Help CenterExperience the next generation of patch management, eliminating the wastage of valuable hours in every cycle. By incorporating Atera's automation capabilities, you can now establish tailored schedules for each endpoint, ensuring adherence to cybersecurity best practices for hardware, software, and operating systems. Gain comprehensive control over your busy IT environment with ease.
Frequently asked questions
This section will address the most frequently asked questions concerning our Patch Management and IT Automation modules.
Patch Management
Q: What is patch management?
A: Patch management refers to the process of acquiring and deploying updates, or patches, to software applications, operating systems, and other system components. These patches are typically released by software vendors to address security vulnerabilities, fix bugs, and improve overall performance.
Q: Does Atera provide a patch management module?
A: Yes, Atera offers a comprehensive patch management module designed to facilitate the installation of patches on Windows, Mac, and Linux devices. For detailed information about our Patch management module, we highly recommend referring to this article for a thorough understanding of its features and functionalities.
Q: How much does the patch management module cost within Atera?
A: The patch management module is seamlessly integrated into your Atera subscription at no additional cost.
Q: How can I install a patch using Atera?
A: Atera provides multiple options for installing patches on your devices. You have the flexibility to manually install patches on your devices or automate the process to conveniently install patches at your preferred time.
Q: How can a patch be installed manually?
A: To manually install a patch, you can utilize either the Live Manage: Patch management module or the Patch Search and Deploy classic report. For detailed instructions on manual patch installation, please refer to the following articles:
- Patch management: Windows and macOS
- Package manager: Linux
- Live manage: Patch management
- Classic report: Patch Search & Deploy
Q: If I install a patch manually and it requires a reboot, will the devices restart automatically?
A: No, when you install a patch manually and a reboot is required, the devices will not restart automatically. The patch installation will be queued, and once the device is rebooted or shut down, the installation will resume once the device is back online.
Q: How can a patch be installed automatically?
A: Atera offers IT Automation profiles that allow you to install patches automatically at a time that is convenient for you and your end users. By scheduling the IT Automation profile, available patches on your devices will be installed automatically.
Q: Does IT automation reboot a device if a patch requires it?
A: By default, IT Automation does not reboot a device if a patch requires it. However, within the IT Automation profile, there is an option called "Reboot if needed." Enabling this option will initiate a device reboot if a patch installation requires it.
Q: When does the "Reboot if needed" option come into effect during the installation of multiple patches?
A: When multiple patches are being installed using the IT Automation profile, the process follows a sequential order. First, all patches are installed. Subsequently, the IT Automation profile checks if any of the installed patches require a reboot. If such patches are detected, the "Reboot if needed" option is initiated, facilitating the reboot of the devices.
Q: Can the restart triggered by the "Reboot if needed" option be postponed?
A: Yes, it is possible to postpone the restart caused by the "Reboot if needed" option. Atera provides configuration policies that allow you to customize the reboot behavior. You can choose to postpone the restart until after working hours, specify a time period before the restart occurs, or even grant end users control over the reboot process. For detailed instructions on how to configure these options using configuration policies, please refer to the following articles.
Q: How can I configure Patch Management using IT Automation profiles?
A: Configuring Patch Management with IT Automation profiles is a straightforward process. To learn how to set up Patch Management using IT Automation profiles and schedule the profiles, please refer to the following articles for detailed instructions:
Q: What are the recommended best practices for setting up Patch management with IT Automation?
A: To ensure optimal results when setting up Patch management with IT Automation, we recommend following the best practices outlined in our article below. It provides valuable insights and guidance on how to effectively configure and manage Patch management using IT Automation:
Q: Can patches be excluded from automatic installation using IT Automation?
A: Absolutely! With IT Automation, you have the flexibility to exclude specific patches from automatic installation. Additionally, you can choose to approve or postpone the installation of patches using IT Automation profiles, granting you greater control over the automatic patching process. This level of customization ensures that you have full control over which patches are installed automatically. For detailed information on how to exclude patches and customize the automatic installation, please refer to the following articles.
Q: Is it possible to integrate the Atera Patch management module with a custom repository for updates?
A: No, currently, the Atera Patch management module does not support integration with private repositories. The module is designed to manage and distribute patches from the Windows Update Agent (WUA) API.
Q: What is the Windows Update Agent (WUA) API?
A: The Windows Update Agent (WUA) API is a programming interface used by Atera to establish a connection with Windows Update. It allows Atera to interact with Windows Update services and retrieve information about available updates for Windows systems. The WUA API enables efficient detection and management of updates, ensuring that systems are kept up to date with the latest patches and improvements. For comprehensive information on the Windows Update Agent (WUA) API and its functionality, we highly recommend referring to the following article.
