1 Reply Latest reply on Aug 11, 2016 11:05 AM by brett.chadwick

    Do not patch bulk actions



      One of application departments will not allow any patches to be deployed to their systems until the software vendor has approved the patches.  Usually, this creates about a one month delay in patching between the patch's release date and when it can be deployed to those servers.  The rest of our servers are patched weekly with all currently applicable patches.


      We use the "Do Not Patch" function to block unapproved patches to those systems until the approval comes through.  This works well, but managing the items that need to be added or removed from that status is a nightmare.  Unless I'm missing something, when we add patches to the Do Not Patch status, we have to select each patch individually and click the Do Not Patch button, and follow the wizard that shows up.  I don't see any way to add or remove more than one patch at a time to this status, as selecting more than one patch makes the button 'gray-out', as seen below:

      2016-05-19 10_18_23-HEAT® EMSS - Groups.png2016-05-19 10_18_37-HEAT® EMSS - Groups.png


      This takes a considerable amount of time having to do it one patch at a time, especially if a large number of patches are released.  Additionally, it takes even more time to remove the patches from the status, as the same process needs to be done when patches are approved and need to be deployed to the group. 


      Why doesn't this function the same way as other options, such as Update Cache or the Deploy button?  Neither of those require you to select one patch at a time and the Do Not Patch function shouldn't either.


      If anyone knows any other way around this, please let me know.  Thanks!

        • 1. Re: Do not patch bulk actions
          brett.chadwick Apprentice

          Another approach to this that we envisioned customers using would be the disable patch function.

          The disable patch function can be used for multiple selections and allows you to simply select a reason like "Not Approved" as the reason.

          The great thing about using disable this allows you to filter to that content specifically and add or remove content in mass from that status in the interface.


          Screen Shot 2016-08-11 at 9.57.18 AM.png


          In addition to this you can select multiple patches once disabled and re-enable providing a reason such as "Approved".


          To take this process a little further my suggestion would be to leverage our custom patch lists.


          Create a patch list for example, "Patch Tuesday - August 9th"


          • Add all the patches you wish into this custom patch list.
          • Disable all the patches on the custom patch list with the reason "Not Approved"
          • When you receive approval from everyone you can apply that set of patches by enabling and deploying the patch list to help keep track of those pieces of content.