My users are expressing conflicts with the current patching schedule. The numerous installs and required reboots are interfering with other operations. Is there a way to run a Detect, then download patches to machines without an immediate install? If so I could schedule an install process at a later time that would be convenient for everyone. I'm wanting to speed up my Deploy process to minimize my window of impact. Thanks for the help.  
0 Comments   [ - ] Hide Comments


Please log in to comment

Answer this question or Comment on this question for clarity


We have separate detect and deploy schedules. The detect schedule is completely silent and runs in the morning and the deploy schedule runs in the evening and prompts the user to start patching and to reboot when complete. Note that the only disadvantage to this setup is that if KACE can't combine updates that require restarts the computer will only install some of them. This can lead to some machines getting behind in patches if they would normally require several restarts. When Microsoft only releases patches once a month our machines would normally catch up before the next set of patches rolled out.
Answered 10/27/2016 by: chucksteel
Red Belt

  • Chuck, thanks for the time that you guys put into this. We really appreciate it. I do have separate Detect and Deploy times. We run a Detect every Tuesday and then patching is done Wednesday evening. 318 machines are split into four labels. Each label gets touched once a month. Initially I was getting Suspended errors so I lengthened the run time. Now I'm getting Handshake Failed errors and Log Upload Failed errors and general timeout Error messages. Recently I had users working late on an emergency project and they ignored the two prompts for a reboot and machines started shutting down. Instead of meeting with IT they went straight to the top. Now I'm catching the fallout from that.
Please log in to comment
Nine Simple (but Critical) Tips for Effective Patch Management
This paper reviews nine simple tips that can make patch management simpler, more effective and less expensive.