It can be confirmed from the Main Menu if the security patches have been installed to CT.

In addition, installation state of the security patches can be confirmed via email when setting the warning notice. Please refer to relevant contents of “Systemwalker Desktop Patrol Installation Guide” for Settings of the warning notice.

Installation confirmation of the security patches is performed in “PC Information” in the Main Menu. In addition, the installation state can also be saved as CSV format file.

Whether installation of the security patches is finished normally or failed can be confirmed in the “Environment Setup” window in CT. For detailed information, please refer to relevant contents of “Systemwalker Desktop Patrol User Guide: for Client”.

Take the following steps.

1. Log on the Main Menu, click “PC Information”.

   → The “PC Information” window will be displayed.

2. Click “Software Auditing”.

   → The following window will be displayed.

   

3. Select the department to be displayed.

   → The following window will be displayed.

   

4. Select product from “Security patch” in the tree on the left field.

   → Security patches corresponding to the selected product will be displayed in the field on the right..

5. Confirm number of the qualified PC displayed in “Software List”.

   

6. Click “CSV Export” button to download installation state of the security patches as CSV format file.

   
   

Method to View the Window of Security Patches Installation State

This section explains how to view the “Installation state of security patches” window. For example, after “WindowsXP” is selected in window of “Installation state of security patches”, security patches information related to Windows XP and number of qualified PC will be displayed. See below for window at that time.

Window of “Installation state of security patches” is composed of the following.

• Name of component (e.g. WindowsXP)

  • Name of component installed
    (e.g. WindowsXP installed)

  • No sufficient Install Patches to component name
    (e.g. Install Patches not sufficient to WindowsXP)

    As to items displayed in “Install Patches insufficient to name of component”, even the installation is performed after security patches screening for the component, when all the security patches are not installed to the component, number of PC with no installation will be accumulated.

  • Name of component (no installation code) not installed
    (e.g. Q329834(MS02-063) not installed in WindowsXP)

  • Name of component not installed(invalid)
    (e.g. Q329048(MS02-054) not installed in WindowsXP “invalid”)

    Security patches and service patches displayed as “Invalid” need not be confirmed or counted.

    ”Invalid” of security patches and service patches indicates this security related problem has been solved through other security patches or service patches.

Take the following steps to identify the PC with and without installation of the security patches and service patches in the window of “Installation state of security patches”.

1. Find the items to have the state looked up in list of the security patches.

   →When number of the qualified pieces is “0”, no insufficient installation of security patches existing in the selected Component. End of the confirmation.

   →When number of the qualified pieces is not “0”, insufficient installation of security patches is existing in the selected Component. Please enter the next step.

2. Click “Corresponding Number” of the security patches and service patches not displayed as “0”.

   →State of PC desired to be understood shows in the selected security patches and service patches.

   

   
   

When Security Patches Not in Installation are Detected

Security patches won’t be installed in the following circumstances.

• Power not turned on for CT to install the security patches

• CT to install the security patches not connected to network

Please solve the above problems to install the security patches.

It could be that errors have happened in installation Processing of the security patches at the Client when the problems can’t be solved. Please confirm the CT operation status log and the “State” label in CT Environment Setup window and refer to “CT Message of Systemwalker Desktop Patrol” in “Systemwalker Desktop Patrol Reference Manual” for identification of the causes and to perform the corresponding Processing.

See below for an example of the “Environment Setup” window of CT.

Column of “Patches installation status”: relevant information will be displayed here in case of abnormal installation of the security patches.

Confirm with Status Checking Command of CT Operation

As to CT with no security patches installation, its status can be confirmed with the status checking command of CT operation. Please refer to relevant contents in “Systemwalker Desktop Patrol Reference Manual” for more information.

Confirmation of Status Log of CT Operation

As to CT with no security patches installation, the status log of Ct operation can be confirmed. See below for method to confirm.

1. Take one of the following measures to identify the PC and its name with no security patches installation.

   1. Confirm name of the PC with no security patches installation in window of “PC Information”-“Software Auditing” in the Main Menu.

   2. Select “Software supervision” in window of “Event Settings” and set it as name of the passed PC with no security patches installation.
      The administrator can be regularly noticed of name list of the PC with no security patches installation through event settings.
      Please refer to relevant contents of “Warning notice” in “Systemwalker Desktop Patrol Installation Guide” for window of event settings.

2. Search the PC name information from the CT operation status log saved on CS to confirm if the security patches have been installed.

