No. In this case the reboot actions are completely separate. The reboot from the delivery method would kick in at the conclussion of the task. Vulscan has reboot actions independent of the distribution method and therefore doesn't care what the delivery sustem is, once kicked off it has it's own tasks.
So if I want some patches to reboot a machine and others not to I'd have to tell the agent to never reboot then make seperate delivery method for rebooting and non-rebooting policies?
I would suggest a different method. You should use two different scan and repair settings. One for rebooting when needed and one that never reboots. When scheduling patches choose the reboot action you want according to the scan and repair settings.
Isn't the choice of scan and repair settings only an option when repairing as a scheduled task and not as a policy?
If I am wrong on this, how do you change the scan and repair settings for an existing policy?
1 of 1 people found this helpful
You cannot change the setting for an existing policy unless you go into the XML. It is usually easier to delete that task and create a new one.
I prefer to use Custom Groups. I place the patches I want deployed into a custom group, use scan and repair settings to target the group, and then use patch manager to schedule the scan and repair allowing you to choose your scan settings as well as policy/push.
Choose Security Scan
Choose your scan settings and delivery type
I use custom groups for all of my patching.
Since there is not place to change the scan and repair settings for a policy but there is for a scheduled task I figured they weren't getting used.
There needs to be an update to allow users to edit this rather than having to recreate the policy.
For the time being I'll recreate and hope that fixes the issue.