Patching - Detect schedule is detecting more then just whats in the patching label.
05/23/2017 844 views
I am running into an issue where when I run a detect only for specific vendor patches, it also detects other vendor updates such as FireFox or Windows updates. We specifically want to control what updates are downloaded and then replicated to our 26 site replicas to control disk space on the local servers. We are subscribed to a small amount of vendors included Adobe, Oracle, FireFox, Google etc, but we specifically are NOT subscribed to Microsoft as we use WSUS for these types or updates.
Here is my setup and was wondering if we are doing something wrong or if others have seen similar behavior.
I created 1 detect schedules (for both Flash and Java only) and created 2 separate deployment schedules (one for Flash and one for Java) for deploying that run the following day. I also have created labels for Java Critical updates and Flash Critical updates that just look for Active Critical updates for each product. The labels properly display about 2-3 critical patches. So my understanding is this should only detect if a machine has any Adobe flash or Java Critical updates needed\missing and pull the new patches from the catalog, if not already downloaded. But we continue to see when we add a new site (group of workstation) to the detect schedule, its detecting other updates which then in return are replicated to All sites per our replication schedule which run after hours. We are trying to limit the patches that are replicated and have only started to use patching for the smaller programs that tend to get updates on a frequent bases. .
Is this the expected behavior during any detect schedule even if you use a label to determining which patches you are looking to detect? Or is there a configuration steps I am missing? We only want to detect and then replicate Flash and Java updates at this time.
Anyone else see this behavior or have any suggestions?