Kaseya Community

XP Sp2 required on an SP3 workstation :S

  • HI chaps

    I've got an oddity here. I've just seen that a number of machines are showing that XP SP2 will be installed in the next automatic installation using patch management, despite those machines showing that XP SP3 is installed (right click My Comp, properties).

    Any idea why Kaseya would think that SP2 is required when Sp3 is already installed ?

    Olly

    Legacy Forum Name: XP Sp2 required on an SP3 workstation :S,
    Legacy Posted By Username: oliverm
  • Olly,

    Kaseya would report the missing pacthes based on the last patch scan.

    Is there any chance that, when the last K patch scan was done, that the machine was missing the Service Pack(s). But then after that, someone manually installed the Service Pack(s) outside of Kaseya?

    Lloyd

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: lwolf
  • Just to throw this out there, I've had a few machines say that they were missing SP2 and these computers definitely had SP3 installed.

    One of them was a testing machjne, so for grins, I told Kaseya to install the missing SP2, and it didn't go through the install process on the workstation. But Kaseya no longer said I needed that service pack.

    I did the same on the others that were "missing" SP2 and Kaseya stopped bothering me about it.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: JosephM
  • Yeah, that worked here too. Odd.

    Thanks

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: oliverm
  • Olly,

    In the past, when troubleshooting how K knows whether or know a patch is neeed, I was often told by K Support to check Windows Updates - to see what that reported as missing.

    So I am curios what Windows Updates reports as missing for one of these machines?

    Lloyd

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: lwolf
  • Yeah I checked that. Windows update didnt show any mention of Sp2 being required. As far as I can tell, SP3 was installed with the OS from a dell WinXP Pro inc SP3 installation CD.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: oliverm
  • hummm.... I wonder once K scans a machine and detects a patch is missing (like SP2), and this never gets installed (say a month or two goes buy). Then someone goes ahead and runs SP3 after a few months. Does K now know to remove this flag from its DB? Might be a slight flaw in the programming logic here?

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: boudj
  • In my case also, going Windows Update did not show that SP2 was missing. These were machines that have been on SP3 for several months, and Kaseya did not show SP2 missing previously. They only recently (in the last 4-6 weeks) started showing SP2 was missing.

    After I posted this, I continued on through the forums....There's been a few threads recently about the legacy patches showing up under patch approval lists. I wonder if this is related to any of that mess?

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: JosephM
  • Hi JosephM,

    The legacy patches is actually Kaseya working as intended, but unfortunately it's just a very annoying setup. Dominic has currently escalated this to development as an enhancement request.

    I'd recommend deleting the patch xml file on the local machine of any mention that claims to be missing SP2 and re-running a patch scan to see if this helps at all.

    Cheers,
    -LWX

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: LANWorx
  • Hi Lloyd,
    I know little about K's patching processes, but I would think that the patch database is replaced every time a machine is scanned, no? And if so, that would catch any instances where somebody manually installed a patch since the prior scan. Kind of like a full backup vs an incremental...

    LANWorx
    I'd recommend deleting the patch xml file on the local machine of any mention that claims to be missing SP2 and re-running a patch scan to see if this helps at all.


    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: ReedMikel
  • You'd think so, right?

    We've had issues where this hasn't been the case and we've had a machines patch status get 'stuck'. This is especially the case when using Initial Update (that feature fails about 90% of the time for us).

    Cheers,
    -LWX

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: LANWorx
  • I am glad to hear that I am not alone Smile

    On the 8 failed SP3 patches I found that running a script to delete all the various temp folders, then rescheduling the patch got it installed 2nd time around in most cases.

    To help debug a few, I changed the Patch Parameters->Command Line for this SP3 patch by removing the /quiet switch. On one machine I saw the patch report it had run out of disk space. Running in quiet mode you never see it. I'm not sure if MS logs it anywhere either - so KServer never knows.

    I wish I could define prepatch script(s) that run for any patch session. I'd disable KES, delete temp files, reboot... I only see that available for Initial Update... Easy enough to create such a PrePatch script - just would be nice to be integrated into Patch Mgmt.

    Lloyd - what advantages are there to using Initial Update? I mean, what's the difference over just doing the patches with Machine or Patch Update? I see it says it runs it until fully updated. Don't other patch scenarios do the same? I must be missing something here (lots to learn).

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: ReedMikel
  • Hey Mikel,

    I've gotta point out, Lloyd is lwolf Wink But hey, I don't mind if you fashion me after a man with such intelligence as him!

    As for the advantage of using Initial Update... This process is meant to install a wave of patches, then reboot, rescan, next wave etc. until there are no longer any patches available to install.

    Automatic updates will only install one wave of patches, that is, scan, install patches found to be missing. If a patch has pre-req patches, this pre-req will be installed and then the actual patch will be left till the following scheduled Automatic Update.

    I realise I'm rambling, but this is what happens on a Friday afternoon for me!

    If I'm not being clear enough, let me know and I'll try to revise this information into a more readable non-ramble.

    Cheers,
    -LWX

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: LANWorx
  • Sorry about the name calling LWX Smile
    Thanks for the explanation - it was crystal clear! I forgot about the need to run waves of patches...

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: ReedMikel
  • It's cool, I'll let you off the hook just this once.

    To be honest, in our build process we run an automatic update, then manually reboot and run another automatic update. Initial Update hangs too often for us to bother with.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: LANWorx