Quantcast
Channel: LANDESK User Community : Popular Discussions - Patch Manager
Viewing all 3522 articles
Browse latest View live

Security scan fails to download some patches

February 1, 2012, 6:57 pm
$
0
0

When i run a security scan, it fails to run certain installers.

 

 

Last status:
2 patches were found to run
Last status: Done.  2 patches were found
Last status: Failed
Download Failure: Error 80004005 downloading http://CORESERVER/LDLogon/patch/skypesetupfull5.6.0.110.exe
Last status: Failed: Could not download http://CORESERVER/LDLogon/patch/skypesetupfull5.6.0.110.exe
Sending status to core
In SendRequest: Action = SOAPAction: "http://tempuri.org/SetPatchInstallStatus"
Wed, 01 Feb 2012 16:36:32 SendRequest: SOAPAction: "http://tempuri.org/SetPatchInstallStatus"
Wed, 01 Feb 2012 16:36:34 Success

 

 

 

 

Last status:

 

Last status: Done

Wed, 01 Feb 2012 16:36:35 Performing TCP connection with a timeout of -1 milliseconds

Wed, 01 Feb 2012 16:36:37 Performing TCP connection with a timeout of -1 milliseconds

Wed, 01 Feb 2012 16:36:39 Performing TCP connection with a timeout of -1 milliseconds

Wed, 01 Feb 2012 16:36:41 Performing TCP connection with a timeout of -1 milliseconds

Wed, 01 Feb 2012 16:36:42 Performing TCP connection with a timeout of -1 milliseconds

Downloading http://CORESERVER/LDLogon/patch/Firefox Setup 10.0_ENU.exe

Failed to download http://CORESERVER/LDLogon/patch/Firefox Setup 10.0_ENU.exe.  Error code 1

Last status: Failed

Download Failure: Error 80004005 downloading http://CORESERVER/LDLogon/patch/Firefox Setup 10.0_ENU.exe

Last status: Failed: Could not download http://CORESERVER/LDLogon/patch/Firefox Setup 10.0_ENU.exe

Sending status to core

In SendRequest: Action = SOAPAction: "http://tempuri.org/SetPatchInstallStatus"

 

 

Wed, 01 Feb 2012 16:36:44 SendRequest: SOAPAction: "http://tempuri.org/SetPatchInstallStatus"

 

 

 

 

However other updates run, such as adobe reader x or firefox 9.0.1 correctly downloads and installs.  All the install files are in the same patch repository.  I don't understand why it would update firefox from 8.0.1 to 9.0.1 but not to 10.0.

Search

Microsoft .NET Framework 4.5.2

February 3, 2015, 6:22 am
$
0
0

Through the last round of endpoint patching we noticed Windows Update showed the most recent .NET framework update as "Important" .   Yet in scanning using LANDesk, the vulnerability is not detected nor are we allowed to patch.  

 

This is being noted by our CSO as our policy is to patch all Critical, High and Important patches.  

 

My questions are:   Why is this not being detected?   Why is there not a patch available to update?

Failed to download

July 9, 2013, 1:06 pm
$
0
0

I am in the process of testing LANDesk for deployment on laptops.  However, I am having a problem with the patch and compliance scans not being able to download patches.  It seems like the GUI gets about half way through the download of the first patch, starts over, gets about half way through again and then bombs out.  This is what I see in vulscan log:

 

Failed to download http://landesk/LDLogon/patch/vlc-2.0.6-win32.exe.  Error code 2

Last status: Failed

Failed

Download Failure: Error 80004005 downloading http://landesk/LDLogon/patch/vlc-2.0.6-win32.exe

Last status: Failed: Could not download http://landesk/LDLogon/patch/vlc-2.0.6-win32.exe

DeferredReportAction: name 'vlc-2.0.6-win32.exe', code '0', type '-1', status 'Failed to download file vlc-2.0.6-win32.exe'

Failed: Could not download http://landesk/LDLogon/patch/vlc-2.0.6-win32.exe

 

I am able to copy and paste that URL into a browser (Chrome and IE) and download the file.  I also did a TCP dump on the LANDesk server and can see a HTTP GET request along with a HTTP response status: partial content for the correct package.  Any ideas?

 

Thanks,

Brad

Printer drivers showing up in PendingFileRenameOperations causing LANDesk reboot flags

April 1, 2014, 11:59 am
$
0
0

Hello all,

 

I have been updating printer drivers on our print servers and I have been noticing lately that many of our end user clients are recieving reboot prompts as LANDesk sees the PendingFileRenameOperations registry entry. Appears that the new Lexmark C772 drivers are causing most of the events. When I reboot the entry is cleared but when I run a new vulscan the PendingFileRenameOperation entry appears and causes the reboot prompts. I do see some of the Xerox drivers causing the same issue as well. The registry entry is located here: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations

 

Just curious if anyone has had a simlar experience.

