Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Server Automation10.60

Administer > Permissions reference > Patch Management for Windows Permissions

Patch management for Windows permissions

Table 49 specifies the Windows Patch Management permissions required by users to perform specific actions in the SA Client. For security administrators, the table answers this question: To perform a particular action, what permissions does a user need?

In addition to the permissions listed in the Windows patch management permissions required for user actions table, every user action also requires the Managed Servers and Groups permission.

In the Windows patch management permissions required for user actions table, most of the entries in the User Action column correspond to menu items in the SA Client. In addition to action permissions, server permissions are required on the managed servers affected by the patching operation.

If either Allow Install Patch or Allow Uninstall Patch permission is set to Yes, then the Manage Patch and the Manage Windows Patch Policies permissions are automatically set to Read.

Windows patch management permissions required for user actions
User Action	Action Permission	Server Permission (Customer, Facility, Device Group)
Patches
Install Patch (Available)	Allow Install Patch: Yes Manage Patch: Read	Read & Write
Uninstall Patch (Available)	Allow Uninstall Patch: Yes and Manage Patch: Read	Read & Write
Install Patch (Limited Availability)	Allow Install Patch: Yes Manage Patch: Read & Write	Read & Write
Uninstall Patch (Limited Availability)	Allow Uninstall Patch: Yes and Manage Patch: Read & Write	Read & Write
Open Patch (View Patch)	Manage Patch: Read	N/A
Change Patch Properties	Manage Patch: Read & Write	N/A
Import Patch	Manage Patch: Read & Write and Package	N/A
Import Patch Database	Manage Patch: Read & Write	N/A
Export Patch	Manage Patch: Read and Package	N/A
Export Patch	or Allow Install Patch: Yes and Package: Yes	N/A
Export Patch	or Allow Uninstall Patch: Yes and Package	N/A
Export Patch	or Manage Policy: Read and Package	N/A
Delete Patch	Manage Patch: Read & Write	N/A
Patch Policies and Exceptions
Remediate Policy	Allow Install Patch: Yes	Read & Write
Open Patch Policy (View)	Manage Windows Patch Policy: Read	N/A
Add Patch to Patch Policy	Manage Patch: Read and Manage Windows Patch Policy: Read & Write	N/A
Remove Patch from Patch Policy	Manage Windows Patch Policy: Read & Write	N/A
Set Exception	Allow Install Patch: Yes	Read & Write
Set Exception	or Allow Uninstall Patch: Yes	Read & Write
Copy Exception	Allow Install Patch: Yes	Read & Write
Copy Exception	or Allow Uninstall Patch: Yes	Read & Write
Attach Patch Policy to Server (or Device Group)	Manage Windows Patch Policy: Read	Read & Write
Detach Patch Policy from Server (or Device Group)	Manage Windows Patch Policy: Read	Read & Write
Create Patch Policy	Manage Windows Patch Policy: Read & Write	N/A
Delete Patch Policy	Manage Windows Patch Policy: Read & Write	N/A
Change Patch Policy Properties	Manage Windows Patch Policy: Read & Write	N/A
Patch Compliance Rules
Edit Patch Products (Patch Configuration window)	Manage Patch Compliance Rules: Yes	N/A
Scan Patch Compliance	Manage Windows Patch Policy: Read	N/A
Schedule a Patch Policy Scan	Manage Patch Compliance Rules: Yes	N/A
Change Default Patch Availability	Manage Patch Compliance Rules: Yes	N/A
Change Patch Policy Compliance Rules	Manage Patch Compliance Rules: Yes	N/A
View Patch Policy Compliance Rules	Manage Windows Patch Policy: Yes	N/A

The User actions allowed by Windows Patch management permissions table lists the actions that users can perform for each Patch Management permission. The User actions allowed by Windows Patch management permissions table has the same data as the Windows patch management permissions required for user actions table, but is sorted by action permission. Although it is not indicated in The User actions allowed by Windows Patch management permissions table, the Managed Servers and Groups permission is required for all Patch Management actions.

For security administrators, The User actions allowed by Windows Patch management permissions table answers this question: If a user is granted a particular action permission, what actions can the user perform?

User actions allowed by Windows Patch management permissions
Action Permission	User Action	Server Permission (Customer, Facility, Device Group)
Allow Install Patch: Yes	Copy Exception	Read & Write
Remediate Policy	Read & Write
Set Exception	Read & Write
Allow Install Patch: Yes and Manage Patch: Read	Install Patch (Available)	Read & Write
Uninstall Patch (Available)	Read & Write
Allow Install Patch: Yes and Manage Patch: Read & Write	Install Patch (Limited Availability)	Read & Write
Uninstall Patch (Limited Availability)	Read & Write
Allow Install Patch: Yes and Package: Yes	Export Patch	N/A
Allow Uninstall Patch: Yes	Copy Exception	Read & Write
Set Exception	Read & Write
Allow Uninstall Patch: Yes and Package	Export Patch	N/A
Allow Uninstall Patch: Yes and Manage Patch: Read	Uninstall Patch	Read & Write
Manage Patch Compliance Rules: Yes	Change Default Patch Availability	N/A
Change Patch Policy Compliance Rules	N/A
Edit Patch Products (Patch Configuration window)	N/A
Schedule a Patch Policy Scan	N/A
Manage Windows Patch Policy: Read	Attach Patch Policy to Server (or Device Group)	Read & Write
Detach Patch Policy from Server (or Device Group)	Read & Write
Open Patch Policy (View)	N/A
Manage Windows Patch Policy: Read & Write	Change Patch Policy Properties	N/A
Create Patch Policy	N/A
Delete Patch Policy	N/A
Remove Patch from Patch Policy	N/A
Manage Windows Patch Policy: Yes	View Patch Policy Compliance Rules	N/A
Manage Patch: Read	Open Patch (View Patch) Scan Patch Compliance	N/A
Manage Patch: Read & Write	Change Patch Properties	N/A
Delete Patch	N/A
Import Patch Database	N/A
Manage Patch: Read & Write and Package	Import Patch	N/A
Manage Patch: Read and Manage Windows Patch Policy: Read & Write	Add Patch to Patch Policy	N/A
Manage Patch: Read and Package	Export Patch	N/A
Manage Policy: Read and Package	Export Patch	N/A

Send Help Center feedback