Installation guide
Table Of Contents
- VMware vCenter Configuration Manager Administration Guide
- Contents
- About This Book
- Getting Started with VCM
- Installing and Getting Started with VCM Tools
- Configuring VMware Cloud Infrastructure
- Virtual Environments Configuration
- Configure Virtual Environments Collections
- Configure Managing Agent Machines for Virtual Environment Management
- Obtain the SSL Certificate Thumbprint
- Configure vCenter Server Data Collections
- Configure vCenter Server Virtual Machine Collections
- Configure vCloud Director Collections
- Configure vCloud Director vApp Virtual Machines Collections
- Configure vShield Manager Collections
- Configure ESX Service Console OS Collections
- Configure the vSphere Client VCM Plug-In
- Running Compliance for the VMware Cloud Infrastructure
- Create and Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Rule Groups
- Create and Test Virtual Environment Compliance Rules
- Create and Test Virtual Environment Compliance Filters
- Preview Virtual Environment Compliance Rule Groups
- Create Virtual Environment Compliance Templates
- Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Exceptions
- Resolve Noncompliant Virtual Environments Template Results
- Configure Alerts and Schedule Virtual Environment Compliance Runs
- Configuring vCenter Operations Manager Integration
- Auditing Security Changes in Your Environment
- Configuring Windows Machines
- Configure Windows Machines
- Windows Collection Results
- Getting Started with Windows Custom Information
- Prerequisites to Collect Windows Custom Information
- Using PowerShell Scripts for WCI Collections
- Windows Custom Information Change Management
- Collecting Windows Custom Information
- Create Your Own WCI PowerShell Collection Script
- Verify that Your Custom PowerShell Script is Valid
- Install PowerShell
- Collect Windows Custom Information Data
- Run the Script-Based Collection Filter
- View Windows Custom Information Job Status Details
- Windows Custom Information Collection Results
- Run Windows Custom Information Reports
- Troubleshooting Custom PowerShell Scripts
- Configuring Linux, UNIX, and Mac OS X Machines
- Linux, UNIX, and Mac OS X Machine Management
- Linux, UNIX, or Mac OS X Installation Credentials
- Configure Collections from Linux, UNIX, and Mac OS X Machines
- Configure Installation Delegate Machines to Install Linux, UNIX, and Mac OS X...
- Configure the HTTPS Bypass Setting for Linux Agent Installations
- Enable Linux, UNIX, and Mac OS X Agent Installation
- Add and License Linux, UNIX, and Mac OS X Machines for Agent Installation
- Install the VCM Agent on Linux, UNIX, and Mac OS X Operating Systems
- Collect Linux, UNIX, and Mac OS X Data
- Linux, UNIX, and Mac OS X Collection Results
- Configure Scheduled Linux, UNIX, and Mac OS X Collections
- Patching Managed Machines
- Patch Assessment and Deployment
- Prerequisite Tasks and Requirements
- Manually Patching Managed Machines
- Getting Started with VCM Manual Patching
- Configuring An Automated Patch Deployment Environment
- Deploying Patches with Automated Patch Assessment and Deployment
- Configure VCM for Automatic Event-Driven Patch Assessment and Deployment
- Generate a Patch Assessment Template
- Run a Patch Assessment on Managed Machines
- Add Exceptions for Patching Managed Machines
- Configure the VCM Administration Settings
- Generate a Patch Deployment Mapping
- Configure VCM for Automatic Scheduled Patch Assessment and Deployment
- How the Linux and UNIX Patch Staging Works
- How the Linux and UNIX Patching Job Chain Works
- How the Deploy Action Works
- Patch Deployment Wizards
- Running Patching Reports
- Running and Enforcing Compliance
- Provisioning Physical or Virtual Machine Operating Systems
- Provisioning Software on Managed Machines
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Configuring Active Directory Environments
- Configuring Remote Machines
- Tracking Unmanaged Hardware and Software Asset Data
- Managing Changes with Service Desk Integration
- Index
What to do next
Use filter sets to collect data from Windows managed machines. See "Collect Data from Windows
Machines by Using the VCM Patching Filter Sets" on page 153.
Collect Data from Windows Machines by Using the VCM Patching Filter Sets
To obtain the current patch status of Windows managed machines, collect patch data from those machines.
VCM requires that you collect current information about the File System, Hotfixes, Registry, and Services
Windows data types.
After the patch deployment, collect patch data again from the managed machines.
Procedure
1. On the toolbar, click Collect.
2. Select the Windows machines from which to collect data.
3. Click Select a Collection Filter Set to apply to these machines and click Next.
4. Select the Patching - Windows Security Bulletins filter set and click Next.
This filter set gathers information for all available Windows security bulletins that you can use to patch
Windows machines. Select any monthly filter set to filter the bulletins released in a particular month.
5. If no conflicts appear, click Finish to begin the collection.
If problems occur during data collection when you use the VCM patching filter sets and the default
Network Authority Account, either give the account access to the Windows servers, or use a separate
Network Authority Account for these machines. For more information, see Default Network
Authority Account .
What to do next
Use a patching assessment template to assess the patching state of managed machines. See "Assess
Windows Machines" on page 153.
Assess Windows Machines
To assess the patch status of Windows machines, use a patching assessment template. After you deploy
patches to managed machines and collect updated patch data, run another patch assessment to assess the
updated patch status of Windows machines.
Because the assessment is run only against data in the VCM database, you must collect patching data from
managed machines before and after you run an assessment. When run, the assessment template checks
the data collected from managed machines to verify whether the patches that the bulletins reference must
be installed on those machines. For example, a template might contain all bulletins related to Internet
Explorer 9 to ensure that all of the installed instances have the latest security fixes.
The patch assessment checks all of the managed machines in the active machine group. A patch
deployment applies only to the machines in the machine group that are managed by VCM.
You can create an assessment template based on bulletins or affected software products, or by importing a
text file that lists machines that require a particular patch or that lists machine and patch pairs. This
procedure generates an assessment template based on bulletins.
Prerequisites
Review the collected patching data and determine which managed machines must be patched.
Patching Managed Machines
VMware, Inc.
153