment under Monitoring > Deployments?
    3. On one affected server, does compliance show “Required” updates or mostly “Unknown”?

    With that, we can usually identify the exact broken link without guessing.

     

Resources