4 Replies Latest reply on Jul 25, 2017 12:00 PM by jkhill

    automating rollout projects

    jkhill Specialist

      Is there a way to use MBSDK or some other automation platform to add vulnerabilities to a patch rollout project in LDMS 2016.3?  I'm not seeing anything in the MBSDK but wasn't sure if there were other options.


      I'm working on an internal website for our security office to identify which patches need to be deployed and would like the patches to be automatically added to the appropriate rollout project once they hit Submit.



        • 1. Re: automating rollout projects
          wcoffey SupportEmployee

          There's currently no MBSDK web methods to automate the inclusion of a definition to a Rollout Project. You can, however, add new definitions to a specific project through our Definition filter properties. This is contained under Patch and Compliance | Download Updates | Definition Download Settings.

          • 2. Re: automating rollout projects
            jkhill Specialist

            I'm familiar with that feature (and use it) but it's indiscriminate - it applies to every incoming definition that meets whatever criteria you've defined.  We apply different criticalities for each vulnerability for different scopes - for example, an IE definition might be Critical for desktops but Low for servers because everyone knows not to touch IE on a server. 


            The website I wrote gives my security office the ability to rate each definition for each of five scopes.  For now we rely on database calls to add tags to the definitions and have a manual step for the helpdesk staff to periodically search for tags and move the relevant items onto a patch rollout project.

            • 3. Re: automating rollout projects
              wcoffey SupportEmployee

              The functionality you are using regarding the database calls exist in our LPM product, which is a much more dynamic and robust tool but unfortunately does link to Rollout Projects. I understand your use case and find it to be valid. Improvements to Rollout Projects are in order but the MBSDK options are not on the road map. I would like for you to submit an enhancement request (https://community.ivanti.com/community/enhancementrequests) and follow-up with me in this discussion thread so a larger conversation can be had for possible implementation.

              • 4. Re: automating rollout projects
                jkhill Specialist

                Thanks for the reply.  Here's the idea:

                MBSDK / API add patches to rollout project


                (I also added it to the PAC aha portal)