Timing of deployment?
with the refresh rate at 90 minutes, some servers do not begin their deployments until well after the deployment window starts. Does anyone have any ideas on how to get the endpoints to start their deployments as close to the beginning of the deployment window as possible, other than scheduling reboots of the end points which forces them to check in?
Win10 1909 via Enablement Package
Hi, Microsoft's way of upgrading from Win10 1903 to 1909 is via an enablement package KB4517245 which toggles on features already installed in the October cumulative update - see https://support.microsoft.com/en-gb/help/4517245/feature-update-via-windows-10-version-1909-enablement-package However I don't see KB4517245 in PMP. PMP's method of updating seems to require a 1909 ISO and be a full blown heavyweight re-imaging of the OS. I'd prefer to use the enablement package option as it should be quicker,
Agent on Citrix VDI
Hi. We are trying to use the UEMS agent on our gold VDI images. However, we do not want the non-persistent systems available to our users to report to our Patch Manager Plus. I tried disabling the UEMS service on the gold image before deployment, however
CentOS Stream
Hi, I would like to know if there will be support for Centos Stream.
Regards.
Windows Server 2016 patching.
Folks - in our patching process, we approve the patches 30 days after they have been deployed to the test groups. Since the Windows 2016 patches get superseded every month, our Windows 2016 production servers are never getting patched, because the superseded updates are automatically disabled and cannot be used in the APD tasks. Does anyone have any work-arounds for this, other than getting those 2016 servers patched before the updates become superseded, which would require us to change our process
Drivers Updates
Hi Team, As per the below link it is mentioned that Drivers Updates are supported for Hardware devices. Can you please specify for which manufacturing devices does it supports? e.g.: Dell, HP, Lenovo etc. Also, for BIOS it is mentioned as only supported
How to configure automated scan-only job
This article says that patch scan occurs immediately following an update to the patch database. We use a manual process for updating the Patch Manager Plus Server's security database. I'd like to have an automated method for scanning systems apart from the update from the Patch Repository. The APD processes require that at least one patch is selected. I don't want to install patches, I just want an automated process that scans the designated systems to determine their patch level. Is a scan-only
Google Chrome
What is with Google Chrome now being a Manual Upload?
External addresses to whitelist?
What are the external addresses needed for this product to function? I have this on an air-gapped system. Thanks!
'Systems Requiring Reboot' does not show any Linux machine
Hello, I am evaluating the PMP for CentOS and Ubuntu. I noticed that the 'Systems Requiring Reboot' has never shown any Linux machines even reboots are required for those machines. Any help is appreciated. Ryan
Server.xml changes are lost on restart
Hello, I'm trying to make changes to "C:\Program Files\UEMS_CentralServer\conf\server.xml" file. I want to exclude TLS1.0 and TLS1.1, and also change the available ciphers. I save the changes, restart the service, and changes are lost.
Roadmap for supporting CentOS 8 and RHEL 8
Hello, May I know if there's any roadmap for supporting patch management on CentOS 8 and RHEL 8? Regards, Ryan
Applicable patches for CentOS did not include some important updates
Hi all, I am now evaluating Patch Manager Plus for applying patches to CentOS and Ubuntu. I noticed that the recent sudo related patches for CentOS (i.e. CESA-2019:3197) were shown at the 'Latest patches' page. However, they are not shown at the 'Applicable patches' and all my CentOS machines did not get the patches. However, when I use 'yum update' inside those machines, the 'sudo' entry did show up Furthermore, I have tried to use the 'Manual deployment' to install those patches to CentOS.
Auto Approve Clients from Patch Manager
Hi team , Is there a way to Automatically approve the devices on the the Patch manager for Desktops and Laptops .
Is KB4503548 (.NET 4.8 for Windows 7 x64) supported? -- I can't find it
-- Is KB4503548 a supported patch? My Windows 7 workstations have this as an available important update shown in Windows Update tool in Control Panel but Patch Manager Plus is not listing it as an update for these computers I even did a search for it in "Supported Patches" but it doesn't show up when I enter the KB number in "patch description" box. Also do you have a resource available to search Microsoft's KB ID's to get Patch ID or Bulletin ID? Thanks, Ben
'Systems Requiring Reboot' not showing any Linux machines.
