Client Automation - How to avoid automatic distribution of Patch Management patch from Enterprise to Domain Manager ?
Article ID: 207534
Updated On:
Products
Issue/Introduction
On Enterprise Server, when a Patch is accepted in Patch Management it is automatically downloaded, regisered in ITCM and distributed to all Domain Managers linked to Enterprise.
How to avoid this automatic distribution of SD package ?
Environment
Client Automation - All Versions
Resolution
1- On Enterprise server, create a new local Windows user (ex: PMUSER)
This user should not belong to Administrators group.
2- In DSM GUI, go under Security - Security Profiles
Click Add button and add the user created in step 1
3- Give it Full Control permissions on all class except for
Software Distribution Container and Software Distributions where we give Read permissions
4- In DSM GUI, connect with new created user to initiliaze it in ITCM database and check that all is ok.
5- On Windows folder C:\Program Files (x86)\CA\DSM\SD\ASM\LIBRARY add user IUSR in Security with Full Control
6- Open DSM Web Console, go in Patch Management - Administration - Manager
And put the user created in step 1 in User Name field :
Example : winnt://JY-W2K16-ES/pmuser
Click on Save button
7- Recycle tomcat
UPDATE ca_install_package
SET status=9
WHERE ipkg_name = 'Windows Malicious Software Removal Tool x86 - January 2021 (KB890830)' and status=8
Feedback
