Chatta subito con l'assistenza
Chat con il supporto

KACE Systems Management Appliance 13.2 Common Documents - Administrator Guide

About the KACE Systems Management Appliance Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Maintaining device and appliance security Manage quarantined file attachments
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

Review patch schedule details

Review patch schedule details

When you configure a patching schedule, this page displays details about the schedule configuration and its status.

1.
Go to the Patch Schedule Summary page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click Patch Management.
c.
On the Patch Management panel, click Schedules.
2.
Review the contents of the Configuration section.

Option

Description

Created

The date and time the schedule is created.

Modified

The date and time the schedule is last modified.

Last Run

The date and time the schedule is last run.

Name

The name of the schedule.

Action

The action associated with the schedule:

Detect: Detects patches that are installed on, or missing from, managed devices. Detect-only actions are recommended when the Patch Download Settings are configured to download only . Running a detect-only action before the deploy creates a list of patch files to download before deployment begins.
Detect and Stage: Detects patches that are installed or missing from managed devices, and downloads patch files to the agent device for later deployment.
Detect and Deploy: Detects and deploys patches to managed devices. These types of actions are used when managing desktops and servers. Detect and Deploy patching jobs require a connection between the device and the appliance; they do not run offline. For more information about messaging protocol connections, see Configure Agent communication and log settings.
Detect, Stage and On-demand Deploy: Detects patches that are installed or missing from managed devices, downloads patch files to the agent device, and causes the Windows system tray on the agent device to alert the user that the patches are ready for deployment. The user can then initiate the deployment process at their convenience.
The Agent Status Icon On Device option must be enabled in the agent communication settings. You can find these settings on the Organization Detail page, under Communication and Agent Settings (if one or more Organization components are enabled), or on the Communication Settings page (if you do not have an Organization component). For more information, see Configure Agent communication and log settings.
Deploy: Deploys applicable patches to managed devices. This is useful when you know that specific patches need to be deployed to managed devices. A final Detect job runs either after the patch is deployed or, if a reboot is required, after the device reboots and the Agent reconnects to the appliance.
Detect and Rollback: Detects and removes unwanted patches from managed devices. Rollbacks may not be available for some patches. See Determine whether a patch can be rolled back.
Rollback: Removes unwanted patches from managed devices. Rollbacks may not be available for some patches. See Determine whether a patch can be rolled back.

Description

A brief description of the patch schedule.

Devices

This field only appears when the schedule is configured to apply to all devices.

Device Label

One or more Smart Labels associated with the devices against which the schedule runs. For more information, see Using Smart Labels for patching. This field only appears when the schedule is configured to apply to selected devices.

Device Name

One or more selected devices against which the schedule runs. This field only appears when the schedule is configured to apply to selected devices.

Patches to Detect

Detect schedules only. This field only appears when the schedule is configured to detect all patches.

Detect Label

Detect schedules only. One or more Smart Labels associated with the scheduled patches. For more information, see Using Smart Labels for patching. This field only appears when the schedule is configured to detect selected patches.

Patches to Deploy

Deploy schedules only. This field only appears when the schedule is configured to deploy all patches.

Deploy Label

Deploy schedules only. One or more Smart Labels associated with the scheduled patches. For more information, see Using Smart Labels for patching. This field only appears when the schedule is configured to deploy selected patches.

Patches to Rollback

Rollback schedules only. This field only appears when the schedule is configured to remove all patches.

Rollback Label

Rollback schedules only. One or more Smart Labels associated with the scheduled patches. For more information, see Using Smart Labels for patching. This field only appears when the schedule is configured to remove selected patches.

Alerts

Schedules without the Deploy action only. The alerts displayed to users when patch actions run:

OK: Run immediately.
Cancel: Cancel until the next scheduled run.
Snooze: Prompt the user again after the Snooze Duration.

Reboot

Schedules without the Deploy action only. The options for rebooting the managed device:

No Reboot: The device does not reboot even though a reboot might be required for the patch to take effect. This option is not recommended because deploying patches without rebooting when required can leave systems unstable. Further, patches that require reboots are only shown as deployed after the reboot.
Prompt User: Waits for the user to accept the reboot before restarting the device. If the user snoozes or cancels the reboot, patching stops until a reboot occurs. Selecting a Snooze Duration in the agent dialog box that appears on the target device pauses the reboot prompt for the specified snooze interval.
Force Reboot: Reboots as soon as a patch requiring it is deployed. Forced reboots cannot be canceled. Force Reboot works well for desktops and servers. You might not want to force reboot on laptops. Force Reboot works well with servers because they usually have no dedicated users. However, it is important to warn users that services will not be available when servers are being patched and re-booted. See Best practices for patching.

