OS Patching with K1000
Hi Everyone,
So we are starting to use the K1000 to patch our servers. Initially we just want to apply critical OS patches.
My problem is that OS as a category is not granular enough and includes SQL, Exchange, Office, Sharepoint. (Found this out during our TEST environment patching)
So I have tried two ways to try to exclude those patches:
1. Smart label for those apps I want to exclude, then the last line, for patch label names not equal to BLOCKED.
2. Static label for those apps I want to exclude, then the same last line (in case of some weird smart label issue).
Then I load the Critical_OS_Servers patch label and search the the patches to find it does not exclude those. They still show in the list and I do not want to arbitrarily patch my live Exchange against our BES without some more planning.
Any tips to get this working properly? Thanks in advance.
EDIT: Thanks, I spoke to support and found simple labels are far better to narrow down what I want.
For those interested, we are trying to do security patches for OS.
Label is:
Publisher = Microsoft
Severity is Critical
Operating System is Win 2K8.R2
Name contains Windows Server
Doing one for each OS and applying to patch schedules as needed.
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
h2opolo25
9 years ago
Besides trying to build a better patch label I don't think there's too much you can do. I manually update servers that are business critical (Exchange, SQL, RDS, etc...) and use KACE for the rest.
