Question

Run policies after rebuild

  • 1 September 2022
  • 2 replies
  • 26 views

Badge

We have several policies that are based on a weekly staggered layout by location and 4am deployment (and next check in).  However, when we re-image a workstation and Automox gets automatically installed, we would have to wait until the next morning or next update cycle to get software and patches.  I dont know if we can do anything like this now, but It would be nice when a new device checks in, is in the default group, or have a command switch to run, that it would automatically force run any associated policies before we deploy back to staff.


2 replies

Userlevel 1
Badge

We have several policies that are based on a weekly staggered layout by location and 4am deployment (and next check in).  However, when we re-image a workstation and Automox gets automatically installed, we would have to wait until the next morning or next update cycle to get software and patches.  I dont know if we can do anything like this now, but It would be nice when a new device checks in, is in the default group, or have a command switch to run, that it would automatically force run any associated policies before we deploy back to staff.

Hello,

 

The only way to have patch policies run before their normally scheduled times would be to run them manually on the device after the imaging is complete.

You can do this from the Device Details page for a given machine when you know the machine is ready to start patching. As long as there are associated patch policies, you can click “Run on this device” for a given policy to execute it immediately.

If you are imaging multiple devices in a batch on a regular basis, then you might consider creating a new patch policy specifically for the newly imaged devices that you can associate, run once, and then unassociate before returning the device to end users. With this method, you could select the policy itself and choose “Run Policy” so it affects the specific devices without kicking off the patch policies for all the other devices already deployed.

Device Targeting would be useful in this case, as you could Tag a device for the new policy to target (for example, “Imaging”), thus protecting you from accidentally associating the policy to the wrong devices.

Hope that helps!
Cheers

Badge

Thanks.  Will probably just focus on manually pushing but appreciate the feedback.  With this, it would be nice to have an option to repeat throughout the day instead of just one set time.  So like every 4 hours, every time it syncs/scans, or apply if its been less then 24 hours since last checked in to assigned policy, etc.

Reply