Best Practices Question
How do I set up the ability to patch systems when a user should not log into KACE? (Cannot use automatic patching)
So this is the predicament I am facing. We have some consultants at another site. My manager does not want them to have access to KACE, however, they want to control the patching on their servers because they have Dev, Test, Train, Stage, and Prod environments and must test the patches in each one before ultimately deploying them into Prod. My manager thought that we could set up an approval process where we remotely approve patches for the month. The consultants log into the first servers (Dev) and manipulate a file by either renaming it or adding info into it that alerts KACE that the servers are ready to be patched (kinda like taking a web front end offline from an F5 device by renaming a file that causes the F5 to temporarily remove the server from the pool) and once done, gives the consultants the option of rebooting the servers at their leisure.
Is there such a process as this and if so, how can it be achieved? If not, what other options do I have in setting up KACE to not allow them to have access but be able to patch each environment separately?