Client Automation Standard Practitioners Forum
Showing results for 
Search instead for 
Do you mean 

About new installation of Patch v 3.0

SOLVED
Go to Solution
Super Advisor

About new installation of Patch v 3.0

Dear All,

I have Radia box release 4.2. I'm sure I haven't use the latest patch agent and I already installed it before Patch Manager Installation.

Can somebody give me brief explanation what steps I should do for New installation of Patch Manager when I have patch agent installed on radia clients?
(Assuming database already created) All I know:
1. Export current Patch Manager Domain
2. Run TCL metakit conversion
3. Update Management Portal
4. Import Maintenance Decks
5. Install RPM (Choose New Installation)
6. Migrate Patch Management Agent to version 3.0.
7. Add Method connection
8. Entitle Discover patch to user
9. Notify using dname=patch

Did I missed anything?

Regarding to Patch Manager Version 3.0 Migration Guide.pdf on page 9, I have to run export patch manager domain right? What is this for actually? What happened if I run this step after installation of Patch Manager? (because I did it that way!)

Thanks in advance,
Eric
17 REPLIES
Honored Contributor

Re: About new installation of Patch v 3.0

If you chose Publish and Distribute in your acuqire settings, client updates will be obtained and deployed during the first connect after the acquisition
See page 33 of the RPM Guide.
Super Advisor

Re: About new installation of Patch v 3.0

How about exporting radia domain part, is it okay I do it that way ? (After RPM installation)?

Thanks,
Eric
Honored Contributor

Re: About new installation of Patch v 3.0

I supose.
Not sure what you're trying to accomplish.
Could you use RDCS?
Super Advisor

Re: About new installation of Patch v 3.0

Actually I just need to know whether I have run all Radia Patch Manager 3 installation steps correctly.

I already assign Discover Patch service to one of my client and installed without problem. But there is still no data int "Compliance by Devices" report in Reporting Server.

So I don't know which patches are suitable for my client.

I have finished acquire MS06 and MS05 bulletins.

Thanks,
Eric
Frequent Advisor

Re: About new installation of Patch v 3.0

Hi Eric,

I am in the process of migrating to Patch Manager V3.0 and I would like to share my experience.

Regarding your question on compliance reports (Compliance by Devices), I noticed that the data is collected when the client computer connected to the RCS by its timer. It was explained to me that in RPM 2.01 or higher,device information is stored in different tables.

Regarding the question on PATCHMGR domain, it is explained on page 15 of the RPM V3.0 Migration guide. The existing PATCHMGR domain is deleted and the 3.0 PATCHMGR domain is created and the previously exported data is imported during the install. I used the Migration process, so I am not sure if it is done the same way during a new install.

Regards,
Aysel
Super Advisor

Re: About new installation of Patch v 3.0

Hi Aysel,

Thanks for your share.

What radskman command are u using in order to gather information for Compliance by Devices?

is it like radskman dname=patch,ip=rcsserver,port=3464?

I know about the process on exported PATCHMGR domain during installation, I just wondering why we have to export it, or is it just for backup incase problem happened. What happened if I did export after installation... There is no clue...

I don't see any guide on fresh installation for Patch Mgr 3.0 using Radia release 4.2 (which need some migration steps too). that's why I'm not sure what I have done was right or wrong.

Hope anyone ever done this...

Thanks,
Eric
Frequent Advisor

Re: About new installation of Patch v 3.0

Hi Eric,

The radskman command that I am using is as follows:

RADSKMAN CAT=PROMPT,ULOGON=N,CONTEXT=M,HREBOOT=Y,ASK=Y,MNAME=RADIA,DNAME=PATCH,IP=rcsserver,PORT=3464,UID=$MACHINE,IND=Y,STARTDIR=SYSTEM,RTIMEOUT=36000,LOG=PATCH_CONNECT.LOG,LOGSIZE=2048000,COPY=Y

If you export PATCHMGR after the installation, you will only see what is loaded by default; you lose your own data. It happened to me during installation on a Tier-2 RCS. I synchronized the Tier-2 DB from the Tier-1 RCS server (I installed the components on Tier-1 first). It is much quicker and practical if you first export and then have it imported by the installation program. I don't know if you get the same result if you import data manually after the install. There are some changes in the domain structure as I understood from the migration document. It is kind of trial and error in a test environment.

