Pending restart computers count as a remediated computers

Sagar_v_d 2021-11-09 11:56:22 UTC #1

Hi All,

After deploying baseline when take compliance report report shows pending restart computers as remediated computers. After restart some computers failed to apply patches then our compliance goes down.
We don’t want to count pending restart computers as remediated computers in compliance report.

How can we achieve this…??? Any suggestion or client settings need to be applied.

D.Dean 2021-11-09 16:05:43 UTC #2

A year or so ago HCL added a feature for patches to show remediated until the reboot takes place and the relevance is revaluated.

If you want to see systems that have not rebooted but have the patch pending final evaluation, change the setting _BESClient_WindowsOS_BypassPendingRestartRelevance to a value of one (1)

https://help.hcltechsw.com/bigfix/9.5/patch/Patch/Patch_Windows/c_patch_winpatchclientsettings.html

Sagar_v_d 2021-11-10 06:42:16 UTC #3

Thank you so much @D.Dean

karthik04 2021-11-11 11:50:32 UTC #4

Hi @D.Dean,

The said settings is not working in my environment properly. I deployed the settings in 2 of the systems to check, on both the systems the settings got successfully completed. Later i deployed patches which required restart, later when the patching got completed on both the systems i was able to see the action status as “Pending Restart”. I generated the patching compliance report targeting only the patches which i deployed. One system showed me compliance as 100% and another one showed as 0% and we did not restarted the system.

Can you help me in resolving the same.

Thanks in advance,

Regards,
KK