Submit a ticketCall us
Home > Success Center > Patch Manager > Patch Manager Documentation > Patch Manager Getting Started Guide > Configure your environment > Populate the default credential ring

Populate the default credential ring

Patch Manager Getting Started Home

Last Updated: March 9, 2017

Patch Manager uses a default credential ring to map user credentials to managed resources. This enables the application to know which credentials to use to perform a specific task on a specific managed system.

If Patch Manager does not have the proper credentials to log in to the managed systems, the application generates Access Denied errors during a software update.

When you install Patch Manager, the application includes a default credential ring to store the admin credentials required to access each system you inventory and manage. Populate the default credential ring with the administrator username and password of the inventoried systems to enable WSUS to log in and install software updates. For example, you can populate the credential ring with the admin credentials required to access all systems in the Finance department.

After you configure the group policy to enable third-party updates, Patch Manager uses the admin credentials in the default credential ring to update the group policy on all systems in the targeted department or workgroup.

To populate the default credential ring with the admin credentials, do the following:

Add the admin credentials to the credential ring

Add the admin credentials to the Credentials tab in Security and User Management. These credentials are required for Patch Manager to log in and perform software updates on all systems that receive software updates from the WSUS server. When you are finished, configure the admin credentials to the credential ring.

The following example shows you how to add a credential to the default credential ring.

  1. Locate and record the administrator credentials for the targeted systems in the department or workgroup. For example, record the administrator credentials used to access the computers and servers in the Finance department.
  2. In the Patch Manager menu, maximize Patch Manager System Configuration and select Security and User Management.


  3. Click the Credentials tab.


  4. Click Add Credential in the Actions menu.
  5. Enter the fully-qualified domain name (FQDN) of the administrator who can log in to all computers in the targeted workgroup or department.

    SolarWinds recommends entering the user name in the DOMAIN\username format. For example, if the targeted systems are located in the AUS-SE-MGOM-01 domain and dspencer is the domain admin, enter AUS-SE-MGOM-01\dspencer in the User Name field.


  6. Enter and confirm a password, and click Save.
  7. Repeat step 3 through step 6 to add additional administrator credentials for additional departments or workgroups that receive software updates from the WSUS server.

Assign the credentials to the targeted resource

Assign the credentials in the credential ring to the targeted resource. This process allows Patch Manager to log in to a managed system based on the credential rule.

The following example shows you how to assign a credential rule to the Computers resource.

  1. Click the Credential Rings tab.


  2. Double-click <Default> to open the Credential and Credential Rings Rules wizard.


  3. Accept the default credential ring.


  4. Click the User Name drop-down menu, select an existing credential, and click Add.

    To add a credential, complete the User Name and password fields, and click Add.


  5. Review the credentials, add additional credentials as needed, and click Next.


  6. Map the credentials to the targeted resource.
    1. Click Add Rule.
    2. Select the type of rule you want to add.


    3. In the left pane of the Select Computer window, browse the left pane until the resource you want to add is in the upper right pane.


    4. In the center window, select the resources you want to include in the credential rule, and then click Add selected.
    5. Repeat these steps for each resource you want to add.
    6. Click OK.
    7. On the Select User for Credential Rule window, select the credential you want to map to the resources, and then click OK.


    8. Click OK.

      The credentials are assigned to the targeted resources.

      In this example, when Patch Manager logs in to client systems in the se-aus-mgom-03 domain to download a patch, the application uses the AUS-SE-MGOM-01\dspencer credentials to log in to the systems. Any resource (such as Active Directory Domains and Workgroups) that is not assigned to a rule defaults to the Unmatched resources credentials.


      Ensure that the DefaultUnmatched resources credential rule is assigned to a system administrator with admin rights to the managed systems and the environment. If a credential rule (for example, Computers or Update Services Servers) is not assigned to a system administrator with the proper credentials, the rule defaults to Unmatched resources.

      If you push a task to the managed computers and the rule defaults to Unmatched resources without the proper credentials, you can receive Access Denied errors when you push a task to the managed computers.

  7. Click Finish

    The credentials are assigned to the targeted resource. When Patch Manager connects to the targeted resources, it uses the credentials you assigned to the credential ring to log in to the managed systems as the assigned administrator and install the software updates.

Last modified