Another Deployment is in Progress...
A suggestion to clarify message in REMARKS filed under configuration.. I'll like to know which deployment cause this configuration to pause instead waiting or looking into multiple deployment policy to spot conflict.. Since DC know already that something
Surface firmware updates
I just wanted to put in a formal request for support of updating Surface Pro 1, 2, 3, and 4 firmware through the Desktop Central patch module. We have many many Surface devices and we have no way to upgrade the firmware on them. This is causing support issues since these updates are so critical. Do you have an update on when this feature will be added? Please contact me if I can be a beta-tester for it. Thank you.
Endpoint Central Support for Windows Store App Patching and .APPXBUNDLE Deployment
As applications from the Microsoft Store become increasingly critical for business operations and security, it is essential to ensure they are regularly updated to address potential vulnerabilities and compliance requirements. This is particularly pertinent
Is Windows 10 smooth to use?
Xin chào
Extend function of Test and Approve
There is a 1-to-1 mapping between the Test and Approve item, and a custom group. Cannot select a dynamic group. Can I please have Ability to select a custom dynamic group for testing Ability to use the same group for several test policies. Eg test critical
Product Suggestion for Updates self service portal
Hello! I would like to give some feedback on the new Self Service portal for self managed updates: 1. It would be nice if there was a way to default the self service portal to the updates tab instead of the Apps tab. 2. Like other patch management configurations,
Dell Bios Switches Prompt for Bios password or silent switches passthrough
Desktopcentral allows you patch bios's for dell machines, however, if your machine is setup with a Admin/Setup Password that locks down bios settings the computer will not update because it wants a the correct bios password. Currently, you would have
Mac Patch/Update information to be included in the Latest security feed on the Patch management page
Hello, It would be great to include MacOS Security update information into the 'Latest Security News' feed on the Patch Management page. Thanks
I wish the System Health Policy included time settings
I wish the 'System Health Policy' included time settings. If we have a phased in test patch deployment, where we deploy to group1 - week 1, group2 - week 2, group 3 - week 3, group 4 - week 4 our Health Policy should match. In essence don't consider
1st aid solution for client Patch scan problem with driver is active in Patch Database Settings
Hello Today I noticed on two DC installations, that the clients could not successfully run a patch scan or could not deliver it to DC server. In DC, there was no error message that the patch scan has a problem. Only the last date showed me that there
feature of WSUS that can help DC
Hi wsus have two features that can help bandwidth optimization for MS patches: 1-Branchcache 2-Express updates if DC has same feature or works with WSUS it's very good for branches
Provide the ability to remove superseded patches from DC and the database
When a patch is superseded, it grays out and you cannot do anything with it. Even if one machine states it needs it, it remains on the missing patches list. We need to the ability to remove these patches from all instances of desktop central since they cannot be pushed. Without this ability, reporting numbers are off and extra work needs to be done to accurately reflect proper patching reports. Even if they're not physically removed from the server, we need a way to hide/remove them from all page
Pre- and Post-Job Scripts for "Automate Patch Deployment"
We use Desktop Central to automatically patch one of our systems, which has been working great for the past year or so. However I now want to automatically patch some servers, which require services to be shutdown before and started again after the installation (after reboot). My suggestion is to add the capability to run pre- and post-job scripts for Patch Deployment, similar to what can be done for SW packages.
Desktop Central - Better Patch Management Information / Flow
Some things that I believe would help improve the Patch Management flow in Desktop Central, currently it's a bit cumbersome and hard to track down what exactly is in which patching group / deployment policy. Separate Configuration Deployment Policies
Add agent indicator/dropdown to system summary view (patch)
(ver 10.0.656) Threats & Patches > Systems > By patches > select any system For the various views for a system under patch management (Summary / Installed Software / Vulnerabilties/ Patches / Security config / port audit) please please add the agent status
Reboot before patch deployment
Some patches and updates install more reliably and with less issues (like Java JRE) if they are deployed at system start-up. Does anyone how how we can easily reboot computers prior to a patch deployment? The key word is easily since the only way I've found that this can be done is by first creating a list of all computers that need a Java patch/update, adding those to the Reboot list in Tools, scheduling a reboot, and having the patch deployment for Java set to "During start-up". That's a lot
Enhance availability of the Patch Management Download Manager...
