This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Solarwinds Patch Manager Installing & Configuring

Hello everyone,

I'm new with SPM and I am a bit lost on setting thing.

So, my goal is to have SPM configured so I can do OS Patching on my domain.

I already have WSUS configured, and I am able to sync the updates and no further configs done in WSUS.

I also have installed SPM  and now I would like to populate with servers so I can start patching them.

And now I am a bit lost on what I need to do regarding configurations I have to do.

Can anyone suggest me a tutorial with a step-by-step?

Thanks,

Rui

  • Hi Rui,

    I'd recommend following the steps outlined under 'Configure your Patch Manager environment' here. Assuming you have machines reporting into your WSUS, the workflow will involve adding the WSUS Server to the Patch Manager console, setting up a credential ring, generating a publishing certificate, applying that cert your machines and finally configure group policy to enable third party updates/allow signed content. The link above provides all the steps necessary for each stage.

    Once that it set up you can then begin to publish third party updates to WSUS, run patching tasks, etc. Any issues or questions, just let me know!

  • Hi Jhynds,

    Thanks for the tip.

    I have a doubt when we deploy and update, if we have a maintenance windows from 11pm to 9am, if the task is still running by 8:59am will it stop at 9am and restart again by 11pm?

    Thanks,

  • I am working on setting up Patch Manager and was wondering - do I need WSUS setup and configured or can I do this all at once via Patch Manager?  I am setting up WSUS and Patch Manager from scratch in a lab environment for testing. Thanks!

  • Hi Dave,

    As part of the Patch Manager installation, you are asked if you want to supply your own WSUS Server or configure a new WSUS. If you don't have an existing WSUS configured, Patch Manager will install the WSUS Server Role as part of the installation so you can configure both at the same time. Once the installation is complete, you'd need to ensure that clients are reporting into WSUS (by configuring the Windows Update group policy to point to the WSUS/Patch server).

  • Patch Manager is essentially just built on top of the existing WSUS functionality inside Windows. Whenever you ask "what will Patch Manager do in this scenario" then you really just need to find out how Windows normally does that without PM, the answer will in almost all cases be that PM does it the same as WSUS does.

    So with that said, WSUS does not normally abort an upgrade in progress, they will plow on until they are done.  If a system didn't manage to get all the upgrades done then at the next interval it would still show as needing to be installed and should make an effort to get it done, but WSUS is pretty cavalier about maintenance windows in general, it does what it wants and if you don't catch the patch this time they figure they'll get it next time.  Can be frustrating ,but Microsoft designed it to work in a world where systems may or may not be connected to the WSUS server regularly, and download speeds may be terrible, so they went for what they thought was a slow and steady approach to deploying patches.

  • Thanks!  I was not sure if Patch Manager just needed WSUS to run or if it had to be configured first then Patch Manager made things easier. emoticons_happy.png I setup WSUS yesterday and let things cook overnight so I would have some nodes.  I planned on installing Patch Manager on the WSUS server in the lab due to space so I hope this will not cause issues.  When we go to set this up for the production environment we will be doing separate servers.  I am sure I will have more questions as things roll. Thanks! -Dave