FAQ
Here's a list of the most frequently asked questions regarding Syxsense:
Microsoft updates are provided the same day of release.
The 'Admin' account, within Syxsense, has access to all areas of the console. Granular permissions are available by specific features you either want to provide or remove from any user. This is represented in the 'User Accounts' 'Add' window as either 'Admin', 'Read Only' or 'Custom User' when adding a user.
The vRep installation, also called the 'Discovery Agent', allows for discoveries, Linux Device Management, and relay functionality on any Windows-based device. The MicroAgent is an independent installation for any other Windows-based devices on- or off-premise.
For any devices that roam, the MicroAgent installation is the only way to manage off-network devices. Additionally, the MicroAgent allows for missed-task functionality, in case it was disconnected the first time. (The Mac Agent also provides these features for Mac OS X devices).
The 'MicroAgent' URL is available from the 'Add device' section in the left-hand navigation pane.
The 'MicroAgent' MSI itself is also pre-packaged and doesn't require any customized properties/commands.
It's prepared to be silently deployed by default.
The 'Patch Scan' task is crucial for patch analysis. Although it's not required to run a 'Patch Scan' task before the deployment on Windows, it's strongly recommended to know what is necessary or unnecessary on devices before deploying any updates to them.
If the device is Mac- or Linux-based, the 'Patch Scan' task is required to see which updates are available, since these updates come directly from the manufacturer or existing repository.
Every task has an option on the final step to 'Email Upon Completion' for the email address used to log in with. The email can also be edited to send to another address or distribution list.
'MicroAgent' devices can pick up missed tasks, if 'Offline' or 'Not Connected' on the initial run and if set to 'Start at a Specified Time', or commonly referred to as a 'standalone' schedule.
The missed task functionality does not apply to Maintenance Windows, as intended.
How do I add additional licenses in Syxsense? How do I add additional licenses in Syxsense?
Additional licenses of Syxsense can be purchased through the Subscriptions section, or by contacting your Syxsense Account Manager.
Automatic Update should be disabled when using Syxsense, but it's not required. The industry recommends a single solution to manage updates so that any changes in the environment would be from the single solution alone; Automatic Update can update at any time.
Why you may be prompted to restart your computer?Why you may be prompted to restart your computer?
After you install a security update, you may be prompted to restart your computer if one of the following conditions is true:
- The security update updates a DLL that is loaded in one or more processes that are required by Windows. The security update can't be completed while the DLL is loaded. So, the security update must stop the process that causes the DLL to be loaded. Stopping the process will unload the DLL that is required to complete the update. However, the process in which the DLL is loaded can't be stopped while Windows is running. For example, the security update that is described in security bulletin MS04-011 updates many DLLs that are loaded in core operating system processes that can't be stopped without shutting down Windows.
- The security update updates an .exe file that is currently running as a process that is required by Windows. The update can't be completed while this process is running. However, you can't force this process to stop unless you shut down Windows. For example, Csrss.exe is a required process in Windows.
- The security update updates a device driver that is currently being used and that is required by Windows. The update can't be completed while this device driver is being used. However, you can't unload this device driver unless you shut down Windows. For example, Disk.sys is a device driver that is required by Windows.
- The security update makes changes to the registry. These changes require that you restart your computer.
- The security update makes changes to registry entries that are read only when you start your computer.
- The security update makes changes to ‘Panther file’ entries that are read only when you start your computer.
There are three registry values you should check to see whether a reboot is needed or not.
- The RebootPending value at
HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing
- The RebootRequired value at
HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update
- The PendingFileRenameOperations value at
HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager
Knowing these registry values, will help in learning if the device is pending a reboot if the RebootPending, RebootRequired, or PendingFileRenameOperations values exist.
- This is a quick script you can run in a PowerShell. Results will be True or False.
Test-Path
HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending
Test-Path
HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired
Get-ItemPropertyvalue -path (this will display the path and file names of any 'Pending File Rename Operations')
HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\' -name PendingFileRenameOperations
In addition to the above Microsoft incorporated a new temporary folder that is used to store additional files temporarily that are being used during installation, setup, update, upgrade and file name changes. This is the 'Panther' folder located at C:\Windows\Panther. Files here can also trigger a Reboot flag.