Client Management Suite

I hadn't been using Adobe Patch Management in 7.0 but am configuring it in 7.1  An odd situation has come up.  The PMImport has been run, and I've staged and added all Adobe updates to a single policy which is applied to my test machine.  The test machine shows as vulnerable and applicable, and the package is downloaded and scheduled for install.

However, the Last package status: is 'Disabled,' and there is no Run history.  It will delete itself after being unused for 7 days, than more or less immediately redownload for the scheduled evening install.

I thought it might similar to this issue with an applicability rule having a problem:
https://www-secure.symantec.com/connect/forums/software-delivery-issue-one-client-shows-last-package-status-disabled

But I'm not quite sure.  Has anybody seen this before with Adobe patches?  Start Software Update Cycle is not clickable.

What version of Adobe Reader are you trying to update? The Adobe updates are very sequential. For example, apsb10-21 is reader 9.4.0 full install, apsb10-28 is an update to 9.4.1, and apsb11-03 is update 9.4.2.  In Adobe PM 7.0 if you watch the updates being applied, they are applied in order, one at a time, so if a client comes on with a very old version, it may take days before PM runs through the sequence depending on your update and inventory intervals you have configured.

Perhaps the fact you have all the updates in one policy is causing some confusion. Can you create a policy with only the applicable update in it? So if you have Adobe Reader 9.4.0 installed, only create a policy for 9.4.1 (apsb10-28).

I have Adobe X installed.  The APSB11-03 bulletin is finding AdbeRdrUpd1001_Tier1.msp to be applicable to my machine.

If I force using AeXPatchUtil.exe /xa, it returns "No updates to install.  Exiting Software Update Cycle."

If I create a separate policy, it rmeains Disabled for Last package status.

Is Adobe Reader at 10.0.0 or 10.0.1?

10.0.0 requiring the 10.0.1 update from APSB11-03.

Can you download and manually execute APSB11-03? Perhaps there is an issue with the initial Reader X install. If you can't update manually, PM won't be successful either.

Are any other Adobe updates working?

mclemson,

It seems, that some other update was installed and made APSB11-03 not Vulnerable for this client - maybe it was some superseding update. Therefore, Update Advertisement disappeared from the client before it got executed. To troubleshoot this situation, please check InstallLog.csv file, which resides in the client's Patch Agent directory: C:\Program Files\Altiris\Altiris Agent\Agents\PatchManagement\InstallLog.csv.

Also, please check Compliance by Computer - is this update still in the Vulnerable List for this computer?

If it is Vulnerable, please check Update Advertisement - is it actually enabled in Altiris Console?

Then, if Update is Vulnerable and Advertisement is Enabled - it should be registered in Software Update Tab of Altiris Agent and therefore be installed via AexPatchUtil.exe /Xa. 

The other option, is Update is not Vulnerable on the client but You believe it should be. Then the problem can be connected with Inventory Rules.

Somehow, despite having a policy for this update, it is not staged.  I noticed this when I went to the Software Bulletins Detail report today to investigate this issue again.

Therefore, the policy exists and can download the package from the package server source location, but something must be broken if it belives Staged = False.  I've right-clicked and chosen 'Recreate Packages' and will see if it fires off correctly tonight at the scheduled time.