Q: Do Linux and Mac devices also use the Windows Update Agent (WUA) API?
A: No, Linux and Mac devices do not utilize the Windows Update Agent (WUA) API. Each operating system has its own update mechanisms. Linux devices use APT (Advanced Package Tool) to manage updates, while Mac devices rely on the native Mac OS software update tool for patch installation and management. For detailed information on the specific update processes for Linux and Mac devices, we highly recommend referring to the following article.
Q: How does Atera handle End-User License Agreements (EULA)?
A: Atera handles End-User License Agreements (EULA) by automatically accepting them as required. This ensures a seamless and efficient process for users when encountering EULAs during software installations or updates.
IT Automation
Q: What is an IT automation profile?
A: With IT Automation profiles, you gain access to a wide range of essential support tasks. These include patching, software bundle installation, Windows version upgrades, disk management, maintenance, and automated scripting.
Q: What is the cost of the IT Automation module?
A: The IT Automation module is included in all Atera subscriptions at no additional cost. You can enjoy the benefits of IT Automation without incurring any extra charges.
Q: How do I utilize an IT Automation profile?
A: To make use of an IT Automation profile, you need to assign it to a specific device, folder, or customer within the Atera platform. Once the profile has been assigned, it will initiate the scheduled automation tasks according to the configured settings. This allows you to automate various processes and streamline your IT operations efficiently. Learn more about assigning automation profiles by checking the following article.
Q: What is the distinction between assigning an IT Automation profile to a customer, folder, or device?
A: Assigning an IT Automation profile to a Customer will ensure that all agents associated with that customer, including newly installed agents, receive the profile automatically. When assigning the profile to a Folder, all agents within that folder, including newly installed agents, will receive the profile automatically. On the other hand, assigning the profile to a specific device will add the profile to that particular device only. This flexibility in assignment options allows you to customize the profiles based on your specific requirements, providing greater control and granularity over the automation process.
Q: Is there a limit to the number of profiles that a device can have?
A: No, there is no limit to the number of profiles that can be assigned to a device. You can assign multiple profiles to a device based on your specific automation needs, allowing for greater flexibility and customization in managing and automating tasks.
Q: What tasks can be automated using IT Automation profiles?
A: IT Automation profiles offer a wide range of tasks that can be automated. Some of the key actions include:
- Automated Patch Management for Windows and Mac devices.
- Automated Patch Management for Software Applications.
- Software bundle installation.
- Automated Upgrades for Windows 10 and Windows 11.
- Disk Management - Defragment (all disks), Run check disk (all disks).
- Automated maintenance options - Create System Restore Point, Delete Temp Files, Delete Internet History, Reboot, Shutdown.
- Automatic script execution.
These automation capabilities empower you to streamline and simplify various IT tasks, enhancing productivity and efficiency within your environment.
Q: Can I create custom tasks for IT Automation profiles?
A: While there is no built-in method to create custom tasks for IT Automation profiles, the Script tasks within IT Automation profiles offer a wide range of possibilities. With the Script task, you can execute custom scripts or commands, allowing for extensive flexibility and customization in automating specific tasks. This feature provides you with a powerful tool to tailor the automation process to your specific needs.
Q: What is the sequence in which the automation tasks run within an IT automation profile?
A: The tasks within an IT automation profile run in a random order, and there is no specific way to define the order in which they execute. To ensure a desired sequence of actions, it is recommended to create separate IT automation profiles for each specific task or category. Please refer to the following article for more information.
Q: How should IT automation profiles be organized?
A: It is advisable to organize IT automation profiles based on the operating system and specific categories. For instance, create separate profiles for Windows, Mac, and Linux devices. Within each operating system category, further divide the profiles based on specific tasks such as Windows Updates, Software Updates, Maintenance, and more. This organization helps maintain clarity and allows for efficient management of automation tasks within your environment.
Additionally, it is important to consider timezone differences when setting up IT Automation profiles. Take into account the specific time zones of the devices or locations where the automation tasks will be executed. Aligning the schedule of the profiles with the appropriate time zones ensures that the automation runs effectively and at the desired times for each location. We recommend following the best practices outlined in our article below. It provides valuable insights and guidance on how to effectively configure and manage Patch management using IT Automation:
Q: When scheduling an IT Automation profile, what timezone does the profile run on?
