Installation guide
Table Of Contents
- VMware vCenter Configuration ManagerAdministration Guide
- About This Book
- Getting Started with VCM
- Installing and Getting Started with VCM Tools
- Configuring VMware Cloud Infrastructure
- Virtual Environments Configuration
- Configure Virtual Environments Collections
- Configure Managing Agent Machines
- Obtain the SSL Certificate Thumbprint
- Configure vCenter Server Data Collections
- Configure vCenter Server Virtual Machine Collections
- Configure vCloud Director Collections
- Configure vCloud Director vApp Virtual Machines Collections
- Configure vShield Manager Collections
- Configure ESX Service Console OS Collections
- Configure the vSphere Client VCM Plug-In
- Running Compliance for the VMware Cloud Infrastructure
- Create and Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Rule Groups
- Create and Test Virtual Environment Compliance Rules
- Create and Test Virtual Environment Compliance Filters
- Preview Virtual Environment Compliance Rule Groups
- Create Virtual Environment Compliance Templates
- Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Exceptions
- Configuring vCenter Operations Manager Integration
- Auditing Security Changes in Your Environment
- Configuring Windows Machines
- Verify Available Domains
- Check the Network Authority
- Assign Network Authority Accounts
- Discover Windows Machines
- License Windows Machines
- Disable User Account Control for VCM Agent Installation
- Install the VCM Windows Agent on Your Windows Machines
- Enable UAC After VCM Agent Installation
- Collect Windows Data
- Windows Collection Results
- Getting Started with Windows Custom Information
- Prerequisites to Collect Windows Custom Information
- Using PowerShell Scripts for WCI Collections
- Windows Custom Information Change Management
- Collecting Windows Custom Information
- Create Your Own WCI PowerShell Collection Script
- Verify that Your Custom PowerShell Script is Valid
- Install PowerShell
- Collect Windows Custom Information Data
- Run the Script-Based Collection Filter
- View Windows Custom Information Job Status Details
- Windows Custom Information Collection Results
- Run Windows Custom Information Reports
- Troubleshooting Custom PowerShell Scripts
- Configuring Linux and UNIX Machines
- Configuring Mac OS X Machines
- Patching Managed Machines
- VCM Patching for Windows Machines
- VCM Patching for UNIX and Linux Machines
- UNIX and Linux Patch Assessment and Deployment
- Getting Started with VCM Patching
- Getting Started with VCM Patching for Windows Machines
- Check for Updates to Bulletins
- Collect Data from Windows Machines by Using the VCM Patching Filter Sets
- Assess Windows Machines
- Review VCM Patching Windows Assessment Results
- Prerequisites for Patch Deployment
- Default Location for UNIX/Linux Patches
- Location for UNIX/Linux Patches
- Default Location for UNIX/Linux Patches
- vCenter Software Content Repository Tool
- Deploy Patches to Windows Machines
- Getting Started with VCM Patching for UNIX and Linux Machines
- Check for Updates to Bulletins
- Collect Patch Assessment Data from UNIX and Linux Machines
- Explore Assessment Results and Acquire and Store the Patches
- Default Location for UNIX/Linux Patches
- Deploy Patches to UNIX/Linux Machines
- How the Deploy Action Works
- Running VCM Patching Reports
- Customize Your Environment for VCM Patching
- Running and Enforcing Compliance
- Provisioning Physical or Virtual Machine Operating Systems
- Provisioning Software on Managed Machines
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Configuring Active Directory Environments
- Configuring Remote Machines
- Tracking Unmanaged Hardware and Software Asset Data
- Managing Changes with Service Desk Integration
- Index
Patching Managed Machines
10
Patching Managed Machines
VCM Patching is the VCM patch assessment, deployment, and verification capability, which ensures
continuous security throughout your environment by proactive compliance of your IT infrastructure.
VCM Patching ensures that your machines have the latest security patches and other software installed.
You can evaluate each machine in your environment to ensure that the machines have the latest Microsoft
security bulletins or supported UNIX and Linux vendor patches installed, and deploy the recommended
patches to each machine.
VCM 5.5 and later do not include the Patch Administrator role. If you previously assigned the Patch
Administrator role to a user, either reassign a different role to the user or let the user know that the role
no longer exists.
Before you patch Windows 2008 servers and Windows 7 machines, verify that the Windows Update
service is running. This service must not be disabled or the patch deployment will fail.
IMPORTANT For VCM Patching to assess Windows systems correctly, you must have a current collection
of File System, Hot Fix, Registry, and Services data. VCM Patching uses the File System, Registry, and
Services data to determine which applications that might require patches are installed and running, and
uses the Hot Fix data to determine which patches are installed on the machines. VCM Patching for UNIX
and Linux machines collects the data when you perform an assessment.
VCM Patching for Windows Machines
VCM Patching for Windows machines helps you deploy patches to bring Windows machines into
compliance.
n
Bulletins: Lists Microsoft bulletins available to VCM Patching. View these bulletins either by bulletin or
by affected product.
n
Assessment Templates: Contains one or more patch bulletins. When you run an assessment, Windows
machines that require the patches appear. You can select bulletins or product names to create
templates.
n
Imported Templates: Associates Windows machines with patches for the deployment of those patches
to selected machines. Use these user-defined templates with Windows machines.
n
VCM Patching Administration: Configures email notifications, proxy server and logon information,
machine group mapping for custom patching, and administration tasks for Windows, UNIX, and Linux
machines.
VMware, Inc.
135