On the surface, I think this is possible. You need to create 3 different remediation packages:
- full install
- patch 4 upgrade
- patch 2 upgrade, patch 4 upgrade
For the last one, I don't see why you can't drop both binaries and create a command or script that kicks one off, then the other.
what is involved in the patch 2 upgrade then the patch 4 upgrade? reboots ? probably what joe says makes sense then 3 different compliance rules to figure out what to do.
Bill and Joe,
Thanks for the ideas on this. I was also considering one other possible solution to this, but I'm not sure if it would work.
And in testing it, it actually brought up an issue.
I'm trying to write a rule to check for some possible version of McAfee, my idea being:
I was trying to write the rule to check for versions less then or equal to a number, but I found I can't find a comparison in the rule authoring section that fits. There is no less than or equal. I tried pulling a registry value for the same data, which I was able to do less than or equal, but I need to do version 8.8.x.xxxx. When I type that in and save it, it cuts everything off after the first decimal.
My idea here was to create a batch job which ran a discovery, then a compliance job to check the version. Based on the version returned it would run the appropriate remediation job. Then once that was done, run another discovery and compliance to make sure it was up to patch 4. If not, then install patch 4. Would this work?
“Does not start with” ‘8.8'
That's the problem. ALL we have is version 8.8. It's all the patches, which are 8.8.0.xxxx.
RTM - 220.127.116.117
Patch 1 - 18.104.22.1689
Patch 2 - 22.214.171.1245
Patch 3 - 126.96.36.1998
Patch 4 - 188.8.131.527
if equals rtm or patch1 then do patch2
if equals patch2,4 do patch 4
if equals patch 4 ignore
Sean was just giving an example. You can have the string search for whatever you want:
Starts with 184.108.40.206
Does not equal 220.127.116.115
Whatever logic (including IFs, ANDs and ORs) you need to follow, we can replicate in BSA.