10 Replies Latest reply on Apr 20, 2009 2:30 AM by homermg

    Patches

    Apprentice

      Hi all,

       

      do the LDMS have any possibilities to update the mac's install patches and so on?

      In dont find lots about it in the manuel. This part is not really helpful in the manuel.

       

      thnaks in advance

        • 1. Re: Patches
          Employee

          Security & Patch Manager > Download Updates > Apple Updates checkbox.

           

          If you don't have Patch or Security, you'll have to define your own definitions using the .dmg files from Apple.

          • 2. Re: Patches
            Apprentice

            Hi Jack,

             

            thanks for your tip,

             

            now i downloaded the patches.

             

            What is the workaround for this part of LDMS. I think i have to scan the mac's and see whitch patches are installed and which are not.

            But if start the Security- and Compliance Scan by clicking on devicename i recive the massage "run, no status is available"

             

            Cano somebody help me please?

            • 3. Re: Patches
              Apprentice

              You may need to adjust your Mac agent configurations so they do a security scan when you want them to. And make sure any Mac patches you want to scan for are in the Scan folder in Security & Patch manager.You should also read over http://community.landesk.com/support/docs/DOC-1164. It's not Mac specific, but close enough.

               

              Picture 2.png

              • 4. Re: Patches
                Employee

                it should be running, even though it's not reporting status. To find out what it's doing in real time, look at /Library/Application\ Support/LANDesk/LANDesk.log on the mac.

                • 5. Re: Patches
                  Apprentice

                  Hi all,

                   

                  im trying to install scan a os s 10.5 for a new keynot patch the log on the mac says to me "no detected patches are available to repair".

                   

                  I think i make a mistake but i down really know where can somebody help me to solve my issue?

                   

                  I did follow steps:

                   

                  1. download a Keynote_404.dmg file and paste it in to the \\server\LDLogon\patch

                  2. opened "Security and Patch Manger" and run (create custom definitions)

                  3. On the first tab i added a new rule

                  4. In the properties of the rule under affected product i added the patch which i create i this menue.

                   

                  I think that isn't i right way.

                   

                  As i understood in the best know methods:

                  The first step is to create a patch difnation, then scan with the help of this patch the computer and finally repair them with tis patch is it right?

                  Can somebody help me to create this patch correct?

                   

                   

                  thanks in advacne

                  • 6. Re: Patches
                    Apprentice

                    You missed a step 5. Adding "affected products" and/or "affected platforms" means it will only consider those for scanning for that patch, but you still need to tell it how to determine if Keynote needs to be updated. It doesn't use the existing inventory data.

                     

                    Under "affected products", select "Files" and use settings similar to the one shown below.

                     

                    Picture 3.png

                    This is a screen shot of the detection for Firefox, which is a definition included with S&P manager. You might have to include more than 1 "Files" rule so your 4.0.4 updater isn't trying to patch a version 1, 2 or 3 install. You will also need to double check Apple's requirements for that patch and make sure it doesn't require a dependant patch (such as 4.0.2 or something like that). Once you have it setup, go to a machine you know should be vulnerable and start a patch scan from the LANDesk Agent.app in /Applications/Utilities and see if that machine shows up as vulnerable in the console (don't forget to refresh).

                    • 7. Re: Patches
                      Apprentice

                      Hi Patrick,

                       

                      it seems to be very complex.

                       

                      So i think try at first with the patche that are allready in the ldsm.

                       

                      I would like to scan for example one mac to check witch patches are not installed and install them with ldms.

                      Can you give me a workaround or go with me trough the steps to do this?

                       

                      thank you very much

                      • 8. Re: Patches
                        Apprentice

                        Assuming your machines are already scanning for patches (this is configured in the agent settings), you should be able to right click on a machine in the console and select "security and patch information". This will show any patches that are not installed, as well as what IS installed (this can include patches not installed by landesk). From here, you can right click a patch, or multiple patches and repair.

                         

                        Another way for you to apply a patch for something like Keynote is to just setup your patch as a distribution package and build a query that is something like:

                        Software>Applicaitons Suites>Name is < than Keynote 4.0.4

                        AND Software>Applicaitons Suites>Name is > Keynote 4.0

                         

                        And install your package on that query.

                        • 9. Re: Patches
                          Apprentice

                          Hi Patrick,

                           

                          now im treid your first advice but i recieve an error in the Tasks.

                          The task is in the folder seccuefull but the status is : uknown statuscode(0x19C,0:412)

                          I think it is the wrong languag pack. Because i the security and patch information some Office updates but only in english and my office is in german.

                           

                          So i tried to install the patch now manually i went to security and patch managment - all products - selected the Office-2008-1210 (Ger) and said repair.

                          start the taskt and reciever same error.

                           

                          I despair of this part of ldms :-( other parts of ldms i have understood quickly and im working allready with other parts only security dont want to run :-)

                          • 10. Re: Patches
                            Apprentice

                            Hey Guys,

                             

                            no idea why it dont want to run?