Synchronizing Distribution Servers

When you synchronize a distribution server it means you are updating the server with the latest patches and/or engines and data definition files contained on the console. To synchronize your distribution servers, select Tools > Options and then click the Distribution Servers tab.

You can automatically synchronize distribution servers on a periodic basis. You can also manually synchronize the distribution servers directly. This section will cover both options.

Make sure the console contains the necessary files before attempting to synchronize all your distribution servers. For information on downloading patches to the patch download directory, see Downloading Patches. To download the latest engines to the console, select Help > Refresh files.

Another option for automatically synchronizing your distribution servers is to use Distributed File System (DFS) Replication. DFS Replication is available beginning with Windows Server 2003 R2 and requires the use of Active Directory.

Creating a Status Report

If you want to create a report that shows which of the patches contained in the download directory are missing or are out-of-date on the distribution servers, select the desired distribution server(s) and then click File Status Report. The report will list which downloaded patches are not contained on the selected distribution servers or are out of date. The report does not report if engines and data files are missing or out of date.

Automatically Synchronizing Distribution Servers

To configure the program to automatically synchronize engines, definitions, and/or patches with a distribution server:

  1. In the Add scheduled sync box in the top pane, select the component you want to synchronize.
    The components that you can choose to synchronize are:
    • Core engines/definitions: The latest versions of the engine components and all data definition files will be copied to the distribution server. If you have more than one console sharing a database, only one console can synchronize core engines/definitions to a given distribution server.
    • Patch downloads: All patches contained in the console's patch download directory will be copied to the distribution server.
    • All engines, definitions, and patch downloads: All relevant components are synchronized.
  2. In the top pane, select which distribution server you want to synchronize with the console.

    3. If the Add scheduled sync button becomes unavailable after you select a specific distribution server, it probably means the server is being used as the download source for patches and product levels.

  3. Click Add scheduled sync.
    The Scheduled Synchronization dialog appears.

  4. Specify when you want the synchronization to occur.
    The Add delay (days) box (available if you synchronize on a monthly basis) allows you to delay the synchronization by up to 31 days. For example, you might use this to schedule a monthly synchronization that is always performed four days after Patch Tuesday. You do this by specifying The Second Tuesday and then using the Add delay (days) option to delay the operation by four days.
  5. Click Save.

The new scheduled synchronization entry appears in the Scheduled automatic synchronization pane. At the scheduled time, the appropriate files will be copied to your distribution server. If the synchronization time happens to coincide with a download of new files to the console, the synchronization process is queued and is performed when the download is complete.

The Scheduled automatic synchronization pane will show scheduled synchronizations for all consoles that share the database. If you select a schedule created by a different console, you can delete the schedule but you cannot edit it or run it immediately. This allows you to move the synchronization process to the current console by deleting the remote schedule and then creating a new local schedule. It also allows you to delete schedules for consoles that no longer exist.

If you did not specify credentials for the console to use when authenticating to the distribution server, in order for automatic synchronization to work the console machine's SYSTEM account must have read and write access to the distribution server folder. See Configuring System Account Permissions for details.

Manually Synchronizing Selected Distribution Servers

You have the option to manually synchronize a distribution server with the console. This initiates a synchronization right now so you don't have to wait for the next scheduled interval. A background task will be created to perform the synchronization. You can continue using the rest of the program while the synchronization process is performed.

To perform a manual synchronization:

  1. If you are manually synchronizing the engine components and data files, make sure you have the latest files on the console by selecting Help > Refresh files.
    This will download the latest files from the location specified on the Tools > Options > Downloads page and store them in the console's default data directory:

    2. C:\ProgramData\Ivanti\Security Controls\Console\DataFiles

  2. If you are manually synchronizing patches, make sure the console's patch download directory contains all the patches you want on your distribution server(s). See Downloading Patches for details.
    The patches are contained in the default patches directory:

    3. C:\ProgramData \Ivanti\Security Controls\Console\Patches

  3. In the Schedule automatic synchronization pane, select one or more scheduled synchronization entries.
  4. Click Run now.

This will immediately copy all appropriate files from the console to the specified distribution server(s). You can use Event History to track the progress of the synchronization task.