6 Replies Latest reply on Mar 27, 2017 3:49 AM by sthon

    Is there a way to manually trigger the OS-Patch scan from a client?

    sthon Apprentice


      A lot of my Windows (7 and 10) clients have the problem, that they do not accurately and in a timely manner their missing patches to the LANrev server. At the moment I perform the following tasks on the server to the clients to remedy the situation, which helps a little:

      • Gather Installed Software - Scan for missing operating system patches
      • Gather inventory
      • Run software distribution check

      Now I had the idea to create and deploy a windows planned task to do this action on the client itself on a regular interval.

      I do not wish to use the server to schedule these events as the command queue would fill up and the clients do not always have a solid connection to the server (firewall, etc). Actions started on the client side seem generally to run better.

       

      I know there are command-line options for the LANrev client to send inventory and run a software distribution check. Is there a similar command for the os patch check?

       

      For reference, these are the command line options I know about, feel free to add your own:

      • --SDCheck
      • --SendHeartbeat
      • --SendInventory
      • --ShowOnDemandPackages
        • 1. Re: Is there a way to manually trigger the OS-Patch scan from a client?
          brett.chadwick Apprentice

          Here is a complete list of the supported commands including commands that allow you to pull patch lists and update missing patch lists.

           

          Agent commandline options

          --SDCheck
          => Perform a software distribution check

          --SendHeartbeat
          => Send a heartbeat

          --SendInventory
          => Send Inventory

          --GetSDPackageList <output_file_path>
          => Writes package list to <output_file_path>

          --GetSDPatchPackageList <output_file_path>
          => Writes patch package list to <output_file_path>

          --GetMissingPatchList <output_file_path>
          => Writes missing patches list to <output_file_path>

          --DumpInventoryData <output_file_path>
          => Output agent inventory data to <output_file_path>

          --UpdatePowerOnStats
          => Send power on stats to server

          --RemoveAllWakeupSchedules
          => Remove all wake up schedules from Mac PRAM

          --GetSDState
          => Returns current state of SD Task as a code

          --GetSDStateString
          => Returns current state of SD Task as a string

          1 of 1 people found this helpful
          • 2. Re: Is there a way to manually trigger the OS-Patch scan from a client?
            sthon Apprentice

            Thank you! This will help me a great deal!

            • 3. Re: Is there a way to manually trigger the OS-Patch scan from a client?
              seanholdenx Rookie

              A Software Distribution Check triggers an OS Patch check

              • 4. Re: Is there a way to manually trigger the OS-Patch scan from a client?
                sthon Apprentice

                I ran into a small problem with this.

                 

                The Commands work, I can see it in the locks. But my main problem still persists.

                 

                I can run the GetMissingPatchList and output a List of missing patches on the client into an XML file. But the missing patches List on the server stays empty, as well as the field "Missing Patches Info Update" does not update.

                 

                I I trigger a "Gather Installed Software" combined wit "Scan for missing operating system patches" from the Admin Client it actually returns the patches and updates the date.

                 

                This is something the clients are supposed to do on their own, at least they are configured that way. But as it doesn't work, I am trying to implement a solution that will force the clients to check and report.

                • 5. Re: Is there a way to manually trigger the OS-Patch scan from a client?
                  sthon Apprentice

                  It seems the Tray App does exactly what I want when I choose "Check for assigned Software"...

                   

                  Well, at least it did it one time, now it doesn't any more.

                  • 6. Re: Is there a way to manually trigger the OS-Patch scan from a client?
                    sthon Apprentice

                    For reference/users looking for the same thing:

                    I did not manage to get the desired results by initiating the scans from the client side. Despite manually triggering the appropriate commands, the information doesn't get updated properly on the server-side of things.

                     

                    I ended up setting up a smart group in the server center enforcing the patch scans which should run automatically.

                    • Missing Patches Info Updated is not in the last 1 days
                    • Lasst Heartbeat is in the last 60 Minutes
                    • Scan for Missing OS Patches Yes

                    Two actions have been assigned to this smart-group:

                    • Gather installed Software - Scan for missing operating system patches
                    • Run Software Distribution check

                     

                    With this, all clients seem to report their missing patches in an accurate and timely manner.