Looking for feedback from folks about the execution options they use when deploying actions. Specifically for the options related to specifying a maintenance window during which the action will run. Please respond to the following poll, and add a comment to the thread, if applicable. Thanks!
Use the âRun betweenâ and/or âRun only onâ options to constrain the action to a specific time window and days
Use the âRun only whenâ option to constrain the action to a maintenance window property
Use both of these options (add comment with use case)
Thanks for the responses so far. For those that only use âRun betweenâ and/or âRun only on,â can you add a comment and let me know if you are aware of the BigFix Maintenance Window dashboard and if there is a specific reason youâre not using that instead?
(Referring to my former environment, where I managed endpoints)
We used custom constraints based on client settings via âRun only whenâ. The main reason for doing that was to delegate the maintenance window management to individual system owners.
We would action our patch baseline(s) as a single action targetted to all computers (within a given cycle of development/integration/test by computer group). This reduced the number of actions our central IT org had to issue.
Separate from the patch baselines themselves, we also issued an Offer action to the endpoints, with the Offer being to âopenâ the maintenance window. The individual system owners, knowing their busy/not-busy times, and what kind of server redundancy they provided better than the central IT group, could accept the âOpen my maintenance windowâ offer at whatever time was good for them. Once they opened their maintenance window, our patching / software deployment actions were free to execute.
We also send a separate âDeadlineâ maintenance window action. If the system owner did not open their maintenance window through the Offer, this separate Deadline action would force the maintenance window to open sometime over the weekend.
It was kind of the best of both worlds - I had a smaller of patch actions to maintain & report status, and the system owners controlled their own outage timings (within reason). It drastically reduced the time my team spent negotiating outages or service migration schedules.
We didnât use the maintenance window dashboard because our schedules varied from one week to another, and because we only wanted to constrain our patching actions - aside from patching, we issued a lot of Software Deployment and custom preventative maintenance actions, that we wanted to execute on separate schedules aside from maintenance windows.