So a few weeks ago, Mr. Joseph Corey at Carnegie Mellon University presented on how they use ConfigMgr to keep their servers in their data centers updated and patched.  As one would imagine, they need to be able to tightly control the window of time in which these servers can be patched and rebooted in order for those updates to take effect during prescribed offhour times and therefore rely very heavily on ConfigMgr’s Maintenance Window functionality.  One issue that he ran into is that sometimes new servers may get installed into the environment but for various reasons, are not added to the proper Collections that have the maintenance windows set.  The result?  Those servers will install mandatory updates immediately at any time leading to reboots at any time as there is no Maintenance Window to enforce.  ConfigMgr does not have a concept of a default Maintenance Window.

The fix?  Create a few cleverly crafted Collections which as a result, will assign a default Maintenance Window if one has not already been assigned to that system.  The following are the details and explanation Mr. Corey gave me on how they do just that:

__________________________________________________________________________________________________________

First, you would create a collection that specifies all machines with a maintenance window set (“All Servers with a Specified Maintenance Window”). The items in red are the collection IDs of all collections with a specified maintenance window. I started to create an SCCM query that actually used the SCCM database to list all machines that were in a collection that have a maintenance windows set dynamically, but the logic is much more difficult since the collection contains the maintenance windows data, not the individual resource.  I know it’s possible – I just haven’t sat down and hashed out the SQL for this.

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name, SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where Client = 1 and ClientType = 1 and   ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH00015) or ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH00016) or ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH00017) or ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH00018)  or ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH00019)  or ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH0001A) or ResourceId in (select ResourceID from SMS_CM_RES_COLL_PGH0001F)

Next, you would create the collection below where colID is the collection ID of the above collection (“6 A.M. Maintenance Window”). This will give you a collection that contains machines without explicitly set maintenance windows.

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name, SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where Client = 1 and ClientType = 1 and   ResourceId not in (select ResourceID from SMS_CM_RES_COLL_collD**)

__________________________________________________________________________________________________________