 

Much appreciated,

 

Jason

High CPU Usage by ISSUSER.exe

May 29, 2015, 2:23 pm
$
0
0

On LD 9.6 SP1 client I'm seeing issues with ISSUSER.exe running at 100% of one core and sometimes faulting.

Once suggestion was to replace the jscript.v55 file, but that has not resolved the issue.

 

Looking at the application errors  in the diagnostic data in inventory I'm seeing the following

2015-05-29 16_20_06-Inventory - BRDROEDE3NKNWZ1 - __Remote.png

So it appears the LIBEAY32MT.dll is where it's faulting at with an exception code of c0000005

 

Any advice?

Does LANDesk create a log file for the Disable Replaced Rules tool in Patch and Compliance?

July 28, 2015, 2:58 pm
$
0
0

Does LANDesk create a log file for the Disable Replaced Rules tool in Patch and Compliance?

 

I know that it has details in the tool, but I haven't found a way to copy/export that information. I was wondering if anyone knew if a log file was created when this tool runs. I am using LANDesk Management Suite 9.6.

 

Thanks.

Printer Issues after Security and Patch Updates

October 30, 2014, 12:26 pm
$
0
0

Has anyone out there seen any issues with printers after doing Security and Patch updates via LANDESK?  We've been seeing a fair amount of issues where printers have to be reinstalled after the LANDESK Security and Patch scan is run against the machine and patches are applied.  This seems to affect both locally-installed and network printers, Windows XP and 7, desktops and laptops.  We're only pushing Microsoft and LANDESK updates, so it's entirely possible that one of the Microsoft updates is causing it, but we haven't been able to identify which one (or ones) might be causing it.

 

Thanks in advance!

Running Vulscan From Command Prompt

May 4, 2009, 7:10 am
$
0
0

Hi all,

 

I have a number of servers that we use LANDesk to stage patches to but not install.  The installation is being done manually by someone from the server team.  However, if a large number of patches get pushed to the server, then it can be a challenge to install manually (time consuming and questionable about what goes on first, second, etc....).   I figured that I would just put a batch file on these servers that would then allow the server team to run and install using calls to vulscan.  However, this doesn't seem to be working for me.  Maybe I'm misunderstanding the capability of vulscan but here is what I have tried:

 

vulscan /repair vulnerability=all /allowusercancelrepair /rebootifneeded

 

and

 

vulscan /repair vulnerability=all /fix /allowusercancelrepair /rebootifneeded

 

 

When I run these commands, nothing happens.

 

Suggestions on what I'm doing wrong?

 

Thanks everyone.

Search

Stop scanning for XP vulnerabilities and only scan for Win7

March 12, 2015, 8:04 am
$
0
0

We would like to remove all XP patches and just scan for Win7 updates? Is there an easy way to do this? I know there will be times when the updates applies to multiple OS's.

KB... does not apply, or is blocked by another condition on your computer.

December 14, 2012, 12:46 am
$
0
0

Hi,

 

I have a core server Landesk 9 SP3 et agent are on SP3 too.

 

I have a lot of patch especially .NET patch ( ndp*****.exe ) that are detected by landesk but the installation failed.

When I try to install it by hand I have the following message :

-     KB***** does not apply, or is blocked by another condition on your computer.

          With this message I try to shutdown all the appz that run on server et reintall it. I got the same message

 

Here's some patches that are detected by Landesk but cannot be installed on the system :

MS11-100

MS11-044

MS11-066

MS12-016

...

 

I think that the problem come with the process of detection for these patches !

 

Do you have also these problems ? and have you find a solution to avoid it ?

 

Big Thanks !

not able to push landesk 9.6 agent

June 23, 2015, 3:48 am
$
0
0

I have pushed the agent to new machines ,I am not getting any error .

Patch Management using preffered Server

October 24, 2008, 12:07 am
$
0
0

Hi,

I want to patch management on a slower link --(64k ,128 K) . I want to use preffered server. Can some one send me documented process for the same.

'Agent Cancelled by User' - Return code 424

December 21, 2010, 7:12 am
$
0
0

Greetings,

 

I have a policy setup for patching, and this morning I noticed a large number of systems have failed this policy for the following reason:

 

"Agent cancelled by user.'  The return code is a 424. 

 

Does anyone know what that means? The logs thus far have not been helpful to me.

I want to disable Java Updates. Easiest way

November 13, 2013, 12:29 pm
$
0
0

LANDesk is new to our network. We have XP and Windows 7 computers and we are in the process of getting LANDesk to rule them all so to speak.  Initally, we simply want to disable Java Updates.

 

I know that paching java will also remove this update tab . . .and we want to go there.  But for now, I just want to put that crappy Java Update/Google Chrome/ASK toolbar nonsense back in its bottle.  I see that there appears to be a simple registry change that turns updater off. Can it be this easy, regardless of versions. 