Hello, I am evaluating PMP for deploying patches to Linux machines. I noticed that none of my Ubuntu and CentOS got shown up at the 'Systems Requiring Reboot' page even though they should be rebooted (i.e. using command needs-restarting -r for CENTOS
Query for Custom Groups
Hi all, Hoping someone can point me in the right direction. Database is postgresql. I am trying to list all managed computers under a dynamic custom group. Select * from resource - will return the resourceID, name, domain_netbios_name etc I see my custom groups have a resourceID assigned and all groups returned are resource_type 101 Select * from CustomGroupMemberRel returns back member_resource_id and group_resource_id, but neither of those fields contain the dynamic group ID's. My APD tasks have
Patch Management - Disable Automatic Updates - Office 365
I'm looking to deploy the "Disable Office 365 Updates" and the changes are made to the registry of the target PC's. If the PC is removed from the grouping and I want the Office 365 updates to begin automatically applying directly from Microsoft, what is the process to make this happen. Thank you.
Vulnerability manager Plus (Patch Management) - Disable Automatic Updates
I'm looking to push the "Disable Office 365 Automatic updates" to a group of PC's as several 3rd party applications the PC's run are sometimes broken by the application of the monthly updates provided by Microsoft. If the end user (and the PC) transitions to a different department/responsibility, how is it possible to restore the automatic monthly patching of MS Office since the registry has been "tattoo'ed" with specific entries? Thank you.
Can someone explain the correct usage of the 'Test and Approve' feature + test groups?
The documentation for 'Test and Approve' is not very clear on the specific implementation of the feature: https://www.manageengine.com/patch-management/help/test-approve-patches.html#test Consider this: - An automated deployment called 'Workstation Patches' that applies patches to all (100) Windows 7 workstations - A group called 'Windows 7 Test Group' that contains (5) Windows workstations targeted by the 'Workstation Patches' deployment - Approval type set to "Test and Approve' I want unapproved
Trouble deploying KB4056894 - March Update
I am attempting to deploy March patches with PatchManager Plus and for some reason all of the Windows 7 computers that I am attempting to deploy KB4056894 to are failing. The Remarks are “Unknown Error. Code : -2145124329”. The help indicates that is a corrept file system but I find it hard to believe that all my Windows 7 computers suddenly have a corrupt file system. Is anyone else experiencing this?
KB4480960 and KB4480970 causing issues with network shares
Security updates KB4480960 and KB4480970 for Windows 7 SP1 and Windows Server 2008 R2 SP1 released on January 8, 2019 (January's Patch Tuesday) cause network shares to be inaccessible under certain circumstances: The issue is triggered only if the user attempting to make the connection is an administrator on the machine that hosts the Share. If the user is a non-administrative user on the device that hosts the share, the connection works fine. Workaround: If you are facing this issue, follow the
detailed workflow?
i have reviewed the online documents regarding the workflow: https://www.manageengine.com/patch-management/help/patch-management-workflow.html but i am looking for something more detailed. are there other documents that contain more detailed information regarding the entire workflow of the product, including the patch syncing up process from Microsoft to manage engine, then the DB syncs to the on-premises Patch Manager Server to the deployment to the test groups, syncing up with the distribution
Join us for our complimentary US Endpoint Security seminars this March.
With a total of 159,700 cyberattacks, 2017 was a big year in cybersecurity – and 2018 is slated to be even bigger. But, is your enterprise ready? We're going city-to-city to bring you sessions on endpoint management, cyberattack prevention, patch management, asset management, enterprise mobility management, and OS deployment. Hurry up and register right now because we'd hate for you to miss out! Here are reasons why you must be there: Discover the top cybersecurity trends of 2018. Watch demos of
Desktop & Mobile Device Management Software - Manage 50 endpoints for Free!
Hi, ManageEngine's Patch Manager Plus allows you automate the complete patch management life cycle from detection to deployment of patches.Patch management is not the only task for system administrators, what would you do, if you have a need to deploy a software to one of the users? how would you troubleshoot a computer to fix WiFi related issues, or to configure MS Outlook?. Here is our simple solution. ManageEngine's Desktop Central is an integrated desktop and mobile device management software.
any way to update active directory using .Net?
