Client Management Suite

 View Only

  • 1.  Patch Management Inconsistency (?)

    Posted Jan 26, 2011 12:37 PM

    We are rolling out Patch Management and testing on an initial sample of computers. I have one computer driving me crazy as Patch Management reports it as "vulnerable" to 11 older (2007-2010) updates (MS10-020, for example), but when I look in add/remove programs on the computer, these updates are installed. If I pull up the Software Summary for that computer in Resource Manager, it also shows the updates as being installed with a date (1/12) that is consistent with when we first started rolling out to this test group. So it appears that PM may have installed the patches and the client updated its inventory, but something still hasn't kicked in that tells the vulnerability scan that they are installed (?). I've atttached inventory reports with the updates highlighted. I did find 2 updates on the "vulnerable" list that were not on the "installed" list (MS10-060 and KB-982524), but the rest are on both lists. Client logs, however, say "No software updates require installation" every time the maintenance window opens. Is there some simple way to get this reconciled so this computer does not show up as "vulnerable"? Don't want to open a support case for one computer if it's something I've overlooked!   I'd ha    

    Attachment(s)

    pdf
    152469 Installed.pdf   83 KB 1 version
    pdf
    152469 Vulnerable.pdf   52 KB 1 version


  • 2.  RE: Patch Management Inconsistency (?)

    Posted Jan 26, 2011 12:54 PM

    If you follow the steps in this KB, does it resolve your issue?  This guides you through forcing a new patch inventory to be reported to the NS:

    http://www.symantec.com/business/support/index?page=content&id=HOWTO10539



  • 3.  RE: Patch Management Inconsistency (?)

    Posted Jan 26, 2011 01:50 PM

    I did try that (was suggested to me by one of the support techs on another, related issue), but no luck. Looking a little deeper at the client logs, I'm seeing a lot of what appear to be communications issues:

    </event>
    <event date='Jan 26 12:34:14' severity='4' hostName='DTXP152469' source='Client Task Agent' module='client task agent.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70295609' >
      <![CDATA[CTaskServerNetCommsConnection::RegisterWithServerList(): Register order: chq2k3dm611.GuarantyOnline.com]]>
    </event>
    <event date='Jan 26 12:34:14' severity='4' hostName='DTXP152469' source='Client Task Agent' module='client task agent.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70295609' >
      <![CDATA[Attempting to register using "http://chq2k3dm611.GuarantyOnline.com/Altiris/ClientTaskServer/Register.aspx?resourceGuid=da8b3475-ece9-45dc-ba35-0074fda45df4&lastResort=true"]]>
    </event>
    <event date='Jan 26 12:34:15' severity='2' hostName='DTXP152469' source='AeXNetworkTransport' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70296609' >
      <![CDATA[Post to 'http://chq2k3dm611.GuarantyOnline.com/Altiris/ClientTaskServer/Register.aspx?resourceGuid=da8b3475-ece9-45dc-ba35-0074fda45df4&lastResort=true' failed: HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:15' severity='2' hostName='DTXP152469' source='CoNetworkTransport(257)' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70296609' >
      <![CDATA[HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:16' severity='2' hostName='DTXP152469' source='AeXNetworkTransport' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70297609' >
      <![CDATA[Post to 'http://chq2k3dm611.GuarantyOnline.com/Altiris/ClientTaskServer/Register.aspx?resourceGuid=da8b3475-ece9-45dc-ba35-0074fda45df4&lastResort=true' failed: HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:16' severity='2' hostName='DTXP152469' source='CoNetworkTransport(257)' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70297609' >
      <![CDATA[HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:16' severity='4' hostName='DTXP152469' source='Client Task Agent' module='client task agent.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70297609' >
      <![CDATA[Attempting to register using "http://chq2k3dm611/Altiris/ClientTaskServer/Register.aspx?resourceGuid=da8b3475-ece9-45dc-ba35-0074fda45df4&lastResort=true"]]>
    </event>
    <event date='Jan 26 12:34:17' severity='2' hostName='DTXP152469' source='AeXNetworkTransport' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70298625' >
      <![CDATA[Post to 'http://chq2k3dm611/Altiris/ClientTaskServer/Register.aspx?resourceGuid=da8b3475-ece9-45dc-ba35-0074fda45df4&lastResort=true' failed: HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:17' severity='2' hostName='DTXP152469' source='CoNetworkTransport(257)' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70298625' >
      <![CDATA[HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:18' severity='2' hostName='DTXP152469' source='AeXNetworkTransport' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70299625' >
      <![CDATA[Post to 'http://chq2k3dm611/Altiris/ClientTaskServer/Register.aspx?resourceGuid=da8b3475-ece9-45dc-ba35-0074fda45df4&lastResort=true' failed: HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:18' severity='2' hostName='DTXP152469' source='CoNetworkTransport(257)' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70299625' >
      <![CDATA[HTTP error: 500 Internal Server Error (-2147209951)]]>
    </event>
    <event date='Jan 26 12:34:18' severity='2' hostName='DTXP152469' source='Client Task Agent' module='client task agent.dll' process='AeXNSAgent.exe' pid='5984' thread='6008' tickCount='70299625' >
      <![CDATA[CTaskServerNetCommsConnection::Register(): CAtrsException exception, error = "Unable to connect to any of the known task servers (Will refresh list of available task servers.)", OS error = 2147549183, at line 1014
     re-throw at CTaskServerNetCommsConnection::GetServersAndRegister]]>

    Not seeing this on some of the other workstations I have checked so I'm thinking this is the "smoking gun" (?). Checked a couple of the solutions listed in the KB but they seem to apply to the Task/Notification servers, and it appears tis is only happening on this one client.

    Thoughts?



  • 4.  RE: Patch Management Inconsistency (?)

    Posted Jan 26, 2011 02:43 PM

    I think your assessment is correct.  Have you tried this solution?  The error doesn't quite match yours, but at least it's a client-side fix.

    http://www.symantec.com/business/support/index?page=content&id=TECH47470

    You should go through the Task Server and Notification Server KBs that you found, just to be safe, because it is possible that you have an issue on your NS.  For example, let's say you provision 5 test systems, and 4 register successfully with the NS, then the NS stops processing NSE's in the queue.  Your 5th test system is having trouble, so you conclude the unique log entries are client-related.  (This exact scenario happened to me once.)  Is the EvtQueue healthy on the NS?

    I assume no proxy in your environment.  I'll assume network configuration, VLAN, etc is similar between your problem client and the other systems.

    Is the client on a slow link?