 

Please, assume I know not much more than someone into this for a few wekks, and help me out. I really appreciate it.  BTW, I see everything here aleady on JAVA and it makes my head hurt! 

 

Thanks

The previous system shutdown was unexpected

March 21, 2014, 6:28 am
$
0
0

Hello All,

 

I am having a problem with a big percentage of our servers being patched with Landesk. When the Landesk client issues a reboot (if required for patching), when the server comes back up, we get "The previous system shutdown was unexpected" messages.

 

Anybody else noticing this problem? Core is 9.5 SP1.

 

Thanks

Search

LANDesk says patch is needed but machines are already patched

June 2, 2014, 1:43 pm
$
0
0

I am working with Microsfot Patch 2852386v2.

LANDesk says 48 of my comptuers need this patch.

I deploy it via LANDesk. It fails on all machines with "Return Code 412."

 

I remoted to one of the machines.

I copied the patch from the LANDesk Core Server to the computers desktop.

I executed the patch manually.

It says "Update from Windows (KB2852386) is already installed on this computer."

 

I opened Control Panel, Uninstall a program, View installed updates.

I locate the patch and uninstall it.

I then reapplied the patch via LANDesk.

It successfully installs. It no longer shows as being needed by LANDesk.

 

I repeated the process on two other machines. My method works. However, I don't want to do this for the remaining 45 machines.

 

Why is this occuring and what do I need to tweak so the patch doesn't show up as being needed. (I don't want to move it to Do Not Scan because any new machines on my network would not be screened for it.)

Vulscan, maintenance windows, and continue tasks

April 17, 2015, 11:21 am
$
0
0

I've found something interesting regarding maintenance windows and the regular scheduled vulscan task and how it can, seemingly, blow out a pending continue task for a repair and replace it with a continue task that doesn't seem to do anything.

 

Here is the scenario:

  • Regular scheduled scan set to run once per day and scan all vulnerabilities but not configured to repair.
  • High frequency scan set to repair vulnerabilities in a specific custom group, also scheduled to run daily.
  • Maintenance window configured for 4 AM - 7 AM.


If the high frequency scan runs after the scheduled scan everything works as expected, all vulnerabilities set to scan are scanned and reported detected as appropriate.  The high frequency scan runs and attempts to repair detected vulnerabilities in specific group however maintenance window prevents actual patch installs and only allows for patch downloads then sets a continue task to defer the repair.  During the maintenance window the continue task fires and patches are installed.


HOWEVER.... if the scheduled scan runs after the high frequency scan the continue task during the maintenance window instead does nothing.  It appears that the scheduled scan is setting a continue task and overwriting the continue task set by the high frequency scan which is causing patches to not install during the maintenance window.


For the moment I've worked around this by setting time restrictions on the two scans so that the repair scan always runs after the regular scan.  The issue I can see with this is that it's very likely this would also impact any scheduled repair tasks from the core that happen to fire after the maintenance window but before the scheduled scan and it doesn't seem like the regular scheduled scan should need to be overwriting the continue task like this since it shouldn't have anything to do during the maintenance window to defer.  This has happened more than once on multiple machines so it doesn't look like a case of the scan wanting to perform a reboot, for example, especially given that the continue task it generates does not reboot or do anything else that would need to run during a maintenance window that I can detect.

the update is not applicable to your computer

April 28, 2015, 2:09 pm
$
0
0

Patch Manager is not installing 3 Windows patches its detecting needed on multiple workstations. Trying to install them manually gives the message "The update is not applicable to your computer" for all 3 patches on 25% of our PCs.  Why?

Another bug?

 

windows6.1kb2913751x64.msu

windows6.1kb2984981x64.msu

windows6.1kb2994023x64.msu

View Log files blank in console

March 23, 2015, 7:17 am
$
0
0

I have been checking log files directly at their actual locations. However I see this a lot and wondered if anyone else gets it or has a solution?

 

When you get a failed task in the console. Be it a Repair job or a deployment if you right click the machine and choose 'view log file' it opens a blank log.

 

Anyone know a solution to this? Or as to why it happens?

 

As i said I will then just go direct to the log in question on the target machine but surely the view log file should work first.

3025417_MSU Patch - (Windows Defender) Detected on Server 2012

March 24, 2015, 11:38 am
$
0
0

We do not have any Windows 8 machines on our network. All desktops are Windows 7.

 

We have some new servers with Server 2012 on them.

 

I am showing patch 3025417_MSU as being needed on my Server 2012 machines. This patch is an update for Windows Defender. The odd thing is that you cannot put Windows Defender on a server.

 

I'm curious why its detecting my servers and wants to be installed. I did try it on one and it failed. I tried to manually install it and it says 'does not apply to this system.'

Viewing all 3522 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>