|
|
Toll Free: (866) 407-5279 Direct: (651) 407-5279 |
|
|
|
Toll Free: (866) 407-5279 Direct: (651) 407-5279 |
|
UpdateEXPERT6.x uses a 2 phase method for patch deployment. In phase-1, the Master-Agent works with the target to get files transferred to it; in phase-2 the target is functioning autonomously from the Master Agent in that it performs the actual patch installation. Understanding this can be helpful for troubleshooting patch deployment issues.
Note: This description holds equally true for Agentless and Leaf-Agent targets, although Leaf-Agent targets with "disconnected" machine support (UpdateEXPERT 6.2) won't give you the "Machine is Down" message for Phase-1 patch deployment due to the target being down.
Leaf-Agents have specific advantages, see:
Patch deployment occurs when the user 1) selects patches, and 2) runs the "Install Wizard" to identify patch installation options. When finished with the Wizard, patches are 3) downloaded immediately into the download directory configured for the Master Agent, then 4) copied to the target machines along with a binary file containing patch installation instructions from the Install Wizard, and the St. Bernard Software patch installer service. Note that Leaf Agent targets already have the patch installer service installed locally. Pushing the installer service only happens for agentless (RPC) targets. Since the installer service knows the deployment schedule indicated by the user, it will either begin installing patches immediately (Phase 2), or will wait for the user defined date/time to occur. Exit status information for each patch is displayed in the deployment status window when you re-query machines to update the list of installed patches. You must re-query because that is how you execute the patch-detection logic that finds the newly-installed patches, or finds installation errors.
For Phase-1, you need enough free disk space on the target to copy all the patches over, the installer service, and the install wizard file. Remember, Service-Packs can get quite large, ie., 120+ Megabytes.
IMPORTANT: The challenge in Phase-1, for large networks and high machine counts, is getting patches copied to targets in a resonable amount of time. For all UpdateEXPERT administrators in a medium to large environment, there are things to know and strategies to employ to optimize your patch deployment.
Patch installation occurs either 1) immediately after phase 1 (patch deployment), or 2) when the installer service detects that the appropriate date/time has arrived. The installer service is persistent across reboots and shutdowns, meaning that it restarts automatically. If a user shuts the machine down, and boots it after the date/time specified for installation, the installer is smart enough to do the patch installation anyway, overcoming a deficiency in the standard Microsoft scheduling service used in UpdateEXPERT5.1.
The 2-phase approach works well in that once phase-1 is complete, target machines can be rebooted one or more times, or shutdown for an undetermined amount of time, and they will STILL get patched by the UpdateEXPERT installer service upon restart. As patches are applied, exit status information from each patch installed is passed back to the Master-Agent for use in the deployment status window. When all patches have been installed, the installer service removes itself from the target system.
For Phase-2, you need additional free disk space on the target to create the Microsoft patch "uninstallation folder" typically created by default, plus space for file extraction. System files are typically not released until a reboot is performed. As a result, hundreds of megabytes of free space can be consumed while the update is being applied.
Getting Recent/New Patches to be Listed
Patch Deployment Troubleshooting Messages
Patch Deployment Best Practices
Changing Patch Download Directory
Patch "Install Wizard" Options