A: IT Automation profiles run based on the timezone specified in the Admin > Settings > General section of the Atera platform. It is important to consider the timezone differences when scheduling the profiles to ensure that the automation tasks are executed at the desired time in the appropriate timezone.
Q: Can IT Automation profiles be scheduled to run based on the time zone of each device?
A: No, IT Automation profiles cannot be scheduled to run based on the time zone of each individual device. The scheduling of IT Automation profiles is determined by the time zone selected in the Admin > Settings > General section of the Atera platform.
Q: What occurs if a device is offline while an IT Automation profile is running?
A: When a device is offline during the execution of an IT Automation profile, the actions within the profile will remain in the device's queue for a period of one hour by default. However, it is possible to configure IT Automation profiles to retain actions in the device's queue for up to one month. For detailed information on managing the queue duration for offline devices, please refer to the following article.
Q: Can the "Run on offline agents" option be configured on a per-IT Automation profile basis?
A: No, the "Run on offline agents" option is a global setting and cannot be configured on a per-IT Automation profile basis. This option applies to all IT Automation profiles and determines whether actions within the profiles will be executed on devices that are currently offline.
Q: Is there a report available that shows the actions performed by an IT Automation profile?
A: Yes, Atera provides the Patch Automation feedback report, which offers comprehensive details about the actions performed by an IT Automation profile. From successful actions to errors and failures. This report provides valuable insights into the execution of the profile, allowing you to review and analyze the tasks completed. For more information on accessing and utilizing the Patch Automation feedback report, please refer to the following article.
Q: Is there an article available that provides an explanation of the errors displayed in the Patch and Automation feedback report?
A: Yes, we have an informative article that explains the details and provides explanations for the errors displayed in the Patch and Automation feedback report. We recommend referring to this article for a comprehensive understanding of the error messages and troubleshooting steps.
Q: How can I prevent a profile from running?
A: There are a few options to prevent a profile from running:
- Remove the schedule: By removing the schedule of the profile, you can prevent it from running at the specified time or recurrence.
- Disable the profile: Disabling the profile will make the profile unusable. This can be done by navigating to the profile and selecting the Disable option. This allows you to easily enable it again when needed.
- Delete the profile: If you no longer require the profile, you can choose to delete it. However, please note that once deleted, the profile cannot be restored, so exercise caution before deleting.
These options provide you with the flexibility to control the execution of profiles and prevent them from running as needed.
Q: Can an ongoing IT Automation profile be halted once it has commenced?
A: No, once an IT Automation profile has started running, there is no way to stop it.
Q: Why do I observe a discrepancy between the patches listed in Atera and the patches displayed locally on the Windows device within Windows Updates?
A: The discrepancy arises because Atera utilizes the Windows Update Agent (WUA) API to interact with Windows Update and identify available updates. As Atera relies on the WUA API, the patches listed in Atera may differ from the ones displayed locally within the Windows Update on the device. Despite the differences, Atera's Patch Management module ensures comprehensive coverage and effective management of updates for Windows devices.
Q: Does Atera manage updates performed through the Windows Update Agent (WUA) API?
A: No, updates facilitated through the Windows Update Agent (WUA) API are managed and released by Microsoft. Atera does not have control over the release or management of updates through this channel.
Q: Does Microsoft make all updates accessible via the Windows Update Agent (WUA) API?
A: Indeed, all patches are accessible through the API, with the possibility of some updates becoming available later than their standard release date.
Q: Is it possible for one machine to download all the Windows updates, and other computers can then point to that machine to download those updates?
A: No, this configuration is not supported within the Atera Patch Management module. Each device is responsible for downloading and installing updates that are specifically available to it. The Patch Management module operates on a per-device basis, ensuring that updates are applied directly to each individual device. However, you have the option to set up a "WSUS" (Windows Server Update Services) outside of Atera. By configuring a WSUS server, you can centrally manage and distribute Windows updates to other computers within the network. The WSUS server acts as a repository for the updates, and other computers can be configured to point to the WSUS server to download and install the updates. This setup helps in conserving bandwidth and streamlining the update process across multiple machines. Please keep in mind that Atera support does not offer assistance for troubleshooting or setting up WSUS servers.
Q: Why do I encounter patches with a size of hundreds of GB?
A: Typically, updates of this size are cumulative updates for Windows. Atera retrieves these updates via the WUA API, and their size appears significant because they include support for all available Windows languages. However, it's important to note that Atera installs only the required languages, resulting in a considerably smaller actual update size.
Dragos Tulbure