PDQ Deploy automated software deployments: Part 1

Josh Mackelprang headshot
Josh Mackelprang|June 21, 2018
Generic blog header
Generic blog header

PDQ Deploy, in conjunction with PDQ Inventory, can be a powerful tool in setting up automated software deployments. When combined, the two can be configured to identify and patch many of the most common applications with pre-built packages in our Package Library. Below is how I like to setup my software deployments using PDQ Deploy's, Package Library, and PDQ Inventory's, Collection Library.

The four prominent features we're going to use to set up our automated software patching are:

  1. Auto-Download Packages

  2. Scheduled Deployments

  3. Package Library

  4. Collection Library

Building an automated software deployment

This is how I build an automated silent software deployment of 7-Zip.

First, I download the 7-Zip package from the library:

Package Library - Download Selected

While that's downloading, I create a new schedule for 7-Zip. There are a few things I like to modify, starting with the triggers. I almost always use a heartbeat trigger in conjunction with a traditional trigger on all my schedules. Both triggers help catch those laptops or machines that are shut down during my normal patching hours.

Schedule - 7-Zip Not Installed or Old

The next and probably most important part of this whole process is targeting correctly. In my schedule, I want 7-zip on all machines that have an outdated version of 7-Zip, as well as any machines that don't have it installed. So I use two Inventory collections as my targets. (7-Zip (old) and 7-Zip (not installed).

Schedule - 7 -Zip Not installed or Old - Link to

Now, I look at the 'Options' tab in the schedule definition. I make sure that scans are running after the deployment, in this case, an applications scan, because I’m pushing an application out to the machines. This scan is important when using aggressive triggers. That way I make sure I’m not needlessly deploying the same patch over and over to the same machines while waiting on typically longer inventory scan triggers

Scan After Deployment - Applications

The last thing on my list to complete our remote install of 7-Zip is to attach the 7-Zip package to the schedule from the ‘Packages’ tab, otherwise, what was the point of setting the rest of this up?

Attach Packages

Wrapping it up

I like to create a schedule for each application that I am patching. Creating a schedule gives me the most granular control of when each package goes out and how often. In part two of this blog, I’ll show you how I set up pilot groups to test application updates in my environment before rolling new patches out to everyone. Also, check out this video for best practices using the auto-download feature in PDQ Deploy.

Josh Mackelprang headshot
Josh Mackelprang

Ever since becoming the Solutions Manager at PDQ, Josh has other people do work for him, including writing this bio. We're pretty sure he eats food, has ~10+ years of IT experience, and would be quite content to never see another Intel IMS ever again. Josh is proud he maintains his CompTIA A+ certification.

Related Articles