With the release of Microsoft Endpoint Configuration Manager (formally SCCM) version 2002 came an exciting and highly-anticipated feature known as orchestration groups. Orchestration groups are an evolution of the server groups feature, allowing a greater level of control to the deployment of software updates. Orchestration groups are objects within Configuration Manager rather than a collection setting and can be any Configuration Manager client, not just servers. In version 2002, orchestration groups is a pre-release feature.
This orchestration group will contain 5 members and will use the sequence rule with both a pre-script and post-script to demonstrate those running. Not all members require the updates that will be deployed.
The deployment will not be affected by maintenance windows for this demonstration, but note that when using the sequence rule, if one member is unable to install updates due to a maintenance window, the orchestration will not progress through any other members until that member has been able to install the update/s.
From within the Assets and Compliance workspace of the Configuration Manager console, a new Orchestration Group node is visible. Right-clicking on this and selecting Create Orchestration Group (or selecting the node and clicking the option in the ribbon) results in the create orchestration group wizard appearing:
Here you can input a name and description for the orchestration group, as well as specify the timeout values. I have left the timeout values as the current default values:
The next stage is to select the members of the orchestration group (note: a client is only able to be a member of one orchestration group; if a client is already a member of another orchestration group, it will not be visible to select for this group):
The next step is to specify the orchestration rule mentioned earlier:
Once you define your desired rule and proceed, you will be presented with a stage for pre-script and a stage for post-script. Here is my example pre-script. I will use an almost identical post-script, with “pre” substituted for “post”. Take note of the return value being required upon success:
Proceeding past the script stages will present you with a familiar-looking summary screen before wizard completion:
Here is our new orchestration group, ready and waiting:
Once software updates are deployed and a member of an orchestration group has an update to install, the orchestration of the orchestration group will begin, to ensure that no updates are installed in a way that contradicts your orchestration group rules (note: if users install updates via the Software Center, orchestration will be bypassed). You can also manually trigger orchestration to begin with the Start Orchestration option:
Once orchestration has begun, you can see that the relevant orchestration group is now in progress:
Double-clicking or selecting Show Members on the orchestration group will list all members and show the progress of orchestration (states include: Idle, Waiting, In Progress, Failed and Reboot pending):
From one of the clients that did have an update to install, we can see that the pre-script and post-script ran successfully:
If for whatever reason you want to be able to re-run orchestration, you can select the member/s and choose to Reset Orchestration Group Member, which will allow orchestration to be run again:
Site server logs:
Once orchestration begins, the SMS_OrchestrationGroup.log shows some progress:
Client logs:
The usual logs relating to software updates also show the usual software updates behaviour.
As always, please keep sending suggestions, smiles and frowns to provide us with valuable feedback, which all help towards creation of great features like the one discussed in this blog post.
Paul Ivey
My CIS Tech Community Blog Posts
Senior Customer Engineer (formally PFE)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.