Good day everyone,

We are testing patching using the K1000 in our company.

For testing purposes I have created simply a detect schedule to run on a single computer every hour. However it doesn't seem be very punctual as per the schedule. Is there any way to force the detect to be run and also force the deploy to run provided there are patched ready for deployment?

0 Comments   [ + ] Show Comments


Please log in to comment

Community Chosen Answer

The short answer is sort of.  You can force a detect/deploy schedule to be run manually.

The long answer:  A detect and deploy schedule isn't quite that simple.

A detect runs based on the patch signatures that the K1000 has previously downloaded.  Once that has run, patches need to be downloaded based on the detect results.  This is download is a separate schedule from patching.

Once the patches are downloaded, they are deployed the next time the patch schedule runs.

So, if the patch schedule only runs once a week, it will take a minimum of two weeks to deploy.

Does that make sense?
Answered 05/25/2015 by: jknox
Red Belt

  • Thank you for taking the time to respond.
    What you stated makes sense to me.

    We have a Detect All running against all our client machines so the K1000 box has up-to-date patches downloaded and ready to deploy.

    However, before we start patching to all our clients, we are required to determine how it will it impact users. We started testing with Java 8u40 to patch to 8u45. Once Java 8u40 was installed, we wanted to force to detect so that the K1000 will know that our test machine needs that patch and so deploy it on the next Java deploy schedule. Unfortunately, we have not been able to trigger the detect so our testing is slow as we have to wait overnight for the detect to be run. Our detect schedule is configure to run every hour but it doesn't seem to detect during the day despite that.
    • Are you using Labels for your Detect Patches or "All Patches"?
      • We're using labels.
      • Is the Java 8 Update 45 patch Active and appearing in your label?
      • It is, along with Jave 7 Update 80
      • Not sure what to check beyond that. I will say that i scrapped patching Java and started updated via MI (using .bat file) and Labels and have had no problems. I do still patch some other apps so you certainly want to get the issues resolved.
      • Maybe I will investigate the MI option as well.
        I appreciate your feedback rockhead
      • No problem. Lots of info on here about deploying Java via MI with a batch file.
Please log in to comment


You can use a detect and deploy schedule but it runs a continuous detect and deploy cycle until all patches are deployed (detect, patch reboot, detect, patch, reboot, etc). In my case I have separate detect and deploy schedules so I can run one round...
Answered 05/26/2015 by: jegolf
Red Belt

  • Thank you for responding. We too also decided on separate detect and deploy schedules for when we roll this out. However, for our testing, we have been unable to force a detect.
    • What happens on your detect schedule when you target your machines and choose "save and run now"?
      • I have two test machines and nothing would happen if choose "Save and Run Now". Nothing. Zip.Nada
        It just sits there and I swear I it is laughing at me.

Please log in to comment
Answer this question or Comment on this question for clarity
Nine Simple (but Critical) Tips for Effective Patch Management
This paper reviews nine simple tips that can make patch management simpler, more effective and less expensive.