Symantec Management Platform (Notification Server)

 View Only
Back to discussions
Expand all | Collapse all

Resource Targets being deleted every 7 days

  • 1.  Resource Targets being deleted every 7 days

    Posted Mar 03, 2013 10:15 PM

    I have recently been made aware of an issue that is affecting a couple of different customer SMP environments, which our company manages. Essentially, randomly the Resource Targets applied to the "Windows Patch Remediation Settings" would disappear for no reason.

    After getting a case logged with Symantec and getting absolutely nowhere (All they cared about was closing the case without a resolution), I decided to look into the issue further on my end. I was able to confirm that the Resource Targets which have been applied to the "Windows Patch Remediation Settings" policy are stored in the Item table as an XML definition and each time it is change the XML is regenerated and displayed as a Web Page. Assuming, that the issue was the Resource Association disappearing or becoming corrupt I created a SQL Trigger which would monitor the Item table for any changes to the XML. However, when the Resource Targets disappeared again I discovered that nothing in the Item table had been changed. In fact the Resource Targets were still there in the XML definition.

    As such I ran a search of the CMDB for the Guid's of the missing Resource Targets and discovered that they had been deleted. Digging deep uncovered that on each Sunday at 2:40AM a couple of Resource Targets were being deleted (The NS.Weekly Scheduled Task runs at this exact time).

    I was wondering if anyone knows what process would mark a Resource Target for deletion when the NS.Weekly scheduled task runs. The issue does not occur every week but I can see a distinct pattern in the DeletedItem and was hoping someone could shed some light on what would cause this behavior.

    Thanks for any input.



  • 2.  RE: Resource Targets being deleted every 7 days

    Posted Mar 04, 2013 06:09 AM

    Are you affected by the issue where the Default Target for Patch Management has to be set when logged in with the Altiris Service Account ("App Identity")?

    "How do I change the Default Target for Software Update Policies during creation?"

    http://www.symantec.com/docs/HOWTO79488



  • 3.  RE: Resource Targets being deleted every 7 days

    Posted Mar 04, 2013 08:34 AM

    Thanks for the reply Andy. 

    I am aware of that issue and fortunately I have not encountered it in any of the environments. I am going to dig deeper when I get to work tomorrow so hopefully I can uncover something (Unless someone has a suggestion for me to try).



  • 4.  RE: Resource Targets being deleted every 7 days

    Broadcom Employee
    Posted Mar 05, 2013 10:26 AM

    Hi sarquiss,

    Could you please provide screenshot with list of items, that are using Weekly schedule on affected NS?
    - Navigate to All settings > Notification Server > Shared Schedules
    - Select Weekly schedule from dropdown menu "items currently using:"

    Also could you please attach SMP logs captured when Resource targets have been deleted?

    Thanks,
    Roman



  • 5.  RE: Resource Targets being deleted every 7 days

    Posted Mar 05, 2013 04:41 PM

    Thanks for the replies. I was able to confirm that this is a known issue. The eTrack is 3013029.

    It is supposedly fixed in the upcoming 7.1 SP2 MP2. However, while we wait I am looking into a potential workaround.



  • 6.  RE: Resource Targets being deleted every 7 days

    Posted Mar 07, 2013 10:35 AM

    Guess what, I've just found I have the same problem. Keep us posted if you find a workaround, although my default target isn't particularly tricky to recreate when I want to test new patches.



  • 7.  RE: Resource Targets being deleted every 7 days

    Posted Mar 07, 2013 05:10 PM

    I will keep you posted Andy. Our Default Targets are also not difficult to recreate but it is annoying for our Patching Team having to spend time to recreate them. This issue has supposedly been going on for over a year before I joined.

    Anyways, I have found that the spGetResourceTargetsToPurge is the stored procedure which identifies the Resource Targets to be deleted. The way it identifys the Resource Targets is by looking at the LastAccessedDate and if any Resource Target has not been "accessed" for more than 7 days then it is deleted.

    I have asked Symantec how the LastAccessedDate field is updated as I can only find two ways:

    1) Editing a Resource Target (Even if it is to click the Update button)

    2) Running the spResourceTargetDeltaUpdate stored procedure

    The workaround I am looking into is writing a script which identifys the Resource Targets applicable to the "Windows Patch Remediation Settings" and if they have not been "Accessed" for 6 days it will then pass the guid to the spResourceTargetDeltaUpdate stored procedure each week.



  • 8.  RE: Resource Targets being deleted every 7 days

    Posted Mar 14, 2013 02:22 AM

    Perhaps the simplest solution for the moment would be to locate your default resource targets in the Item table and set the the Attributes field on those items to 16. This would prevent them from being deleted.



  • 9.  RE: Resource Targets being deleted every 7 days

    Posted Mar 14, 2013 02:57 AM
    Thanks for the suggestion but I already implemented a workaround which seems to be working quite well in my test environment. Will be pushing it out into production next week.


  • 10.  RE: Resource Targets being deleted every 7 days

    Posted Mar 22, 2013 06:11 PM

    This issue will be resolved in a future release of the Patch Management Solution.

    Please view the work around detailed on KM: TECH204204.