5 Replies Latest reply on Feb 22, 2013 1:41 PM by adamg23

    Using a Scan Template with a specific Patch Group

    PaulFreedman Apprentice

      I'm having a few issues with trying to get this setup in my environment, Background is that we have 2 consoles, one for live and one for everything else. We have set up a patching schedule so the following week after patch tuesday we release to Dev. Week 2 we release to UAt and Week 3 Live.

       

      The problem I have is making sure we only release into Live patches that have been tested in Dev and UAT. To get around this I created a Patch group which includes every patch at that point in time, I have given this a date and then linked this to a Scan Template. My thinking behind this is that this way we will only deploy patches that are available at this point in time.

       

      The problem I am seeing though is when I scan my machine using this template the results are very strange. For example its shows every patch possible for Java6, ie JAVA6 Update 30, JAVA 6 Update 31, all the way to the latest JAVA 6 update.

       

      Whereas if I scan using the preset WUSCAN template I only see the latest! Any help would e much appreciated!!

        • 1. Re: Using a Scan Template with a specific Patch Group
          SupportEmployee

          When you use a patch group it can disable the supersedence detection for patches so that's why it may be showing the older (superseded) patches missing as well. Are you also using any custom criticality filter settings in your template, and what patch type filters are you using? Does the template include software distribution? These are all things that could have an effect on the scan results you're receiving.

          • 2. Re: Using a Scan Template with a specific Patch Group
            PaulFreedman Apprentice

            I've just made a copy of the default WUSCAN and selected my patch group. Is there no way to get superseeded patches removed?

            • 3. Re: Using a Scan Template with a specific Patch Group
              SupportEmployee

              You could just go into your patch group and remove the older patches from the patch group - that way it will only scan for the latest Java patch that is contained in your patch group.

               

              You could also look into using the Product filters rather than a patch group if you don't necessarily need to specify exact patches that you want to scan for.

              1 of 1 people found this helpful
              • 4. Re: Using a Scan Template with a specific Patch Group
                PaulFreedman Apprentice

                Yeah i may have to remove the older patches but its not just Java,theres a lot of Adobe in there as well!

                 

                Is there not a way that you can deploy patches based on the date they were released? That would be really useful so that I can ensure that I deploy patches that are the same throughout my environments??

                • 5. Re: Using a Scan Template with a specific Patch Group
                  SupportEmployee

                  There's no built in way to scan/deploy patches based on the date. The only way I think you could accomplish something like this is to run your scan first, then in the scan results sort by one of the columns; either "Patch Release Date" or "Bulletin Release Date". You would then have to CTRL+click or SHIFT+click to choose the patches you wish to deploy, then right click and choose to deploy selected patches.

                   

                  Also, in case you don't have the columns I mentioned you may need to add them in. In Protect you add add hidden columns to different views by doing a right click on one of the current column titles, then choose "column chooser".

                   

                  I hope that helps.