6 Replies Latest reply on Mar 12, 2013 8:31 AM by kennedy.603

    Reboot Question

    Rookie

      I have an agent with scan and repair settings set to reboot only if needed.

      I schedule a policy for a couple of patches and use a delivery method set to never reboot.

       

      When the agent detects the policy it installs the patches then prompts the user to reboot.

      Shouldn't the delivery method settings stop the agent from attempting to reboot?

        • 1. Re: Reboot Question
          bnelson Employee

          No. In this case the reboot actions are completely separate. The reboot from the delivery method would kick in at the conclussion of the task. Vulscan has reboot actions independent of the distribution method and therefore doesn't care what the delivery sustem is, once kicked off it has it's own tasks.

          • 2. Re: Reboot Question
            Rookie

            So if I want some patches to reboot a machine and others not to I'd have to tell the agent to never reboot then make seperate delivery method for rebooting and non-rebooting policies?

            • 3. Re: Reboot Question
              bnelson Employee

              I would suggest a different method. You should use two different scan and repair settings. One for rebooting when needed and one that never reboots. When scheduling patches choose the reboot action you want according to the scan and repair settings.

              • 4. Re: Reboot Question
                Rookie

                Isn't the choice of scan and repair settings only an option when repairing as a scheduled task and not as a policy?

                If I am wrong on this, how do you change the scan and repair settings for an existing policy?

                • 5. Re: Reboot Question
                  bnelson Employee

                  You cannot change the setting for an existing policy unless you go into the XML. It is usually easier to delete that task and create a new one.

                   

                  I prefer to use Custom Groups. I place the patches I want deployed into a custom group, use scan and repair settings to target the group, and then use patch manager to schedule the scan and repair allowing you to choose your scan settings as well as policy/push.

                   

                  Choose Security Scan

                  scan1.JPG

                   

                  Choose your scan settings and delivery type

                  scan2.JPG

                  1 of 1 people found this helpful
                  • 6. Re: Reboot Question
                    Rookie

                    I use custom groups for all of my patching.

                    Since there is not place to change the scan and repair settings for a policy but there is for a scheduled task I figured they weren't getting used.

                    There needs to be an update to allow users to edit this rather than having to recreate the policy.

                     

                    For the time being I'll recreate and hope that fixes the issue.