Schedule

The selected schedule details. Click View Task Schedule to see a detailed task scheduler. In the dialog box that appears, click a task to review the task details. For more information, see View task schedules.

Run on Next Connection in Offline

Indicates if the schedule runs the action the next time the managed device connects to the appliance, if the device is currently offline.

Delay Run After Reconnect

If configured, this option indicates the amount of time the schedule is delayed for. The time delay period begins when the patch action is scheduled to run.

End After

If configured, this option indicates the maximum amount of time the schedule can run for. When this time limit is reached, any patching tasks that are in progress are suspended.

3.
In the Schedule Status section, review the overall patch schedule status on any of the following tabs:

Tab

Contents

By Machine

Devices selected for patching. Each entry displays the device name, its IP address, the patching status (see Patching status definitions), patch results, and the date the patching completed. You can expand a device node to view the applicable patches. Each patch entry shows the patch ID, associated Knowledge Base article number, patch name, and the current status (Patched, Not Patched, Staged, and Detect, Stage, or Deploy Failure).

By Patch

Patches selected for detection, staging, and deployment. Each entry displays the patch ID, associated Knowledge Base article number, patch name, and the numbers of devices that are patched, not patched, and those that encountered detect or deploy failures.

Patched

Patches successfully installed on devices. Each entry displays the patch ID, associated Knowledge Base article number, and the patch name. You can expand a patch node to view the devices on which the patch is installed.

Not Patched

Patches that are not installed on devices. Each entry displays the patch ID, associated Knowledge Base article number, and the patch name. You can expand a patch node to view the devices on which the patch is to be installed.

Staged

Patches that are staged for installation. Staging refers to patch files being copied to the agent device for later deployment. Each entry displays the patch ID, associated Knowledge Base article number, and the patch name. You can expand a patch node to view the devices on which the patch is to be installed.

Detect Failures

Incomplete patches that resulted in a detection failure. Each entry displays the patch ID, associated Knowledge Base, patch name, and the associated error code (see Error codes caused by patching and scripting). You can expand a patch node to view the devices on which the failure is encountered.

Stage Failures

Incomplete patches that resulted in a staging failure. Each entry displays the patch ID, associated Knowledge Base article number, patch name, and the associated error code (see Error codes caused by patching and scripting). You can expand a patch node to view the devices on which the failure is encountered.

Deploy Failures

Incomplete patches that resulted in a deployment failure. Each entry displays the patch ID, associated Knowledge Base, patch name, and the associated error code (see Error codes caused by patching and scripting). You can expand a patch node to view the devices on which the failure is encountered.

4.
Optional. After reviewing the schedule details, you can perform any of the following actions:

Patching status definitions

Patching status definitions

A patching status indicates the state of the current task. This information appears on the Patch Schedule Summary page, in the Schedule Status section. For more information, see Review patch schedule details.

Table 31. Patching status definitions

Patching status

Definition

alerting

Alert sent to user, waiting for confirmation.

cancelled

Task cancelled by user.

cleanup

Payload files from agent not accessed since last 90 days.

completed

Task completed.

connecting

Agent reconnecting after reboot.

deploy

Patch deployment in progress.

detect

Patch detection in progress.

downloading

Patch deployment waiting for packages to download.

error

Task not completed due to time out or other error.

not scheduled

Task not yet created for this device.

predetect

Pre-detection with the Agent in progress.

reboot pending

Patches deployed, reboot required to continue.

reboot snoozed

Patches deployed, reboot required to continue. After a configured interval the end user is reminded to reboot.

rolling-back

Patch rollback in progress.

scheduled

Task scheduled and is waiting to run.

snoozed

Task snoozed, user to be reminded after the configured snooze duration.

stage

Downloading files for later deployment.

suspended

Task suspended before reaching completion.

uploading logs

Uploading pre-detection, detection, deployment, verification, or rollback logs.

verifying

Post-deployment verification detection in progress.

version check

Task checking the patch version.

waiting on-demand deploy

Task waiting for the user action to deploy the schedule.

waiting to connect

Device disconnected.

waiting to schedule

Task waiting to schedule in the Agent's time zone.

View patch status

View patch status

You can view the status of patches, including a list of the devices on which patches have been deployed.

1.
Go to the Patch Detail page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click Patch Management.
c.
On the Patch Management panel, click Catalog.
2.
Scroll down to the Deployment Status table.

View patch status by device

View patch status by device

You can view patch status for each managed device.

1.
Go to the organization Device Detail page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Dashboard.
2.
Scroll down to the Security section, then click the Patching Detect/Deploy Status link.

The list of the patches installed on the device appears.

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione