Versions effected: LDMS 9.5 and newer
Problem:
You wish to create some custom definitions for the security and patch component but the unique filename field will not allow you to use special characters preventing you using subfolders as you could in previous versions of LDMS.
For example Characters such as' / , & \' etc.
Solution:
This option has not been taken away from the LDMS console but now the subfolders are organised differently. I created this article to document the new method of using sub folders when creating sub folders for custom definitions.
To activate the subfolders for the patches and your custom definitions you must first tick the box 'Group patches in subfolders by language and vendor' in the download updates window under the 'Patch Location' tab:
Once this is done, download patch definitions as you normally would, but now you will notice they have been arranged by language and vendor, as indicated by the tick box shown above.
Notice that there is a folder structure under your patch repository organised by language, in this case INTL, and vendor, in this case Microsoft.
This location is indicated by these options and defined properties in the patch definition itself:
The language in this definition is INTL which indicates the first sub-folder under your patch repository and the vendor is 'Microsoft' which indicates the sub-folder under the language. These are fixed properties in the default definitions and cannot be overridden.
However custom definitions can have customized vendors. It is a good idea to label your custom vendor as something that can be easily identified as being a custom variable so that they can be backed up separately.
Creating the custom defitnion with a custom Vendor:
To utilise tha subfolder under your main patch location, create or edit a custom definition.
On the first tab under 'General' you will notice that the vendor field will be blank. In this example I have changed the Vendor to "custom".
Now every detection rule will look for patches, if needed under the folder structure 'Patch repository > INTL > custom > 'name of patch'
For Example, the custompatch.exe is defined under the detection rule, Rule 1:
To test if the patch has been located and will correctly before deploying, press the 'Generate MD5 Hash' button . This will locate the patch and create a MD5 hash number for the patch, it will produce a "File does not exist" error if it cannot find it.