I understand that there have been many posts on this topic, but I’m trying to nail down the flow of what actually happens in the back end, as I’m not getting the warm feeling that this is working correctly.
As I’m hoping is rather common, we use this option when deploying a monthly baseline of Windows Patches. We kick off the action a few days prior to the Start on date. The expectation is that relevant patches will download to the endpoints and when the Start date is reached, they immediately start installing.
Upon viewing the client logs a while ago, it seemed that each was being downloaded a second time (I didn’t keep the log but will verify again).
In addition, there is a very long delay between the time the person clicks “Take Action” and the “Display message while running action” pop-up appearing. Probably because downloads are happening?
All endpoints have these settings:
I know there is a flow of a file being downloaded, placed in a directory, its SHA scanned, it copying it to another directory using its friendly file name, and then finally executing. I think I need to understand that better to troubleshoot.
Questions I have:
- When using the Download Before Constraints option, are files in their ready state or will they have to be “processed” when the Action starts?
- Based on my cache settings above, if the endpoint is rebooted before the Action is executed, are the files deleted?
- Does also enabling the “Stagger action downloads” option affect execution if files are already downloaded?
I’ll try and get a log posted soon.
“Stagger action downloads” affects each component in the baseline, be aware; so if you have 100 components and a five minute stagger, you could get up to 500 minutes of stagger delay.
I believe I read here that there is a client bug on some versions that can double the stagger as well.
I much prefer throttling on the relays over staggering downloads, when it comes to bandwidth management.
My experience has been that if “stagger download times” is specified on the baseline, that none of the components run until all the downloads have completed, and a single fixlet with a missing download will stop any of the components from running.
You could also run into a situation where installing one patch makes the system relevant to another patch, that was not precached on the client.
If the files have precached, the action should start at roughly the specified start time. That’s been my experience. But I think that’s subject to the evaluation loop on the client, so if you have a long evaluation cycle that may delay the action start.
The client logs should show us more.
1 Like
These baselines have less than 20 updates. We usually enable the “Stagger action downloads over 5 minutes”, but what we can try this next patching cycle is to un-check that; leaving only “Start client downloads before constraints”.
Again, the expectation is that when you kick something off and it said downloading, then waiting, then kicks off on it schedule, that it doesn’t try downloading again. I’ll get logs!
Hi Alexa, did you ever get to the bottom of this? Thanks, Simon.
That was a long time ago with an older version of BigFix (obviously). If I recall, I simply stopped using the Stagger method and it didn’t seem to buy me anything; I kept the “Start client downloads before constraints are satisfied”. Thing have been fine since.