We deploy the Secunia patches as part of our OSD process and our monthly workstation patching cycle. I'll be honest I haven't run into a instance where I needed to close an app before I installed a patch.
Thanks, Mike From: [email protected] [mailto:[email protected]] On Behalf Of Kevin Johnston Sent: Thursday, June 26, 2014 7:31 AM To: '[email protected]' Subject: [mssms] RE: SUG deployed during OSD I will give that a read. We bought it in January, and I have just started to actually use it (has not been a priority to learn it and make it part of our environment) Do you both deploy the Secunia patches during OSD and during regular patching or deployments? I would be curious to know how you tackle some of the challenges with Apps needing to close before the patching happens, etc.. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael Gouldthorp Sent: Thursday, June 26, 2014 8:14 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: SUG deployed during OSD Check out the following blog post. http://ccmexec.com/2011/06/system-center-updates-publisher-and-osd/ I use Secunia as well and this enabled me to deploy 3rd party patches to software that is installed during the OSD process. How long have you been using Secunia? Thanks, Mike From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kevin Johnston Sent: Wednesday, June 25, 2014 11:29 PM To: '[email protected]' Subject: [mssms] SUG deployed during OSD I am having trouble wrapping my head around why this is not working. I use Secunia to download my application packs(Adobe Reader, java, flash...) So I create a SUG with the file. It is on my DPs, etc... I have it pointing to my Unknown Computers Collection (as that is how where the computers starts off). In my TS the windows updates is set to Install Software Updates. After reading this: http://ccmexec.com/2014/04/software-updates-os-deployment-and-unknown-computers/ It got me thinking that it might be because the SUG was set to Available. So I changed it to Required and then added another Install updates Sequence and set it to Mandatory hoping that it will now install, but it does not. What I think may be the issue is that the machine is getting moved from Unknown collection to the All Systems collection once it is joined to the domain so maybe I am putting it in the wrong place as I do not want to deploy a java update to the All systems collection. As referred to in the link I deploy my windows updates to a workstation Collection but I do not want a java update to be deployed to everyone either... so I know I am missing one key piece, I just can't figure it out. Maybe if there was a way to move this computer to a collection that I can then deploy these updates to (while the machine is not logged in) but still during the deployment. Thanks, Kevin
