2 Replies Latest reply on Mar 30, 2011 2:22 PM by mrspike

    Manual Patch Remediation


      I have several Windows servers that I MUST baby sit when it comes to patching. How do I push the patches to the servers and install them when I log onto the server?

        • 1. Re: Manual Patch Remediation
          mrspike SSMMVPGroup

          Several ways to do this...


          Here are some:



          In the Scan and Repair settings you can got to the Repair Options and set "Before repairing...." to notify the user.... and have it wait for you to respond


          Not sure how that works if nobody is logged in at the time of the push....




          Here's what we do:


          Create a Custom Group for your patches, add the patches you want to it.


          Right click in the Group, > Info, get they UniqueID


          Create a batch file with the contents below, swapping out your UniqueID where bold below.


          (Or use the attached txt file, modify and save as needed)


          Run Copy this file to you servers and run.


          It will first scan the group (to make sure all patches desired have been detected), and then run a repair task.


          This file will work on 32 bit and 64 bit systems





          @echo ******************************RUNNING FORCE PATCH******************************
          @echo off
          IF Exist "%ProgramFiles(x86)%" (
            "%ProgramFiles(x86)%\LANDesk\LDClient\vulscan.exe"/Scan group=Your_Unique_ID /showui=true /RebootAction=never /AutoCloseTimeout=4
            "%ProgramFiles(x86)%\LANDesk\LDClient\vulscan.exe"/repair group=Your_Unique_ID /showui=true /RebootAction=never /AutoCloseTimeout=4

          ) ELSE (

            "%ProgramFiles%\LANDesk\LDClient\vulscan.exe"  /Scan group=Your_Unique_ID /showui=true /RebootAction=never /AutoCloseTimeout=4
            "%ProgramFiles%\LANDesk\LDClient\vulscan.exe" /repair group=Your_Unique_ID /showui=true /RebootAction=never /AutoCloseTimeout=4

          • 2. Re: Manual Patch Remediation
            mrspike SSMMVPGroup

            This also a great tool for your techs to use patch systems they touch, we maintain a Custom Group with all of our mandated patches in it.


            If  tech is working on a system and want to ensure they have all the required patches, they can just run this.