3. As to check and retrieval of the CT operation status log, please use Microsoft® Excel or editor to confirm.

4. Saving of the CT operation status log will default to the following directory.

   CS installation directory \FJSVsbinv\ct_trace\ User ID+PC name + superior server name \dpsysdYYYYMMDD.log

   Remarks.

   Storage path and days of management of the CT operation status log file can be modified with the command of SVPolicy.exe (Server Environment Setup).

   Please refer to relevant contents in “Systemwalker Desktop Patrol Reference Manual” for detailed information about the file of CT operation status log.

See below for examples of the CT operation status log detected to be without security patches installation.

• Example 1: Failure of security patches installation

  user1,pc1,server1, 2008/06/12 20:15:05.717,INFO,POLICY,RECEIVE,OK user1,pc1,server1, 2008/06/12 20:15:05.818,INFO,POLICY,UPDATE,OK user1,pc1,server1, 2008/06/12 20:15:06.612,INFO,PATCH,START,,1 user1,pc1,server1, 2008/06/12 20:16:10.123,INFO,PATCH,DOWNLOAD,OK, "install MS04-012(828741) to Windows2000 " user1,pc1,server1, 2008/06/12 20:16:12.814,INFO,PATCH,INSTALL,OK, "install MS04-012(828741) to Windows2000" user1,pc1,server1, 2008/06/12 20:16:14.035,ERROR,PATCH,STATUS,NG(1603), "install MS04-012(828741) to Windows2000 "

  Please pay attentions to the lines in red. Detection result of installation status shall be no installation by judgment as abnormality has happened to installation Processing of the security patches.

• Example 2: Failure of policy receiving, causing unavailability of security patches for installation

  user1,pc1,server1, 2008/06/12 08:53:10.750,INFO,DTP,SVCSTART, user1,pc1,server1, 2008/06/12 08:53:11.031,INFO,WINDOWS,ACLINEMODE, user1,pc1,server1, 2008/06/12 09:01:46.953,ERROR,POLICY,RECEIVE,NG(10060)

  Please pay attention to the line in red. Due to failure to receive policy, the security patches can’t be installed to CT, detection result of installation state shall be no installation judging by this.

  Example 3: the security patches are installed, but after installation there is no restart

  user1,pc1,server1, 2008/06/12 20:15:56.612,INFO,PATCH,START,,2 user1,pc1,server1, 2008/06/12 20:15:59.112,INFO,PATCH,DOWNLOAD,OK," install MS04-011 (835732) to Windows2000" user1,pc1,server1, 2008/06/12 20:16:10.123,INFO,PATCH,DOWNLOAD,OK,"install MS04-012(828741) to Windows2000" user1,pc1,server1, 2008/06/12 20:16:21.917,INFO,PATCH,INSTALL,OK," install MS04-011 (835732) to Windows2000" user1,pc1,server1, 2008/06/12 20:16:45.345,INFO,PATCH,STATUS,OK(0)," install MS04-011 (835732) to Windows2000" user1,pc1,server1, 2008/06/12 20:17:11.320,INFO,PATCH,INSTALL,OK," install MS04-012(828741) to Windows2000" user1,pc1,server1, 2008/06/12 20:17:48.165,INFO,PATCH,STATUS,OK(0)," install MS04-012(828741) to Windows2000" user1,pc1,server1, 2008/06/12 20:19:36.044,INFO,REBOOT,SELECT,,Delete

  Please pay attention to the line in red. The security patches have been installed normally, but after installation, due to lack of restart of Windows, the security patches can’t be reflected in Windows, detection result of installation state shall be no installation judging by this.

  After restart of Windows, the following contents will be output to the status log of CT operation.

  user1,pc1,server1,2008/06/12 20:23:15.859,INFO,REBOOT,SELECT,,Now user1,pc1,server1,2008/06/12 20:23:19.001,INFO,DTP,SVCSTOP, user1,pc1,server1,2008/06/12 20:23:52.640,INFO,DTP,SVCSTART,

• Example 4: No abnormalities are recorded in the status log of CT operation.

  That no abnormalities are recorded in the status log of CT operation means that CT has no problems. Please confirm in window of “Environment Setup”-“CS/DS Settings and Operation Status” in the Main Menu to see if CS and DS are running normally.

  
  

Patches not automatically installed to PC can be confirmed in the list.

Please refer to relevant contents in “3.2.1 View Inventory Information” for confirmation of unapplied patches information with the patches list.