Posting this here to see if the community think it's a good idea. This is currently only invoked by DC during certain patch download operations. It would be significantly more useful if we were able to invoke it, on demand, regardless of what we or DC are doing. I have also posted this as a "feature request" in your appropriate feedback/ideas form.
Reboot Policy / Functionality
Hello, I would like to see a feature added that would allow us to configure a reboot policy under the following conditions: If the machine hasn't been rebooted since X amount of time has elapsed, then force a reboot during the next defined maintenance window. This functionality also requires the ability to define this maintenance window. and/or If the machine has been sitting in a 'waiting for reboot' state for X amount of time, then force a reboot during the next defined maintenance window.
HP BIOS Updates
It would be good if HP BIOS updates could be pushed out, similar to how the DELL solution that is already implemented
Suggestion: option for "apply configuration" alongside "install patch"
At the moment, if I look at the 'missing patches' view for a particular patch (e.g. Google Chrome) I can see a list of hosts that still require this patch. I can select hosts with a checkbox and then press the 'install patch' button at the top if I want an immediate deployment. For me, many of the patches are showing with a status of "Patch update is delayed since application in use" -- this is expected as we do not force daily reboots of our computers. What I would find *incredibly* useful is if
Add the ability to make changes to Test Groups instead of having to delete and remake the group
As the title says, I'd like the ability to make changes to a test group for patches instead of remaking the group whenever we need to add/remove a PC.
Description of Windows 10 cumulative updates
Hi, I think it would be extremely useful if the description of Windows 10 cumulative updates could include the build number, e.g. currently a patch is called "2019-08 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4512495)" but in order to tell if this is a valid patch for a system, you need to check the build number online (https://support.microsoft.com/en-gb/help/4512495/windows-10-update-kb4512495) and then compare the build number listed there (OS Build 14393.3181) against
Option to auto-close apps that require update AND/OR notify users to save work then quit apps that require updates
I think this shouldn't be too hard to do. Better than seeing "Patch update delayed since application is used by another process" errors https://www.manageengine.com/products/desktop-central/patch-update-delayed-since-application-is-used-by-another-process.html?dci&did=45-1224-2016-05-11-20-21-27-2695 it should be alot like the "Notification Message before Reboot*" but instead "Notification Message before closing vulnerable applications* This would apply for apps such as office 365. which require
Add build numbers to patch description for Windows 10 cumulative updates
Hi, As far as I can tell, every Windows 10 cumulative update raises the OS build number, e.g. KB4499177 [1] will take the OS to build 14393.2999 (with the .2999 being the build number updated by the patch). As the release of a cumulative update invalidates all the previous cumulative updates, I would find it extremely useful if the patch description for the updates contained the build number (.2999) - so that I could tell at a glance if the patch being listed was a genuine update, or an erroneous
Installing missing patches during deployment.
Hi Although applications can be installed automatically after an OS deployment, it should also be possible to automatically apply approved patches. At present the deployment process is slow and/or disjointed. Following OS deployment and automatic install of the DC Agent, a PC is still not listed under 'Managed System' in patch management until a patch scan has been completed. We therefore have to go to Inventory->Computers, find the new PCs to initiate a patch scan, waiting for it to complete, then
Positioning client pop-up window
When patch deployment is initiated, there is a pop-up window displayed on client machine (in right bottom corner). Is there a way to change position of this window (e.g. to upper right corner)?
AntiVirus Definitions
Can desktop central report of the AntiVirus definitions of Windows Defender?
Mac OS patch (601384) gets the machine rebooted without notification
The patch crawler team has found that upon patching Mac sierra machines, it is getting rebooted arbitrarily even when "No Reboot" deployment policy is selected. From analyze, the team has confirmed patch 601384 naturally invokes the reboot action without notifying the customer. It seems it is the behavior of this update upon reading various 3rd party forums. A message has been added in the product UI to convey the Mac Sierra reboot message so that customers can get benefited and plan their patching
Automatic deployment as new configurations for better overview
Hi It would be very helpful if ME DC would create new configurations for automatic deployment schedules where patches will be installed. This gives us an overview on the status of those installations, because currently it happens in the background and it's not clear (unless there's an easy way to get the status of those installations already).
