cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AD groups in update management (azure automation accounts)

PatrickF11
Steel Contributor

‎Aug 22 2019 04:59 AM

‎Aug 22 2019 04:59 AM

AD groups in update management (azure automation accounts)

Hi,

i think i need help regarding the Azure automation acccounts update management.
Our goal is to centraly update our on-prem Windows servers.
To achive this i installed the monitoring agent on a few test machines. (The machines appeared inside the update management already)
Now i want to create deployment schedules based on groups. (DCs, Fileserver, Database server, ...)
In the "New update deployment" blade i'm able to select "Groups to update" or "Machines to update".
When using "Groups to update" i need to have groups based on queries.
When using "Machiines to update" i've seen that i can choose "imported groups (AD/WSUS/SCCM)" from the dropdown.
I enabled the Groupsync option in my log analytics workspace already (advanced settings > computer groups > Active Directory > Import ..).

When looking back at the "Machines to update" blade i can only see 3 groups, but not the groups i would like to use. (There are two custom groups visible and the "domain computers" group)
The on-prem groups i would like to use are normal global security groups and the're synced via AADC.
So at this moment i really don't know why my prefered groups are not visible.

Any help is highly appreciated. :)

3,150 Views
0 Likes
3 Replies
Reply
3 Replies
PatrickF11

‎Sep 09 2019 12:03 AM - edited ‎Sep 09 2019 12:05 AM

‎Sep 09 2019 12:03 AM - edited ‎Sep 09 2019 12:05 AM

Re: AD groups in update management (azure automation accounts)

Even though there weren't any answers:

Things are working now. A few days later, i was able to see the groups supposed to be. :)

 

What should to be fixed is the fact, that the feature "usage of groups" is not ideally implemented. After choosing a group, saving and reopen the config you can see, that the single machines were listet, no longer the group name, which results in the fact, that newly addede machines to a group woun't appear here.

0 Likes
Reply
LoverOfMuzik

‎Mar 23 2020 11:09 AM - edited ‎Mar 23 2020 11:10 AM

‎Mar 23 2020 11:09 AM - edited ‎Mar 23 2020 11:10 AM

Re: AD groups in update management (azure automation accounts)

I am in the same spot as you are. One think I also noticed is you going to the connected workspace and run a query, you can see the imported AD group. But when you want to create and update group against it, it only allows the "Heartbeat"parameter and not the "ComputerGroup" @PatrickF11 

0 Likes
Reply
LoverOfMuzik

‎Mar 23 2020 11:26 AM

‎Mar 23 2020 11:26 AM

Re: AD groups in update management (azure automation accounts)

Try this query when creating a machine group

ComputerGroup | where GroupSource == "ActiveDirectory" and Group == "" | distinct Computer
0 Likes
Reply