Using System Update

Using System Update

This feature allows Org Admins, IT Admins and MSP Admins to centrally manage Windows BIOS, drivers and firmware updates on any Lenovo Windows device. Updates are checked when new devices are claimed and licensed, and on-demand from the System Update page by clicking on the Check for updates link.

Available updates can be deployed remotely at any time on one or more devices and on groups of devices. End users can accept or deny updates requiring reboot based on the deferral configuration set on LDM.
All System Update installations are tracked through the System Update Status Report.
Notes
This feature requires either a Pro or a Premium license and a special add-in service on the device to check for updates from the Lenovo repository. Most Lenovo devices are automatically preloaded with this service but if it was removed or your custom preload does not include it, LDM can automatically install it during provisioning. To enable automatic validation for the service, go to Policy Management/Organization Settings/Features/System Update Preferences

Troubleshooting

To enable System Update to seamlessly push BIOS updates to devices without requiring a Supervisor Password, the following BIOS settings are required on the device. These settings are pre-configured by default in the correct state for remote updates. However, if these values have not been manually modified on the target device, they will need to be adjusted back to the following:

MODEL            BIOS SETTING
ThinkPad          Flash BIOS Updating by End-Users = Enable
ThinkCentre     Require SVP when Flashing = No
ThinkStation    Require Admin. Pass. when Flashing = No

Using System Update

Navigate to App Management > System Update. 

Check for Updates
Clicking this link triggers a scan for all Pro and Premium licensed devices in the organization. Once initiated, each device begins scanning and sends any newly found updates to LDM. This process takes a few minutes.
Notes
If the option Automatically Scan only for New Updates under Policy Management > LDM Organization Settings > Feature is enabled, the Check for updates link will be disabled for 30 minutes immediately after the last automatic scan is initiated. 

Available Updates Tab

This tab displays a list of all available system updates, which can be filtered by Severity, Update Type, or Reboot Status.
Click the down arrow to expand the system update accordion and view the list of devices that have received or still require it, along with relevant device information.
The Eye icon displays detailed information about the system update. For Critical and Recommended updates, a ReadMe file is available for download, providing further details.
To deploy a system update, you may choose to deploy it immediately or schedule it for a later time. In either case, follow these steps:
  1. Select a system update.
  2. Select a device.
  3. Click Update. 
    1. A pop-up window appears with the options Deploy Now and Schedule Deployment. Select one of the options and follow the steps as explained below:
      1. Deploy Now
        1. Select this option to deploy the update immediately.
        2. Click Next. An information window appears showing information about the devices chosen for the update. You can review details such as the devices' current status and network status information.
        3. Click Submit.
      2. Schedule Deployment
        1. Select a specific date and time for deploying the update.
          This feature uses the same time range validation as App deployment. If multiple devices in different time zones are selected, the system ensures that the scheduled deployment time is set in the future for all devices.
        2. Click Next.
          An information window appears showing information about the selected devices, including the selected deployment time.
        3. Click Submit.

Updates by Devices or Groups Tab

This tab provides two different views: 

Devices
Displays all available system updates for each device. To deploy a system update:
  1. Expand the device accordion to view all packages available for that specific device.
  2. Select the checkboxes next to the system updates you want to deploy.
  3. Click Update. Repeat this process for other devices, if applicable.
  4. A pop-up window will appear with the options Deploy Now and Schedule Deployment.
  5. Choose one of these options and follow the instructions in sections i or ii.
Notes
The information window now includes details specific to each package: Package Name, Update Type, Severity, and Reboot Type. All columns are sortable.
Device Groups
Displays all available system updates for each device group. To deploy a system update:
  1. Select a device group to view all available system updates for that group.
  2. Expand the system update accordion to view the list of devices associated with that update in the selected group.
  3. Select the checkboxes next to the devices you want to update.
  4. Click Update to begin the installation.
  5. A pop-up window will appear with the options Deploy Now and Schedule Deployment.
  6. Choose one of these options and follow the instructions in sections i or ii.
Info
If the Status of a system update displays Reboot Required, it indicates that the device has deferred the reboot the maximum number of times allowed (for more information, refer to Using Policy Management. In this case, the checkboxes for all updates will be disabled.
Notes
  1. Only devices within a group that require the update will be listed.
  2. If a device is not shown in the list, be sure it is assigned a Pro or a Premium license.

Scheduled Updates Tab

This page displays all created schedules, which can be filtered, deleted, and edited. 

Filtering updates
Updates can be filtered by:  
  1. Severity
  2. Update Type 
  3. Reboot Status
Deleting a Schedule
To permanently remove a specific schedule:
  1. Select the checkbox next to the schedule you want to delete.
  2. Click Delete.
  3. Click Confirm Delete.
A confirmation message will appear, and the page will reload.

Editing Schedules
To edit a scheduled system update:
  1. Select the checkbox next to the system update(s) you want to edit.
  2. Click Edit.
  3. A pop-up window will appear, where you can modify the schedule for the selected update(s). If the update includes multiple devices in different time zones, the new schedule will follow the same rules as those applied when creating a new schedule: the system ensures that the deployment time is scheduled in the future for all devices.
  4. Click Edit.


    • Related Articles

    • Viewing System Update Status Report

      This report provides information on system updates for devices across the entire organization. System Update information will be available only if the System Update feature is enabled. To generate a report, click Reports > System Update Status. The ...

    • Viewing Software Inventory Audit Report

      This feature displays a comprehensive list of all currently installed software across devices within an organization, with their associated devices. Navigate to Reports > Software Inventory Audit. The list of software is displayed. Each entry shows ...

    • Using Lenovo Device Manager Dashboard

      Dashboard is the home page for Lenovo Device Manager and offers an at-a-glance overview of the devices in your organization. The Dashboard consists of several widgets, where each widget represents different device management categories. Clicking on ...

    • Securely Scan and Update Device Software

      Lenovo Device Manager (LDM) allows Organization Admins and IT Admins to automatically scan Windows devices for available Microsoft and 3rd party software updates. This feature allows IT Admins to securely scan the Windows devices for available ...

    • Viewing Device Information – Windows Operating System

      Once a Windows device is added to LDM, admins can view the device information and perform basic actions through the Device Tray. You can navigate to the Device Tray by following this path: Device Management > Device List > (Select the device) > ...