Subscription Level Settings
Click to view navigation pane


Subscription Level Settings for Patch Management

Learn more about the "Bypass Execution Policy" and "Defer Cloud Agent Scans" subscription-level settings in Patch Management.

Enabling the Bypass Execution Policy

Disabling the Bypass Execution Policy

Enabling the Defer Cloud Agent Scans

Disabling the Defer Cloud Agent Scans

Enabling the Bypass Execution Policy

For Windows deployment jobs, you can choose to enable or disable the PowerShell Execution Policy Bypass to override the default policy for Run Script and Install Software pre-actions and post-actions. For more information, see About Pre-Actions and Post-Actions.

Upon overriding the default Policy, the signed and unsigned scripts are executed without showing any warnings or messages.

1. Go to Configuration > Setup tab.

Bypass Execution Policy.

2. Turn the Bypass Execution Policy toggle On. A confirmation message is shown. Once you confirm to enable the Bypass Execution policy by clicking Yes, the Bypass Execution policy is enabled.

When the Bypass Execution Policy is enabled, the default policy configured by the administrator is overridden. For more information, see About Execution Policies.

Note:
- The Process, CurrentUser, and LocalMachine execution policy scopes are supported.
- UTF-8 encoded scripts are supported.

Disabling the Bypass Execution Policy

1. Go to Configuration > Setup tab.

2. Turn the Bypass Execution Policy toggle Off. A confirmation message is shown. Once you confirm to disable the Bypass Execution policy by clicking Yes, the Bypass Execution policy is disabled.

When the Bypass Execution Policy is disabled, the default policy configured by the administrator is applied. For more information, see About Execution Policies.

Enabling the Defer Cloud Agent Scans

Super users and users with the “Patch Manager” role can enable or disable the "Defer Cloud Agent" setting to prioritize patch deployment over the cloud agent's other scans if they overlap the ongoing patch deployment.

In the case of Windows deployment or rollback jobs, if the job is running and the VM scan is triggered, it's halted until the job execution is completed on the assets, and then the VM scan resumes.
 
However, if the VM scan is already running and the Windows deployment or rollback job starts, the job is not prioritized over the VM scan. The job begins after the VM scan is completed.

1. Go to Configuration > Setup tab.

Defer Cloud Agent Scans.

2. Turn the Defer Cloud Agent Scans toggle On. A confirmation message is shown. Once you confirm to enable the Defer Cloud Agent Scans by clicking Yes, the Defer Cloud Agent Scans is enabled.

Disabling the Defer Cloud Agent Scans

1. Go to Configuration > Setup tab.

2. Turn the Defer Cloud Agent Scans toggle Off. A confirmation message is shown. Once you confirm to disable the Defer Cloud Agent Scans by clicking Yes, the Defer Cloud Agent Scans is disabled.