Step by step Procedure for UPM patch deployment.

book

Article ID: 52542

calendar_today

Updated On:

Products

CA Automation Suite for Data Centers - Configuration Automation CA Client Automation - Asset Management CA Client Automation - IT Client Manager CA Client Automation CA Client Automation - Remote Control CA Client Automation - Asset Intelligence CA Client Automation - Desktop Migration Manager CA Client Automation - Patch Manager

Issue/Introduction

This documentation outlines the steps for downloading a UPM patch and the creation of a DSM Policy for automatic deployment of the patch to 'All computers'.

  1. In the UPM console, click on the 'Patches' tab and look for the desired patch ("CA - Windows 2003 Post SP2 EN 32Bit x86 - FULL Security Rollup v0909.00" in this example). The status of the patch is "Pending User Acceptance".

    2. <Please see attached file for image>

    Figure 1
    Fig. 1

  2. Select the patch and choose 'Accept' in the list box. Click GO.

    3. <Please see attached file for image>

    Figure 2
    Fig. 2

  3. The status of the patch is set to 'Accepted' and then 'Packaging'. The patch is then downloaded, which could take several minutes depending on the size of the patch. For a patch like ? Full Security Rollup ?, the download time is quite long since multiple patches are downloaded.

    4. <Please see attached file for image>

    Figure 3
    Fig. 3

  4. Once the patch download completes, the status is set to ? Testing ?.

    5. <Please see attached file for image>

    Figure 4
    Fig. 4

  5. In the DSM Explorer, the package appears under "Software/Software Package Library/Unicenter Patch Management Packages".

    6. <Please see attached file for image>

    Figure 5
    Fig. 5

  6. Under ? All Computers and Users/Unicenter Patch Management Groups ? 3 dynamic groups are created: 
    UPM Patch Found - CA - Windows 2003 Post SP2 EN 32Bit x86 - FULL Security Rollup v0909.00 - ...UPM Patch Not Found - CA - Windows 2003 Post SP2 EN 32Bit x86 - FULL Security Rollup v0909.00 - ...UPM Patch Pending Requirements - CA - Windows 2003 Post SP2 EN 32Bit x86 - FULL Security Rollup v0909.00 ...

    <Please see attached file for image>

    Figure 6
    Fig. 6

    UPM Patch Found: contains all machines which are the patch already installed.UPM Patch Not Found: contains all machines which have not the patch installed.UPM Patch Pending Requirements: contains all machines which have not yet the prerequisites of the patch.
  7. You could "drag & drop" the package on the group ? UPM Patch Not Found ? in order to install the patch on all machines which need it. This is a manual operation and is necessary if new machines come up in the group ? UPM Patch Not Found... ?
    This can be automated using a ? Patch Policy ?.
  8. For a patch policy, the patch should be in status ? Approved ? in the UPM console:

    9. <Please see attached file for image>

    Figure 7
    Fig. 7

  9. In the UPM console, go to the 'Policies' tab and click on the 'ADD' button. Enter the desired name for the policy (Ex : Security Rollup Sep 2009 - W2K3) and click on the 'Select' button.

    10. <Please see attached file for image>

    Figure 8
    Fig. 8

  10. Click on the GO button. The list of patches in status ? Approved? is displayed.

    11. <Please see attached file for image>

    Figure 9
    Fig. 9

  11. Select the software linked to the patch and click OK. The ? Policy Detail ? windows appears:

    12. <Please see attached file for image>

    Figure 10
    Fig. 10

  12. Click on the link ? Patches ? in the left pane and click on the 'ADD' button. The list of patches with status ? Approved ? is displayed. Select the patch and click OK (? Add and select more ? button could also be clicked if others patches need to be added).

    13. <Please see attached file for image>

    Figure 11
    Fig. 11

  13. Click OK. The page ? Policy Detail ? appears with the selected patch.

    14. <Please see attached file for image>

    Figure 12
    Fig. 12

  14. Select the ? Targets ? link in the left pane. Select ? All Targets ? and click on the arrow icon in order to move ? All Targets ? group to the right list box.

    15. <Please see attached file for image>

    Figure 13
    Fig. 13

  15. Under the ? Deployment Options ? link in the left pane, it is possible to modify the default parameters for the policy.
    Click OK.

    16. <Please see attached file for image>

    Figure 14
    Fig. 14

  16. The status of the patch is set to ? Building ?. After some time, the policy is created and evaluated.

    17. <Please see attached file for image>

    Figure 15
    Fig. 15

  17. In the DSM Explorer, under ? Policies/Software Based ? the new policy appears:
    UPM - Security Rollup Sep 2009 - W2K3 -... ? This policy contains a job corresponding to the patch.

    18. <Please see attached file for image>

    Figure 16
    Fig. 16

  18. By default the policy is evaluated every 24 hours and a job container is automatically created and evaluated with all the violating machines. After every 24 hours a SD job will be sent to all machines which do not have patch installed.

Environment

Release:
Component: UNIPTM

Attachments

1558721168910000052542_sktwi1f5rjvs16vz3.gif get_app
1558721166993000052542_sktwi1f5rjvs16vz2.gif get_app
1558721165103000052542_sktwi1f5rjvs16vz1.gif get_app
1558721163124000052542_sktwi1f5rjvs16vz0.gif get_app
1558721161104000052542_sktwi1f5rjvs16vyz.gif get_app
1558721158440000052542_sktwi1f5rjvs16vyy.gif get_app
1558721156497000052542_sktwi1f5rjvs16vyx.gif get_app
1558721154660000052542_sktwi1f5rjvs16vyw.gif get_app
1558721152761000052542_sktwi1f5rjvs16vyv.gif get_app
1558721150941000052542_sktwi1f5rjvs16vyu.gif get_app
1558721149177000052542_sktwi1f5rjvs16vyt.gif get_app
1558721147114000052542_sktwi1f5rjvs16vys.gif get_app
1558721145265000052542_sktwi1f5rjvs16vyr.gif get_app
1558721143094000052542_sktwi1f5rjvs16vyq.gif get_app
1558721141153000052542_sktwi1f5rjvs16vyp.gif get_app
1558721139301000052542_sktwi1f5rjvs16vyo.gif get_app
Powered by Wolken Software