Video Screencast Help

{CWoC} PatchAutomation and ZeroDayPatch builds for 7.5 SP1

Created: 16 Jun 2014 • Updated: 17 Feb 2015 | 11 comments
Ludovic Ferre's picture
+3 3 Votes
Login to vote

Update! Version 10 is out now, and both new builds are attached here

Version 10 brings about a major change in the tool: it no longer requires the Altiris.PatchManagementCore.Web.dll to work. This means the tool is completely standalone and can run from any folders.

Note that the builds are at version 10, but there are no feature changes from version 9 so all the existing documentation related (and updated) to both tool still apply:

{CWoC} ZeroDayPatch: Patch Automation Tool for PMS 7.1 SP2

{CWoC} PatchAutomation - Automated patching with Full Test Life-cycle

Deprecation notice! Please note that the information below is kept for information only. But as stated above Version 10 of the utilities are no longer tied to the Altiris.PatchManagementCore.Web.dll.

###############################

Important note! In order to use the new version of ZeroDayPatch and PatchAutomation you _need_ to keep (or get) the Altiris.PatchManagementCore.Web.dll version 7.5.1597 from your "Patch Management\Core" installation folder under "Web\bin" into your running folder.

With the release of 7.5 SP1 Zero Day Patch and its parent tool Patch Automation stopped working with error:

Error message=Method not found: 'Altiris.Common.GuidCollection Altiris.PatchManagementCore.Policies.SoftwareUpdateAdvertismentSetPolicy.GetNonstagedUpdates(System.Collections.Generic.IList`1<System.Guid>, Boolean)'.
Inner Exception=
Stacktrace=   at Altiris.PatchManagementCore.Web.PatchWorkflowSvc.IsStaged(String bulletinGuids)
   at Symantec.CWoC.ZeroDayPatch.RunAutomation(GuidCollection bulletins)

In order to resolve this problem I created 7.5 specific code and builds that I share here today.

###############################

Comments 11 CommentsJump to latest comment

MichaelCivitillo's picture

Any documentation laying around for best practicies on implementing this? 

0
Login to vote
spulver's picture

Hi

Staging Altiris.PatchManagementCore.Web.dll version 7.5.1597 in the same directory as PatchAutomation-7.5.exe and PatchAutomation-7.5.exe.config still generates the error:

Caught exception Could not load file or assembly 'Altiris.PatchManagementCore.Web, Version=7.5.1597.0, Culture=neutral, PublicKeyToken=d516cb311cfb6e4f' or one of its dependencies. The module was expected to contain an assembly manifest.

for me. What am I doing wrong here?

0
Login to vote
Ludovic Ferre's picture

Hello spulver,

Can you let me know if you upgraded to 7.5 or directly to 7.5 SP1?

I am having a host of issues with the 7.5 SP1 codebase that are preventing the tool from working and me from continuing the devellopment of the tool...

I can get it to work with the 7.5 core dll's in the gac, but not with the new 7.5 SP1 versions...

So I am afraid that we're bqack to Workflow as a solution for patch automation.

Ludovic FERRÉ
Principal Remote Product Specialist
Symantec

0
Login to vote
spulver's picture

Hi Ludovic

This is an upgrade from 7.5 to 7.5 SP1 and I got Altiris.PatchManagementCore.Web.dll version 7.5.1597 directly from the Symantec Engineer who works with us.

Thank you

0
Login to vote
Brian Nelson's picture

Hi Ludovic,

We recently upgraded directly from 7.1 -> 7.5 SP1 and I was also having issues with PatchAutomation. My Altiris.PatchManagementCore.Web.dll is 7.5.3219.0.

After a lot of fussing, I've managed to get everything working again but it required changing the source for the PatchWorkflowSvc object from the DLL file to a Web Service Reference pointed at IIS on my NS. Maybe this is part of the "host of issues" you referred to above? I only have the codebase from 0.7.0 though. It seems your git repo is no more.

From everything I've seen, that approach seems to be 'the right way' to do it. In fact, I'm almost surprised that calling into the DLL directly ever worked in the first place. It seems that ITMS 7.5 SP1 "fixed the glitch".

Thoughts?

B

0
Login to vote
Ludovic Ferre's picture

> After a lot of fussing, I've managed to get everything working again but it required changing the source for the PatchWorkflowSvc object from the DLL file to a Web Service Reference pointed at IIS on my NS. Maybe this is part of the "host of issues" you referred to above?

Yes, this was one of my issues. I got it working using the 7.1 DLL from Patch, which can be found lying around here on Connect (I can't remember where it came from nor where it is but I think it was reachable via Google).

> I only have the codebase from 0.7.0 though. It seems your git repo is no more.

I switched to github. And keep a low profile. But being smart as you are I'm sure you'll find my repo in no time ;-).

> From everything I've seen, that approach seems to be 'the right way' to do it. In fact, I'm almost surprised that calling into the DLL directly ever worked in the first place. It seems that ITMS 7.5 SP1 "fixed the glitch".

I'm not sure I can agree with that. The way it should have worked in the first place is that the ASDK would take care of providing an abstraction for the Patch code. I very much dislike web-services when all you are doing is running code on the server (I don't call my wife on her mobile when we are eating diner and I'd like her to hand me the salt) but I'm glade you got it working.

> Thoughts?

My additional thought are, pick up the currwent version, build it and I'll be ever so gratful. I must admit that I got rid of my lab and most of the windows machine. I'm currently running very lean (2 debian systems) and mean, and I'm planning some fun stuff for this winter (with the aim to get a good grip on Google AppEngine and its Datastore).

But this will be another story :D that you most likely should be able to follow on here Connect.

Ludovic FERRÉ
Principal Remote Product Specialist
Symantec

+1
Login to vote
Ludovic Ferre's picture

Version 10 is out today for 7.1 and 7.5, whilst the 7.6 download is in the Connect publishing workflow now as well as a new utility: PatchExclusion (which helps handling the content of the exclusion table - also in the Connect publishing workflow):

Standard documentation and 7.1 builds:

7.5 Gold build (no longer supported)

7.5 SP1 builds:

7.6 Gold builds:

Patch Exclusion (7.1, 7.5 and 7.6 builds):

Enjoy, and let me know if you encounter any issue _and_ if all goes well (I'm not averse to good news ;)

Ludovic FERRÉ
Principal Remote Product Specialist
Symantec

0
Login to vote
vikod's picture

Hi Ludovic,

Been wanting to implement this in my environment after using the fantastic "Patch Trending" tool - so pulled my socks up to kick start...

I'm starting with this  - http://www.symantec.com/connect/videos/workflow-template-zero-day-patch

followed the video and downloaded the attached file - but i'm confused with the files attached in this article...should i first do a base setup following the PDF/ Video tutorial and then run these V10 files?

My first time using Workflow..

Any help/ guidance is much appreciated.

Thank you,

Vikram

0
Login to vote
vikod's picture

Hi Ludovic,

Any help?

Regards,

Vikram

0
Login to vote
Ludovic Ferre's picture

Hello Vikram,

Sorry about the delays coming back to you.

This tool and the Workflow are _not_related at all, if you exclude the functionalities it provides.

This is a standlone executable that is ready to use, you need not setup a server or anything that big. Download the tool, validate that you understand it's operation in a test environment, prepare your config files and setup a SMP task to run the tool, and you're done :D.

Ludovic FERRÉ
Principal Remote Product Specialist
Symantec

0
Login to vote
skhs's picture

Is this supported methond of zero day deployment and would Symantec support would help with issues if any?

0
Login to vote