Help

Should i use multiple patch policies for different Software Versions or is reusing one ok?

mallej
New Contributor III

Posted on ‎03-20-2018 01:37 AM

We are using Patch Management in Jamf 10 for some time now and when a new Software Version is ready i only change the TARGET VERSION / Version to deploy and reuse the same Patch Policy. That seems to work fine, even the logs are useable. I wonder if there are any advantages and disadvantages compared to make a new Patch Policy for every new Software Version. How are you using Patch Policies?
3c2d4af57b0746548d139c353a7a89e9

0 Kudos
3 REPLIES 3

remyb
Contributor

Posted on ‎03-20-2018 02:08 AM

We're making a new policy for each version, and it automatically scopes out the 'old' patch policy when the new one gets deployed. But this is an interesting question, I'm also curious as to how this is used by the rest you!

0 Kudos

crbeck
Contributor

Posted on ‎03-20-2018 05:19 AM

I always just change the target version. I have 2 policies per patch software, one for staff in Self Service with notifications and potentially deadlines to install, and one for lab machines which I just set to Install Automatically but I don't change the version until after school on Fridays. I guess I never considered if there would be a benefit to making a new policy since the existing seems to work just fine and the logs do what I expect, but it's kinda nice to not have to re-do scope or user interaction pieces.

0 Kudos

sam_g
Contributor
Contributor

Posted on ‎03-20-2018 06:15 AM

I've been wondering the same thing myself. I wonder what Jamf considers best practice. It's probably "cleaner" to make a new policy each time, but then you have to deal with either deleting the old policy or scoping it out somehow. I've been just updating the current policy with the newest target version, and that works well enough, but I feel like it screws up some of the reporting until all the clients check in again.

0 Kudos