Patch Management Group

This is how we have scheduled reboots in the past when needed for patch management.  We encourage users to shut down at the end of the day, for those that don't, the next morning they used to be prompted to reboot with option to defer 10 mins (machine goes to sleep for 3am restart due, then next morning would be prompted when they woke machine up).

Client shows

CMS settings are set like they were prior to upgrade

However, the prompt to reboot/defer has been broken since the 7.5 upgrade, users never see it when their machines wake up, and the client scheduled reboot time just moves to the next day.  Did some connect searches but not finding anything.  Anyone else seen this issue or suggestions of what to try?  Used to work great for us, and really was one of the major bonuses of patching with CMS over SCCM.

I would make sure the software update plugin as well as all other plugins including Task server plugins have been updated.

According to SIM, it looks like we're on HF3 for software management and patch.

According to the release notes for HF3 - Software Mgmt Framework agent should be 7.5.1673 and it is.

http://kbdownload.symantec.com/resources/sites/BUSINESS/content/live/DOCUMENTATION/7000/DOC7103/en_US/ITMS_7_5HF3_Release%20Notes.pdf?__gda__=1400608324_6dc5a4da98d2076b3dc0f76c7e94639e

I'm not sure what the Software Update Plugin should be (not in PDF) - but on my test client it's 7.5.1597.

Client and server task agents are .1673 which seems to be correct for HF3

Hi!

How did you determine that clients weren't rebooted? Checked reports? Or was at client machine via RDC and nothing happened?

• You can check what policies are on this client, which doesn't get rebooted

• Check whether Client Task Agent is registered with Task Server and at least "Run Script" task successfully executes on this client computer.

• Check client logs to determine what happens at scheduled time, when reboot should occur

⇒ C:\ProgramData\Symantec\Symantec Agent\Logs

Thanks,

IP.

Hi IP,

<<How did you determine that clients weren't rebooted? Checked reports? Or was at client machine via RDC and nothing happened?>>

it's my workstation, so when I come in the next day if it rebooted I wouldn't still be logged in... but I am.  I expected to still be logged in but prompted to reboot, as I was prior to 7.5 upgrade.

here are policies

I sent a gpupdate /force script without issue.  It's also getting new patches fine, it's the reboot that's not happening.

 C:\ProgramData\Symantec\Symantec Agent\Logs - hmm the last modify date on my logs seems to be 5/14.  That can't be good news.

Thanks for your help!

Also you can check this link where is described about "reboot" task

https://www-secure.symantec.com/connect/forums/smp-reboot-event

<<Pick a test PC with false compliance levels and set this in its registry:

HKLM > SOFTWARE > Altiris > Altiris Agent > Patch Management
DWORD key
RebootRequired  value 1>>

This value already exists at 1.

Did you find a root cause of, why reboot isn't working? What says Symantec Management Agent log?

Also check whether this policy with this schedule is correctly applied on client.

Enable diags for SMA on client computer, using cmd on client PC:

• C:\Program Files\Altiris\Altiris\Agent\AexNSAgent.exe /diags
• Right click on SMA tray icon and choose "Policy Viewer"

 C:\ProgramData\Symantec\Symantec Agent\Logs - hmm the last modify date on my logs seems to be 5/14.  Don't know why but I don't seem to be logging.

I had to reboot my workstation for something else, so I don't have a test case anymore until the next patch requiring reboot goes out.

still having this issue, seeing it on every workstation.  Putting a ticket in.