I agree. We need more flexibility in the patching options. X amount of time until forced to install and a way the users can initiate the install and not wait for the dialog box to appear.

I agree. We really need some way the users can start the patch process and not have to wait for the dialog box.

My users really want this or something like

http://kace.uservoice.com/forums/82699-k1000/suggestions/2396684-allow-user-on-demand-pulling-of-pending-patch-or

to allow for more flexible execution of patches.

This feature is becoming increasingly needed in our environment as laptops become encrypted and not all actions(specifically ones that involve reboots) can be performed without user interaction.

I really like this idea, but have voted with http://kace.uservoice.com/forums/82699-k1000/suggestions/1230559-security-advertise-patches as it has more votes and a greater likelihood of being added.

I would also like to see the ability for a user to request/prompt on-demand execution of a patch schedule, whether or not they had been prompted for it.
It would be 'made available' for the user portal the same way that scripts and Managed Installs currently are.

This would alleviate the issue of many of my users complaining about inconvenience of scheduled patch pushes (If they could do it at their convenience, rather than ONLY when prompted by the agent alert).

This can be run through the scripting module to adjust the scheduled time for defragmentation based on the contents of C:\maintenance\maintenance.txt. The script can simply run at a reasonable interval to check for user updates to the file.

This can be run through the scripting module to adjust the scheduled time for defragmentation based on the contents of C:\maintenance\maintenance.txt. The script can simply run at a reasonable interval to check for user updates to the file.

“%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe” with params “-WindowStyle Hidden -nologo -noninteractive $time = Get-Content c:\maintenance\maintenance.txt; if ($time) {schtasks /Change /TN ”\Microsoft\Windows\Defrag\ScheduledDefrag“ /ST $time}”

This will likely be cleaner using scripts to remove or add scheduled tasks in task scheduler at the specified time based on the presence of the named file. However, it would still be nice to provide the user with a GUI and a published list of tasks they can schedule at certain times.

Currently I am designing some KACE tasks to do this that will read a user edited file to get a preferred time for maintenance. This should be especially worthwhile for laptops, since they are difficult to get online at a known time when the user is not working.

While there are probably some tweaks I will discover while writing the scripts that make the process much smoother, the general idea at the moment is that the machine's owner will be allowed to change the name or contents of a file to specific values to tell us when the machine will be available for maintenance tasks. A script will run from the KACE every few hours to read this file and appropriately populate a custom registry key on the machine with a time. If the file does not exist, the key could be generated and populated with a default time, or a warning could be sent to the administrator noting it is not configured if the machine is sensitive such that it should not be arbitrarily done off-schedule, such as to protect servers. The key will be inventoried as a software item such that we can generate a machine label based on the contents of the registry key. The machine label can be used to apply to maintenance tasks scheduled to run at specific times. This should allow us to schedule, for instance, disk defragmentation or patching, on laptops at a time when we know the machine will be on and connected, but the user will not require use of the machine. Rather than guessing when the user will go to lunch, or whether they will connect their laptop to our VPN at 2200 before they go to bed, we will allow them to provide a specific time for maintenance, which they can change generally at their leisure rather than asking us to change it.

I believe a very small client-side application that would allow the administrator to push specific scripts to a list, and allow the user to just set a time next to them for the KACE to use for a schedule would be relatively easy to write, and solve a huge portion of the problem for scheduling maintenance tasks, especially for laptop users where it is difficult to schedule available times. It also passes more control to the user, which is typically recieved favorably.