Initial Update

Patch Mgmt > Initial Update

Initial Update is a one-time processing of all approved Microsoft patches applicable to a managed machine based on Patch Policy. Initial Update ignores the Reboot Action policy and reboots the managed machine without warning the user as often as necessary until the machine has been brought up to the latest patch level. Initial Update should only be performed during non-business hours and is typically performed on newly added machines. See Methods of Updating Patches, Configuring Patch Management, Patch Processing, Update Classification and Patch Failure for a general description of patch management.

Note: The agent for the KServer is not displayed on this page. Initial Update cannot be used on the KServer.

Patch Update Order

Service packs and patches are installed in the following order:

1. Windows Installer
2. OS related service packs
3. OS update rollups
4. OS critical updates
5. OS non-critical updates
6. OS security updates
7. Office service packs
8. Office update rollups
9. All remaining Office updates

Note: Reboots are forced after each upgrade, service pack and at the end of each patch group without warning. This is necessary to permit the re-scan and installation of the subsequent groups of patches.

Scripting

Scripts can be configured to be executed just before an Initial Update begins and/or after completion. For example, you can run scripts to automate the preparation and setup of newly added machines before or after Initial Update. Use Patch Mgmt > Pre/Post Script to configure these scripts on a per-machine basis.

Schedule

Click Schedule to schedule this task on selected machine IDs using the schedule options previously selected.

Cancel

Click Cancel to cancel execution of this task on selected managed machines.

Stagger by

You can distribute the load on your network by staggering this task. If you set this parameter to 5 minutes, then the task on each machine ID is staggered by 5 minutes. For example, machine 1 runs at 10:00, machine 2 runs at 10:05, machine 3 runs at 10:10, ...

Select All/Unselect All

Click the Select All link to check all rows on the page. Click the Unselect All link to uncheck all rows on the page.

Check-in status

These icons indicate the agent check-in status of each managed machine:

Agent has checked in

Agent has checked in and user is logged on. Tool tip lists the logon name.

Agent has not recently checked in

Agent has never checked in

Online but waiting for first audit to complete

The agent is online but remote control is disabled

The agent has been suspended

Machine.Group ID

The list of Machine ID.Group IDs displayed is based on the Machine ID / Group ID filter and the machine groups the administrator is authorized to see using System > Group Access.

Note: Displays the following message if applicable: Not a member of a Patch Policy - All missing patches will be installed!

Scheduled

This timestamp shows the scheduled Initial Update.

Updated

If checked, an Initial Update has been performed successfully on the machine ID. This timestamp shows when the Status being reported was completed.

Status

During processing, the Status column displays the following types of messages, if applicable:

• Started
• Processing Windows Installer
• Processing operating system service packs
• Processing operating system update rollups
• Processing operating system critical updates
• Processing operating system non-critical updates
• Processing operating system security updates
• Processing Office service packs
• Processing Office update rollups
• Processing Office updates

When all processing has been completed, the Status column displays either:

• Completed - fully patched
• Completed - remaining patches require manual processing

If the latter status displays, select the appropriate machine ID in Patch Mgmt > Machine Update to determine why all patches were not applied. Some patches might require manual install or for the user to be logged in. In the case of patch failures, manually schedule failed patches to be reapplied. Due to occasional conflicts between patches resulting from not rebooting after each individual patch, simply reapplying the patches typically resolves the failures.

Topic 2183: Send Feedback. Download a PDF of this online book from the first topic in the table of contents.