Video Screencast Help
Search Video Help Close Back
to help
Not able to make it to Vision this year? Get a sampling in the Best of Vision on Demand group.

Patch Management: Start "Software Update Cycle" with MSDP

Created: 07 Feb 2011 | 4 comments
darkblue's picture
darkblue
4 Agree
0 Disagree
+4 4 Votes
Login to vote

With Patch Management Soltuion 7 on the NS should also come a built-in Task to start the "Software Update Cycle" on an Endpoint or there should be the opportunity to create a NS task using the AexPatchUtil.exe to execute the “Software Update Cycle” on a computer. It should be possible to use the task within a Managed Software Delivery Policy (together with other task and software resources.) A use case for this would be a Managed Software Delivery Policy with the following tasks and packages:

 

Update Server MSDP

  1. Task: Prepare computer for Maintenance (ex. stop service, stop database, move cluster ressources)
  2. Package: Install Service Pack 3 for Windows 2008 server
  3. Task: Restart
  4. Package: Install Symantec Endpoint Security Version 12
  5. Task: Restart
  6. Task: Install applicable Security Patches via Altiris PM
  7. Task: Restart
  8. Task: Bring computer back to production state (start services, start database, bring cluster services back)

 

BTW: It's not possible to use AexPatchUtil.exe because of the immediate response behaviour.

Idea Filed Under:
, , , , , , , ,
Group Ownership:
Endpoint Management User Group (Österreich, Schweiz, Deutschland)

Comments

FlorianUeb's picture
07
Feb
2011
0 Votes 0
Login to vote
FlorianUeb

immediate response for Patch Mgm execution in Manag Softw. Deliv

I have no Idea for an alternative Design without Packing the known Hotfixes in new software resources. We Use Patch Mgm only for Clients. If you install new Software in Policy, you may need additional an Patch Management Inventory (AeXPatchUtil.exe" /i), a Patch Mgm Filter cycle on NS-Server, an Configuration Request of the Altiris Client, that the Destination Machine know whitch Patches now are needed.

Florian Uebelacker / Alte-Leipziger Lebensversicherung a.G / Oberursel (Taunus)

darkblue's picture
07
Feb
2011
0 Votes 0
Login to vote
darkblue

We already tried to use the

We already tried to use the AexPatchUtil.exe /Xa command but unfortunatelly this command is not designed very well. As soon as you execute the command (within a task or manually) you will get a success message, also if the patches are still installing or if a patch installation failed.

Pascal.KOTTE at BECHTLE's picture
01
Mar
2011
0 Votes 0
Login to vote
Pascal.KOTTE at BECHTLE
Accredited

start /WAIT ?

use the

  • start /wait

~Pascal @ Bechtle~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF&l

darkblue's picture
23
Mar
2011
0 Votes 0
Login to vote
darkblue

Final Solution

The final solution was a script which starts the AexPatchUtil.exe /Xa command and checks (in a loop) the Agent logfile for a success message from Software Update. There is no value, registry key or anything else available to get this information.

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
270,000