I'm looking for clarification on how patch works, specifically when a machine is reimaged.
After imaging (assuming the agents are updated), at some point the computer runs the Windows Assessment scan (or I force it). Then the agent updates (or I force it several times). If I'm watching the computer, I look at the agent requested time and wait and see if the changed time updates, and if it does, usually this means the computer has realized patches are available and queues them.
Sometimes I image 2 machines at the same time and do the same update agent/run scans and one computer just doesn't get the patches, but if I leave it on a day it eventually does get the updates.
If I look in reporting, I see the computer that didn't get the patches and see that it has computers applicable but not installed. I assume that report data could be outdated from before the computer was imaged, however.
I understand with CMS a lot of things are timing based and not on demand, but when I image 2 computers I have a hard time understanding why they behave very differently. Is there a log on the server/client I can look at to see if the assessment scan sent results to the server or what else may be going on? If they update eventually that's ok, but I'd like to build my confidence updating will eventually happen before I send these machines into production.
Thanks!