Use the Update Compliance in Operations Management Suite to Monitor Windows Updates
In today’s Ask the Admin, I will show you how to configure Operations Management Suite (OMS) Update Compliance.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
Microsoft’s OMS, previously known as Azure Operational Insights, is a cloud-based platform for collecting large amounts of telemetry data from devices. It helps to provide greater insight into your environment and operations. While not a replacement for System Center Operations Manager (SCOM), it is useful where organizations would struggle to provision the necessary on-site infrastructure to store and collect the required amounts of data.
OMS is made up of different solutions, which can be added to workspaces to collect data and provide information on the workspace dashboard. The Update Compliance solution provides information on the Windows patches installed on each connected device. OMS Update Compliance is a useful companion to Windows Update for Business (WUfB) in Windows 10 because WUfB does not provide the comprehensive reporting of Windows Server Update Services (WSUS) and System Center Configuration Manager (SCCM).
The instructions that follow will show you how to set up an OMS workspace and how to set up the OMS Update Compliance solution.
Add Update Compliance to Operations Management Suite Workspace
The first step is to set up the Update Compliance solution in OMS.
- Go to the OMS website and click Sign in. Log in using your Microsoft Account.
- If you are asked to create a new OMS Workspace, click OK in the OMS window.
- Fill in the Workspace Name, Workspace Region, Name, Email, Phone Number, Company, and Country. Agree to the terms and conditions and click CREATE.
- If you already have an Azure subscription, it can be linked to your workspace. Click LINK to link the workspace to an Azure subscription or CREATE NEW to continue without linking to Azure.
- Click Solutions Gallery.
- Select the Update Compliance tile in the gallery and select Add on the details
The Update Compliance solution will now be visible in your workspace.
To enroll devices to Update Compliance, you will need a subscription ID. This is a unique number that the machines you want to enroll will use to identify your OMS tenant.
- Click Settings on the workspace dashboard to configure the Update Compliance solution.
- On the Settings page, click Connected Sources and Windows Telemetry.
- Copy the Commercial ID Key to the clipboard.
Windows uses the Commercial ID Key to identify the OMS workspace. There are two ways to configure Windows 10 with the Commercial ID Key:
- Use Group Policy to input the Commercial ID Key.
- Use Windows upgrade Deployment Script to input the Commercial ID Key.
In this example, I will use local policy. In a domain environment, the Commercial ID Key can be configured using Group Policy. For more information on working with Group Policy in an Active Directory environment, see Create and Link a Group Policy Object in Active Directory on Petri.
- Type mmc in the search box on the taskbar, right click mmc in the results, and select Run as administrator from the menu.
- In the console window, press CTRL+M to add a snap-in.
- Under Available snap-ins on the left of the Add or Remove Snap-Ins dialogue, double-click Group Policy Object Editor.
- Click Finish in the Select Group Policy Object dialogue to select the local computer.
- Click OK in the Add or Remove Snap-Ins.
- Under Local Computer Policy in the console window, navigate to Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds.
- Click Configure the Commercial ID setting in the Group Policy Editor.
- Paste the Commercial ID Key that you copied earlier into the Commercial Id field in the Configure the Commercial ID.
- Click OK.
- Close the management console.
It takes approximately 48 hours for information to appear in the OMS portal.
In this article, I showed you how to configure the Update Compliance solution in OMS and how to enroll a Windows 10 device to the OMS tenant.