Patch Management - Patch reports using extension attributes not populating.

New Contributor

I've been setting up Patch Management and everything seems to be going well, except, that any patch management

policy I set up (for example - Firefox) which uses an extension attribute doesn't seem to work.

I select the software title, setup Software Title Settings, accept the Extension attribute, but the
patch report never populates.

Am I missing something?



Esteemed Contributor II

@Plumbly The EA Patch Management installed won't collect the info needed for the patch management report until a Mac runs a recon to submit inventory. How often do you have that set to happen in your environment? Clearing the log of the Policy that does your periodic recon will speed up the initial inventory.

Contributor III

I have three recon policies: 

  1. The first automatic recon runs weekly on all machines at check-in, network state change and enrollment.
  2. The second automatic recon runs daily on machines that need it: Out of compliance, critical apps or updates missing or haven't checked in for a long time. I periodically add more smart groups to the scope, ahead of a major OS or app update for example so that I can keep a closer tab on the update progression. 
  3. The third recon update is Company Portal, ongoing, for situations where I'm in contact with the user and want to speed up a process - i.e. Intune registration that requires Company Portal, or installations that require setting profiles. 

In your case, I would create a smart group for all devices with the old version you're trying to patch and add that to the daily recon's scope.

You can go further and create an ongoing recon scoped for devices you want information about even sooner than that, but don't let it run repeatedly with a lot of recon collected as a long-running policy (even a recon one) will block other policies from running until it's completed and a full recon can take several minutes to complete. 

New Contributor

I wasn't being patient enough.
Those systems the policy applied to eventually started updating the patch report.
Thanks to piotrr and sdagley!