OS Patching with K1000
So we are starting to use the K1000 to patch our servers. Initially we just want to apply critical OS patches.
My problem is that OS as a category is not granular enough and includes SQL, Exchange, Office, Sharepoint. (Found this out during our TEST environment patching)
So I have tried two ways to try to exclude those patches:
1. Smart label for those apps I want to exclude, then the last line, for patch label names not equal to BLOCKED.
2. Static label for those apps I want to exclude, then the same last line (in case of some weird smart label issue).
Then I load the Critical_OS_Servers patch label and search the the patches to find it does not exclude those. They still show in the list and I do not want to arbitrarily patch my live Exchange against our BES without some more planning.
Any tips to get this working properly? Thanks in advance.
EDIT: Thanks, I spoke to support and found simple labels are far better to narrow down what I want.
For those interested, we are trying to do security patches for OS.
Publisher = Microsoft
Severity is Critical
Operating System is Win 2K8.R2
Name contains Windows Server
Doing one for each OS and applying to patch schedules as needed.