I’m new to BigFix and have searched the forums on different applications to disable auto-updates (Adobe Acrobat / Reader 9, Shockwave, Flash, etc) as we are saturating our environment with the BigFix client and deploying fixlets, which is saving me so much time and sanity. I <3 BigFix - saved me 40 hours of work just this morning with deploying SAV 10.1.9…
But I had a question regarding the purpose of Fixlets leaving the auto-update settings on after the Fixlets have been applied. If BigFix is the preferred deployment method of software updates, why leave the settings on the computer that permit it to still point to the internet for updates? Just curious, but maybe there was something I didn’t consider with not setting this option.
I’ve already used the Java update disabler and it works wonderfully and looking at reworking the Adobe Acrobat 8 task to disable updates as well. I did the reg key change, but it doesn’t prevent the pending updates executables from launching, which are easily terminated.
I know many customers that disable auto-updates… My understanding is that the main reasons they do:
They want to control when the patches apply.
They want to control which patches apply.
They don’t want every single computer downloading the files from MS servers across their WAN.
Ben
I completely agree with you Ben, but my question is this:
Why not have the fixlets disable auto-update on some of these applications considering that the ‘preferred’ deployment method is BigFix?
Since we will now use BigFix to deploy software and manage our environment, I just thought it make sense to continue to use BigFix to deploy fixlets vs let the applications update on their own without control over the environment, which makes inconsistencies. Just my two cents.
EDIT - Oh I just noticed that Adobe update does this… now I feel utterly not smrt. It helps to read the fixlet messages!