Jump to content
Michael Diaz

Patching Schedules

Recommended Posts

Hey All,

We have this customer that have a very complicated patching schedule. Can you tell me if this is possible with Automate? Can you suggest other workaround for this?

We are thinking to have a script that will turn off patching for the machine and another script to turn on patching.

 

Thank you!

Share this post


Link to post
Share on other sites

You could call the "Disable Automated Patch Install - Check on Agent*" and the "Disable Automated Patch Install - UnCheck on Agent*"  as a 'switch' for off/on for that particular system but we would need more detail as to what a 'complicated patching schedule' is for any real advice. 

Share this post


Link to post
Share on other sites

@tvarvais thanks for the reply, i'm supposed to include this in my original post. Here is what they want.

 

“Do not deploy patches at the following times:

                First 3 business days of the month

                Last 2 business days of the month

                Fridays or weekends

                The day before a holiday or on a holiday”

Share this post


Link to post
Share on other sites

Wow, sounds like a headache! :)  That limits you to a rolling 2nd or 3rd week of the month but with MS normal release schedule on the 2nd Tuesday....well I guess just shoot for the third Wednesday for pilot and Thursday for prod of the month.  That will give you 8-9 days post release on most patches with only the occasional holiday to contend with.

 

- fyi - we do not let customers dictate the schedule.  We write it in the contract for a specific day each week marked as "Maintenance" and do not allow changes to that.

Edited by tvarvais
additional info

Share this post


Link to post
Share on other sites

Why not just disable patching? You could just manually run a script on they whole client once a month on a pre arranged day and have the script launch patching. Ok you are adding a manual process here but given the preciseness of the days they do not want to patch it may be easier.

Alternately just set them to patch and not reboot. Occasionally it causes problems but if you make sure everything gets rebooted regularly it should be just transparent that they have patched..... apart from the win10 feature updates.

Share this post


Link to post
Share on other sites

That sounds like a terrible situation. Others may have a better idea, but here's how I would handle it (I'll attach screenshots below):


Patch Manager:
Follow the screenshot, but here's why I selected what I did. Script runs in the early morning, so I unchecked Monday because that's Sunday night and still the weekend, however I kept Friday checked because that's Thursday night, which is still during the week. I went ahead and unchecked the First and Last week to make certain that the first and last few days of the month are left alone.
The most important piece is the script before patching. It's going to check if it's a holiday (based on the dates you give it) and then make sure you check to cancel the patch job if the script fails because it's going to intentionally fail if it's a holiday.

image.png.67add20d3d4b8cd625e493d6a9d44492.png

Holiday Script:
Set an alert or create an auto generated ticket at the beginning (or really end) of each year and make sure that you've got the dates right. You can also add or remove holidays, just make sure you're setting the holiday based on the date format Month/Day/Year (don't add zeros to single digits in the date). Script will fail if it's a holiday which will cancel the patch job for that night.
image.thumb.png.30e7fdf3befe9459c707e86dc77f266d.png

 

Script XML for uploading to your server (You can find it under Scripts > Dev Scripts):
Holiday Check.xml

Adjust accordingly and feel free to hit me up in Slack if you have any questions. Good luck and happy patching!

  • Thanks 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...