Patching Laptops

So far I've got desktop/LAN devices all set up for wake on lan, along with a detect and deploy schedule, and I'm setting up patching for laptops, but I'm unsure what the best way to go about it is. Basically we have 75 or so users daily that fire up their laptops, launch Citrix Workspace, and use virtual apps via workspace all day. I obviously can't do a straight up deploy as it'll start updating (among other things) Citrix Workspace, and kill their session, so I guess that leaves two options:

Detect, Stage, On Demand Deploy: So I reckon it will download all patches to the device, and then initiate "Must reboot to apply updates" prompts. But, if they ignore the KACE agent prompts and simply shut down at the end of the day, will the patches still get applied? Or get stuck in a sort of staged limbo until they're online again?

Detect and Stage: This option is described as "Scans for compatible patches, and downloads the applicable files to the agent device for later deployment." Would that cause the patches to get applied at shut down? Or it would require a separate "Deploy" schedule to apply them at a later time.

I guess my problem mainly stems from the fact that they're basically logged in to, and actively using, Citrix Workspace from the time their laptop is online until they shut down, so trying to update it at some point is causing me confusion. I'd like to just stage the patches and then when they shut down have them be applied, but I'm not sure that's the case with the patch schedule types listed above. Any insight in to what others are doing in general is appreciated, thanks!

0 Comments   [ + ] Show comments

Answers (1)

Posted by: Nico_K 1 year ago
Red Belt
On Demand Deploy just enables the customer to klick on the KACE Icon and Install the patches until an automatic install is triggered. 
If you only stage the patches they are just prepared but you need to install them anyways (via a separate Deploy or On Demand Deploy)

There is no best practice fitting for all.

What you like "Install at shutdown" is unfortunately not possible.
I would suggest to use an On Demand Deploy and have an aggressive timeout for that but a very liberal reminder setting.
If it is installed and needs a reboot you also should check the default settings, since usually the default setting for "shutdown" is just a sleepmode
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