*WARNING* for admins using Automatic Patch Deployment
We just had a mini-crisis with desktop central patch deployment the other day as we had a mess of unapproved updates deploy through our automatic patch deployment policy. After sending our logs to support and long remote assistance session we learned exactly what caused us such a panic. I am sharing with the community to hopefully to spare anyone from a similar scenario. We got lucky in the end, the patches did not negatively affect our PCs. We will not make the same mistake twice. Chat transcript:
Preview of Quality Rollup
Can we have an option to automatically decline 'Preview of Quality Rollup' packages. Stephen Fowles 3rd Line Support Technician North West Ambulance Service - NHS Trust
Scheduled Off the network updates
I think this has been discussed here before but if not I wanted to suggest it. So Desktop Central (henceforth referred to as DTC) has the ability to schedule updates. What I'd like to see is the following: During the week I schedule windows updates for all my machines to take place on the weekend/specific date/time. DTC prestages all the updates to the machine at some point before the weekend/specific date/time The local agent retains the knowledge of the date and time for the scheduled update. Regardless
Update custom software
I know Desktop Central has the ability to push MSI installs to clients, but we were wondering if it is possible to add custom software to the list of software that gets automatic updates? The end goal is to come up with a way to push MSIs automatically without intervention. If the only way to push software is to manually run configurations by uploading the new MSI then we probably move onto another solution. I just wanted to make sure I wasn’t missing any functionally that Desktop Central offered.
Suggestion for Feature - Ability for Offline Patch Deployments with Notification and User options.
I'm proposing to have locally cached deployment option. We have users that take their laptops home every day and even for weekend. Having ability to cache patches for installation on their machine while they are not building and give them option to when to apply them. Here is a quick scenario how that would work. User is scheduled to get patches on Monday Morning between 12am a - 10am. They take laptop home on friday and don't come back into office until 9am which only leaves 1 hour of deployment
Is it possible to allow users to have some control of patch/software deployment downloading?
We have multiple users who are requesting for a level of control for when they download patches/software. There are two main factors for this request: 1. Extremely low bandwidth situations - where people are using dial up, etc, the patch/software download saturates the connection 2. Metered data transfer - where we have to pay per MB of data used (in an airplane, for example) 3. Scheduled connections - some of our connections cost more to use during the day. Is there some way to
Postpone reboot...
Is it possible to increase the time to postpone a reboot up to 8hrs. Right now users get the option to postpone for min 15 min - max 4hrs. We would like to give the option to postpone for up to 8hrs. Reason being, developers certain users are very sensitive, if they are interrupted or "constantly" prompted every 4hrs to reboot if effects their productivity. This way they can postpone for their 8hr workday and reboot in the evening. Thanks.
Set a duration for Automated Patch Deployment
I would like the ability to set an duration for the Automated Patch Deployment tasks. Many of our computers are laptops and customers will be gone off our network for 3 or 4 days before returning. I would like to be able to set a time limit on the length of time that a task waits to run. For example, allow the patches to retry for up to 24 hours after it begins in 1 hour increments. Currently when the people are coming back many days after a patch deployment they will get patches and reboot. If we
Create New Custom Group
Hi It would be nice to have a Dymanic Group based on reboot required, if you patch with out reboot, its possible to restart all thats need a restart at a given time by such a group, So i hope this will come in a later version. Regards
Desired - Patch Approval Status "By Application"
Currently we have configured all updates as "approved", and only today I have added my first "declined" patches, for the Application "SharePoint". This seemed to be the only option available, whereas what I would like to do, is automatically approve all Microsoft application, "Except" SharePoint, leaving those as "manually approve" only. I don't want to have to manually approve every patch, for every application. Can you improve the approval status configuration, to allow users to choose the approval
Desktop Central Linux Agent Available Patches
Hi, It would be great if in Desktop Central could show the available patches of a Linux Server as another tab when viewing the computers details. Such as what is returned SUSE when you run zypper lu Thanks Phil
Next Page