K1000 Patching a New Machine
We have recently implemented the patching section of our KACE appliance. All appears to be OK so far - but the question I have is relating to new OS deployments. Our current build process is done in the following way:
- Machines are pre-created in Active Directory and placed into security groups for Applications required (e.g. MI-SOE installs standard software, MI-MS Project installs Project 2010 .etc)
- K2000 Deploys Windows 7 SP1 x86 or x64
- K2000 Renames based on K1000 asset, joins to domain
- K2000 installs/configures Timezone, Virtual Memory, Registry, K1000 Agent, Remote control software, restarts
- K1000 picks up as new machine based on K2000 marker file
- Managed Installation groups installs required software based on groups
- Machine is configured and delivered to user
I want to add my OS/App patching into the mix - but as far as I can see there is no way to "trigger" the patch deployments from the client side.
Is this correct? How can I ensure that this happens at build time?
Any suggestions are welcome - I want to ensure that the machine is patched before delivering to the client.
<3 KACE ;)
Thanks guys. I took the approach of having an aggressive patching cycle. Basically my K2000 drops a kace.new file on the system and the K1000 reads the timestamp on it and aggressively patches based on the that file being less than 12 hours long.