Software Updates are generating errors for the client policy xml files.
|Article:TECH46342|||||Created: 2009-10-30|||||Updated: 2014-09-19|||||Article URL http://www.symantec.com/docs/TECH46342|
The following errors are seen on the logs and some agents with these polices will not update their configuration.
Have seen some instances where the Remediation Center displays Bulletins with Staged=False, when in fact they are Staged=True. This appears to be a visual of the issue on the Remediation Center.
Description: Unable to generate policy XML for item: [Software Update Name] [Software Update Policy Name] (Software Update Advertisement GUID)
Patch Management Solution for Windows 7.1.X & 7.5
The associations between the Software Update Package / Installation Files have become corrupt.
Specific possible cause; Import Patch Data for Windows is not running clean up tasks for Software Update Packages and deadlocking during the Download Software Updates portion of clean-up.
Work through the following to resolve this issue:
1. Isolate which of the Software Updates have become corrupt:
1. Method 1: Review the SMP Log to isolate the affected Bulletins from the listed errors
2. Method 2: The SQL scripts listed below will also assist with isolating which updates have lost their resource associations
2. On the Console > Actions > Software > Patch Remediation Center
1. Highlight and Left-Click > Disable all affected Bulletin(s)
1. Right-click > List Software Updates: Note the software KB#(s) for step 2
2. Highlight and Disable the Software Update Policy the affected Bulletin(s)
3. On the Console > Manage > Organizational Views > Default > All Resources > Package > Software Package
1. Highlight and Left-Click > Delete the listed updates for the Bulletin from this table
4. On the Console > Settings > All Settings > Software > Patch Management > Core Services
1. Displays the current location for Package Download
1. Note: default is at C:\Program Files\Altiris\Patch Management\Packages\Updates
2. Drill down on the File Structure to that location
1. Physically delete the affected Software Update Package Downloads from the hard drive
5. On the Console > Manage > Policies > Software > Patch Management > Software Update Policies > Windows
1. Disable the affected Software Update Policies
2. Leave these policies disabled for 3-5 days; allowing for targeted Clients to Update Configuration and receive change in status, and when all targeted clients receive change in status, it should be safe to delete the unwanted policies
3. Note: step 6 may be completed prior to deleting these old policies, but the Software Update Policy name may need to be altered
6. On the Console > Actions > Software > Patch Remediation Center
1. Highlight > Right-click the Bulletin > Select 'Download Packages' to recreate the Software Updates
2. Highlight > Right-click the affected Bulletin(s) > Select 'Distribute Software Updates' to recreate the Software Update Policy for the clients to receive the packages
Advisory: The following SQL Query results will reveal a list of Bulletins and Updates for which the packages need to be recreated with a null or blank entry in PM 7.0 - 7.1 (see attached doc below for PM 7.1 SP1+):
select it.Name as Bulletin, it2.Name as [Update], it3.Name as [Superseded By]
from ItemReference ir
inner join ResourceAssociation swu_pkg
ON swu_pkg.ParentResourceGuid = ir.ChildItemGuid
and swu_pkg.ResourceAssociationTypeGuid = 'A19CED33-9E1F-4E97-98CF-0F8B339739C3'
and ir.Hint = 'swu'
left outer join ResourceAssociation pkg_fle
ON pkg_fle.ParentResourceGuid = swu_pkg.ChildResourceGuid
and pkg_fle.ResourceAssociationTypeGuid = '34f2b0fe-e63e-4b8e-b359-ff73a026fe51'
INNER JOIN vSoftwareUpdateInventoryRuleAssociations v
ON swu_pkg.ParentResourceGuid = v.SWUGuid
join Item it
on it.Guid = v.SWBGuid
join Item it2
on it2.Guid = v.SWUGuid
left outer join Item it3
on it3.Guid = v.SupersededBy
-- inner JOIN ResourceAssociation file_type
-- ON pkg_fle.ChildResourceGuid = file_type.ParentResourceGuid
-- and file_type.ResourceAssociationTypeGuid = '4d33d29b-dc9f-4e72-9a80-c5fb7cec0fb6'
where pkg_fle.ParentResourceGuid is null
NOTE: Review attached SQL Script Doc for updated script to run in PM 7.1 SP1, SP2, MP1.x and 7.5
Additionally: Review the clean-up settings for Revise and Newly as outlined on KM: TECH40390 and enable these settings if possible, for they will maintain package integrity for updates that have been revised. Note: The above steps may still be necessary once these have been implemented, for the packages may still have stale codebases and need to be recreated once more, and then the PMImport can prevent this from happening moving forward.
Article URL http://www.symantec.com/docs/TECH46342