How to use Patch Manager to deploy a LANDESK Service Update

Version 10

    Verified Product Versions

    LANDESK Management Suite 9.6LANDESK Management Suite 2016.xLANDESK Endpoint Manager 2017.x

    Scenario

     

    As needed LANDESK Software will release a Service Pack to add new features to the product or resolve defects that have been discovered.
    As part of the Service Pack release a vulnerability definition will be included that will allow LANDESK Patch and Compliance Manager to detect and repair your Management Suite Consoles and Clients.

     

    Instructions

     

    Important Note: The Service Pack must be manually installed on the Core Server prior to following the instructions below.


    It is necessary to download LANDESK Updates content within Patch Manager, to obtain the newest product definitions.

     

    Ensure that LANDESK 9.6 SPx Software updates is selected in the Download Updates tool within Patch and Compliance Manager

     

    1. Click on the Download Updates button within Patch and Compliance Manager.
      2015-06-09_10-34-53.png
    2. Ensure that Windows | Software Updates | LANDESK 9.6 SPx, 2016.x or 2017.x Software Updates in the Definition Types column on the left is selected.
    3. Click Schedule Download and schedule the download to take place immediately or at a future time if so desired.

     

    Creating a Security Scan task to detect the need to install the Service Pack:

    1. From a LANDESK Management Suite Console select Tools | Security and Compliance | Agent Settings.
    2. Expand My Settings or Public Settings as desired.
    3. Right click on Distribution and Patch and select New
    4. From the Distribution and Patch Settings screen change the Name to "LANDESK Updates only".
      1. From the Menu on the left select Patch Only Settings | Scan Options
      2. Ensure sure that only LANDESK Updates is selected.
    5. Click Save.
    6. Click the Create a Task Icon (second icon from left on Agent Settings toolbar) and select Security Scan.
    7. From the Create security scan task screen.
      1. Change the Task Name to "Scan for LANDESK Updates".
      2. Under Task type check Push, Policy, or Policy Supported Push as desired.
      3. Under Distribution and Patch Settings select LANDESK Updates only.
      4. Click Save
    8. This creates a scheduled task called Scan for LANDESK Updates.
    9. Add computers from network view by doing one of the following.
      1. Drag and drop the computers into the task.
      2. Copy and paste the computers into the task.
      3. Create a Query representing the computers you with to scan and Drag the Query onto the task.
    10. Once you have populated the task with computers Right Click on the task and hover over Start Now click All Devices.
    11. The time for this task to complete will depend on the number of computers that have been added to the task.


    Creating a Repair Task to install the Service Pack task

    1. From the LANDESK Console go to Tools | Security and Compliance | Patch and compliance.
    2. Change Type to LANDESK Updates.
    3. Under Patch and Compliance expand LANDESK Updates.
    4. Click the Scan folder.
    5. Locate the Service pack name, it will typically start with "LD9xSPx" and the description will be "Service Pack X for LDMS 9.x"
    6. Right click on the Service Pack and select Download Associated patches.
      1. Click on Show All associated Patches
      2. Select the Client and console.zip files
      3. Right Click client and console patches and choose Download Patch.
    7. Once patch is downloaded Right Click on the Service pack and select Repair.
    8. From the Patch and Compliance - repair taskwindow:
      1. Change the Name to "Repair <name of service pack>".
      2. Under Task Settings select the desired method for the run-time options for the task (Policy Supported Push, Policy, Push, Frequency,Additional Push Options, and Download Options)
      3. Click Save, this will open the Scheduled Tasks window.
      4. Select computers to repair option of your choice .
      5. Under Agent Settings select the Distribution and Patch setting called "LANDESK Updates Only."
    9. This will create a Scheduled task with the name chosen in step 8a.
    10. Add targets.   This can be a variety of methods: Drag and drop single computers, drag a group of computers, or drag an LDAP query to the task.
    11. When you are ready to begin repairing the patch Right-click on the Task and choose Start Now.

     

    Additional Information

     

    About LANDESK Distribution and Patch settings

    How To: Get Started with Patch Manager in LDMS 9.6

     

    If you need to deploy multiple patches you can use this article in conjunction with the following to repair all the patches at the same time.

     

     

    How to use Custom groups to quickly bring a computer up to date.