Hi Jim...don't think i've talked to you since the old forum setup actually!

The licensing was my first thought for the cuplrit, but it doesn't seem to be the case.  We're ok on our licenses (though, cleanup of old machines doesn't seem to be affecting the numbers for Patch like the others...but that is probably another question all together).

I did see this in the logs for 2 of the machines (these were 2 I removed and reinstalled the agent for in my initial quest to remedy the problem)...it was in there repeatedly, as in it ate up all of the logs last night at 3AM:

<![CDATA[CAtrsException exception, error = "Attempted to reference a null interface", OS error = 2147549183, at line 71
re-throw at CAtrsInterfacePtr::operator->
re-throw at CTaskAgentBase::IsRegistered
re-throw at CTaskAgentBase::CheckRegister]]></event>
<event date='Jul 08 03:00:44' severity='2' hostName='XXXXXXXXXX' source='Client Task Agent' module='Client Task Agent.dll' process='AeXNSAgent.exe' pid='368' thread='3444' tickCount='54953' >

I also saw this on one of the other machines:

<event date='Jul 08 05:55:13' severity='4' source='SynchAgent' module='AeXTaskSynchAgent.dll' process='AeXNSAgent.exe' thread='3024' tickCount='39800031'>
<![CDATA[Wakeup interval is: (60) min]]></event>
<event date='Jul 08 05:55:13' severity='4' hostName='XXXXXXXXXX' source='MulticastEngine' module='AexPackageDelivery.dll' process='AeXNSAgent.exe' pid='1828' thread='2160' tickCount='39800578' >
<![CDATA[InitialiseCore(): Multicast is not enabled. Engine will not be initialized]]>
</event>

as well as this...

<event date='Jul 08 06:52:39' severity='2' hostName='XXXXXXXXX' source='AgentUtils::GetAuditIniPath' module='AeXAMAgent.dll' process='AeXNSAgent.exe' pid='1828' thread='2412' tickCount='43246671' >
<![CDATA[Failed to find audit ini file at C:\Program Files\Altiris\Altiris Agent\auditpls.ini]]></event>

There's so much data in the logs obviously that i'm hard pressed to find something any more specific....unless you can point me towards a specific string I should lean towards searching for?

I almost forgot to answer your last question.  Examples of patches that aren't available and should be...

Consistently across the board on every computer having this problem, the issue is that only Microsoft Office type patches are showing up.  That's it.   No Operating System patches are deemed 'applicable', which to me, pointed to an inventory/data issue.  I did check the machines and the OS is defined, etc.  It baffles me.

there are the 4 I expect to be listed there.  as you can see from the screenshot below (hopefully it shows up), it only seems to be thinking that Office or Office related patches are applicable.  this is the way it is for all 15-20 machines affected.

"Altiris KB:22562 Resetting Stale Inventory Hashes" - there is an option for doing it for a single machine/guid.  would it be a valid test to get the GUID for this machine and run this query on the SQL server for just the one machine?  Would I have to force the computer to do a full inventory again?

Incorrect

Correct

sorry for the delay, I was out at training last week.

if you take a look at the pictures above, you'll see what i'm referencing here....i've found that when looking in the resource manager inventory at the workstations with the issue, they're missing a grouping under their patch management inventory.  there should be a 'Global' and a 'Microsoft'  grouping, but on the workstations showing the incorrect number of applicable patches, there is only a Microsoft one - Global is missing.

I tried doing the Hash reset in the KB article for that particular GUID, which did reset the values to null, but 24 hours later, I'm back at square one and the patch inventory is still incorrect and the grouping is still missing.  all the other inventory is back to where it was though.

So....at this point, any ideas? AgentUtil /ResetGuid? Any recommendations on the best course of action?

i've deleted it from the console (which I assume does not leave anything behind in the DB), but i've also reset the guid as well to create it fresh and still run into the same problem.  thankfully, we have a backup patch solution (shavlik), but this is definitley putting a damper on things as i've been trying to transition off of it to go mainly with altiris patching.