Hello I wanted to know is there any way we can update active directory user details from sql server using vb.net or asp.net? If yes can i have some example links please Thanks I didn't find the right solution from the internet. References https://forums.asp.net/t/2099106.aspx?any+way+to+update+active+directory+using+Net+ 3D Product Marketing Video Examples
Customize Start-Up Page
Hi, is there a way to customize the start-page for patchmanager? I mean the page where you have to type in the login-credentials . Maybe just the company-logo or something like that. Thank you very much. Kind regards, Sören
In-depth training on "Securing your Endpoints using Desktop Central"
Greetings from ManageEngine. The wave of WannaCry ransomware attacks affected a million users in 150 countries, waking up the wider world to the dangers of ransomware. To help your organization prevent future threats, join us for an in-depth training on "Securing your Endpoints using Desktop Central" on May 25th scheduled at 11:30 EDT. Register using this link.
change patch store location
how do i point the patches to a new drive?
windows 10 creatore 1703
all of the users on my network are running windows 10 build 15 and 16 But i need to push build 1703 over the DC Please guide me how o do it ? Thank You and appropriate your prompt reply
Free webinar series: Securing your organization from cyber attacks
Join us for our free two-part webinar series to learn about the tools and techniques you need to secure your organization from cyber attacks. We'll be discussing the two-pronged approach - including both reactive and proactive measures - that'd help you secure your IT against the recently prevalent cyber threats. Register here: http://bit.ly/SecEntIT Part 1: Handling an attack | Thursday, July 20th, 2:30pm IST Part 2: Preventing attacks | Thursday, August 3rd, 2:30pm IST Click here for more details
Server execution failed
I have been trying to apply a number of critical patches to one of our servers but I get a 'Server Execution Failed' message on all of the patches. Is there something I could do to get around this problem?
Patch Manager Plus - empty computer view
Hi! I have a strange situation. Patch view shows 2 updates for 10 computers - computer view is empty. Scan all happened already - all scan was successful. How can I remove this wrong information? (shows updates for Windows 10 1703, while all the computer are on 1709 already.) Also on the tab it is visible 13 missing patches - and it lists only two. Do you know why and how can I get rid of this? All necessary info visible on the screenshots. Thank you!
Product Roadmap.
Is there documentation anywhere outlining what is coming up in the future releases and what the new features are and when they will be available?
February 2018 Patch Tuesday Updates from ManageEngine
Folks, Good Day. A quick update on the Microsoft's February 2018 Patch Tuesday. Microsoft has released a pretty typical lineup this month. All the Operating System updates, Internet Explorer, Flash for IE, Edge, Office and SharePoint are accounted for in February. New Security Bulletins : 2018-02 Security Update for Adobe Flash Player for Windows (KB4074595) 2018-02 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4074587) 2018-02 Security Only Quality Update for Windows 8.1
PMP Installation
How do you change the installation directory? I get no option to change it to where I want it installed e.g. D:
KB4011730 breaks Word 2016!
Issue: After installing the March 13, 2018, update for Word 2016 (KB4011730), you may not be able to open or save Word documents. This issue occurs only for those who receive Office 2016 updates using Windows Installer technology (MSI). If you have a Click-to-Run edition of Office, such as Office 365 Personal, you won't encounter this issue. Workaround for this issue: Microsoft is aware of this issue and working on a fix. In the meantime, you may be able to workaround this issue by installing the March
July 2018 Security and Quality Rollup updates for .NET Framework
Hi, I have been asked to stop this rollup from being released, but I cannot find it in patch manager. Does this mean that you have already stopped it? https://support.microsoft.com/en-gb/help/4345913/access-denied-errors-after-installing-july-2018-security-rollup-update Thanks, Steve.
Fix for Patch Manager Plus server port in use issue
Hello everyone, Greetings from Endpoint management technical support team. A recently released windows patch has some issues which apparently shows ports as occupied when the application server releases its port for a restart. You'll find the known issue note on all the problematic updates as shown below. Known issues in this update Restarting the SQL Service may fail occasionally with the error, “Tcp port is already in use”. This issue is resolved in KB4345459. This has also affected the Desktop
Can't update TightVNC Viewer
Hi! I have problem with updating TightVNC Viewer X64 (2.8.11.0) . The error is: "This installation package could not be opened. Verify that the package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer package." In logs on client PC I see that PMP Agent is trying to install tightvnc-2.8.11-gpl-setup-64bit.msi package, but downloaded package in folder 'Patch' is 307588-tightvnc-2.8.11-gpl-setup-viewer-64bit.msi Could you help with
Next Page