Patch Management Solution

We have ran in to several issues regarding patch management.  Our patch management reports are showing systems need rebooted, if you go to the system there are no reboots needed and patching is at 100% however if you go back to the reports it will still show as needing reboot and compliance status will be anything but 100%.  It's happening on about 1/3 of our machines and seems to be growing.  The issue is at all locations which means it affects all our site servers.  If we uninstall the agent, remove the system from the console, and reinstall the agent, it will begin working properly.  However since it's on about 300 machines it makes for a very time consuming task to reinstall all the agents on these machines since you have to make sure everything is removed before reinstalling the agent.  Not seeing anything thing in the logs which would point to any problems.  Anyone else ran into this issue and if so what did you do to fix it?

Hello mmathews,

Could you please provide some additional information?

- What is version of Patch Management Solution - is it clean 7.1 or 7.1 with some Service Pack?
- Could you please clarify how it was defined that affected machines do not actually require restart and that patching is at 100%?
- Do you observe described behaviour after affected machines have been restarted as well?
- Could you please start "AeXPatchUtil.exe /s" on any of affected machine  in case if machine is detected as requiring restart in Restart Status report, but you believe that machine should not be restarted.  Tool AeXPatchUtil.exe is usually located in Agent folder ("/Altiris Agent/Agents/PatchMgmtAgent/AeXPatchUtil.exe") Note: Please start mentioned command when SWU cycle is not running. 

Thank you,
Roman

Yes I could, We are running patch 7.1 SP2

For the sytems not requiring restart but showing needing restart per report I am checking these through the RADD tool.  As well as rebooting them but there reboot status is not clearing from the report.  If I remove the client from the console by deleting it and let the console pick it back up it will show once all the patch assessments have ran and inventory reported back.  It will then show as compliant and no reboot required.  I have ran that command on a few machines which were causing issues but same result.  Reboot is not required on the system and status in report still shows reboot.  Please see the following link for additional information related to this issue.

https://www-secure.symantec.com/connect/forums/patch-management-71-sp-2-tech167291-reboot-status-data-class

 

Misty

Currently our reboot status report is looking better after running aexagentutil.exe /deletedevices aexagentutil.exe /registerclient aexagentutil.exe /recover and setting the reboot status in the registry back to 1 so it is pending a reboot. Once the system is rebooted it is clearing from the reboot status report as it should. On another note, Compliance by computer still shows some pending update but no reboot required. When using RAAD and looking at the agent the patch tab is showing that there is a reboot pending. If I look at the vPMCore_ComputersPendingReboot view, most of these machines appear however they are not showing as needing a reboot in the Compliance by Computer or the Restart Status report, when they are showing in the database. Any ideas?? This has been ongoing for several months and needs to have a resolution asap. It's better than it was but still not 100% accurate. We are not running 7.1 sp2 mp 1.1

Hi Misty I would recommend to create ticket to Support. Thanks, Roman

I have opened a ticket with no resolution. It was suggested I update to 7.1 SP 2 MP 1 which I have and the issue still exists to some extent, I'm not going to say it's quite as bad but it's not fixed like it should be. The explaination I received from support is the NSE sent from the client to the host server are being lost once a reboot is performed and therefore not able to update the status of the reports. They said this happens from time to time. But this has happened every month since August. Not always the same computer. I was hoping there was someone else out there who has experienced the same issue and was able to resolve it. Otherwise, I will be forced to contact support yet again for another lengthy troubleshooting session.