Wondering if anyone else is seeing this issue.
We build defined patch sets within LDMS/LDSS using the Public Custom Groups.
We basically have two patch sets. The test group and the "everyone else" group (they are actually named Phase 1 and Phase 3, don't ask why there's no Phase 2...profit!). The patch sets are rolled into the test path group first and once tested the patches get rolled into the "everyone else" group.
Problem is this. While we have new patches that are in the test group that are not yet in the "everyone else" group, whenever any system that gets its list of patches to scan for from the "everyone else" group runs a scan, patches from the test group also show up as needed in the LANDesk console.
The LANDesk agent vulscan reports needed patches as one would expect. It only shows patches that are in the "everyone else" group.
What causes the mismatch? It makes it difficult to verify that systems are appropriately patched since a lot of false positives show up in the All Detected tab of the Security and Patch Information window.
By the way, the new patches that are in "test group", but not in "everyone else" have autofix disabled, while all of the patches in the "everyone else" group have autofix enabled. This helps somewhat for reporting purposes, but doesn't fix the stated problem.
Thanks,
Alex