Unfortunately, I have the same feelings about the documentation.

Best regards,
Aysel
Super Advisor

Re: About new installation of Patch v 3.0

Hi Aysel,

I tried to run notify using similiar radskman parameter as yours and the agent still haven't report it to database.

Anyway we just have to connect 1 service (Discover Patch Service) to our client in order to gather compliance data right?

Hmm think I have lost my data then. Anyway I haven't touch/modify PATCHMGR domain before installation of Patch Manager. What kind of data I have lost actually? Is it like acquired patch?

Thanks,
Eric
Frequent Advisor

Re: About new installation of Patch v 3.0

Hi Eric,

The patches you acquire are stored in the PATCHMGR domain. May be an HP Radia expert can give more details about it.

Regards,
Aysel
Honored Contributor

Re: About new installation of Patch v 3.0

The RPM UI and logs are pretty good about telling you what was acquired and the success of the sync process.
You should be able to see the information via RRS too.
If you issue is that a client isn't reporting compliance then review the client connect log.
RPM only reports vulnerabilities for the Products of which you have Patches acquired.
I suspect that your client does not have any qualifying applications.
Super Advisor

Re: About new installation of Patch v 3.0

I Think so, the problem comes from client.

Maybe the client failed to get patch list. I'll post the log soon after I get into the machine later.

I'm using COP and Co-Located proxy. Think there will be extra setup for Patch Management.

I'll check again later...

Thanks,
Eric
Super Advisor

Re: About new installation of Patch v 3.0

Hi guys,

Can u please analyze me connect.log on 4th May?

I found so many errors. client cannot get the patch.

If I need do extra setup to my server, please point me to the guide... because I'm using Co-Lo proxy and COP..

Thanks,
Eric
Super Advisor

Re: About new installation of Patch v 3.0

Hi guys,

Can u please analyze me connect.log on 4th May?

I found so many errors. client cannot get the patch.

If I need do extra setup to my server, please point me to the guide... because I'm using Co-Lo proxy and COP..

Thanks,
Eric
Honored Contributor

Re: About new installation of Patch v 3.0

Hi Eric,

Check the RCS logs if it went down, as u'r connect.log says.Co-loacted Configuration is fine.

If patch reports are not getting reported then check the RMS config also. Which version of RMS have you configured..

Biju
Super Advisor

Re: About new installation of Patch v 3.0

Hi Biju,

rcs works fine on 4th may. I'm using RMS which bundled in RADRPMWIN32_00008.zip. I'll check with patch folder again.

There are a lot of message simliar with this:

20060504 18:51:09 Warning: Cannot fetch instance: PRIMARY.PATCHMGR.PATCH.*_AA13B89DE941_*

what does this mean?



Thanks,
Eric
Honored Contributor

Re: About new installation of Patch v 3.0

Eric,
Let's start with the most significent error, the 200 error indicates that the client could not contact the RCS.
This indicates that your COP/SAP instances are incorrect:
-! [EC(00F3E220)]: Manager has rejected logon (i219)
NVD000001W [zstart_communic] 13:17:48 [RADCONCT / 00000868] SYSTEM --? Failed to connect to [tcp:10.10.10.125:3461] SAP [RADIA_DEFAULT]
NVD111111V [start_Communica] 13:17:48 [RADCONCT / 00000868] SYSTEM --- ERROR CONNECTING TO THE CONFIGURATION SERVER
NVD111111V [RADCONCT ] 13:17:48 [RADCONCT / 00000868] SYSTEM --- RADCONCT exit status [200]
Super Advisor

Re: About new installation of Patch v 3.0

Hi Roy,

I just realized that there is connection problem after I attached this log and read it. So the latest line of log isn't valid.

The latest normal connect was on 4th.


Hi Biju,

I think u right. I haven't configure my rms DSN for patch correctly. now I can see the report and deploy patch!.

Thanks a lot,
Eric
//Add this to "OnDomLoad" event