Kaseya Community

Patche Updates killing us

  • As of this morning I'm done with Kaseya's patch updates. 3 of our servers this morning never came back up from a restart and I had to drive to all three to restart them and get them up, on good friday too yay.

    We do patch updates at 1 AM Friday Morning, and have servers reboot at 4 AM if needed after patch updates. Is this not enough time for patches to install and maybe its restarting before it finishes or what? Or is it something else that is causing these servers to hang at restart and not come back online. This is so not worth it, everything was running fine when we'd do them manually. What is the difference? Is kaseya installing updates that it shouldnt be?

    Legacy Forum Name: Patche Updates killing us,
    Legacy Posted By Username: tim@xxpert.net
  • tim@xxpert.net
    As of this morning I'm done with Kaseya's patch updates. 3 of our servers this morning never came back up from a restart and I had to drive to all three to restart them and get them up, on good friday too yay.

    We do patch updates at 1 AM Friday Morning, and have servers reboot at 4 AM if needed after patch updates. Is this not enough time for patches to install and maybe its restarting before it finishes or what? Or is it something else that is causing these servers to hang at restart and not come back online. This is so not worth it, everything was running fine when we'd do them manually. What is the difference? Is kaseya installing updates that it shouldnt be?


    I have our servers set to patch at 11pm Saturday night, and then they all reboot between 3-5:30am Sunday morning. We don't have many issues with servers not coming back up, but it happens once in a while. A bunch of times we got bitten by that DNS update that came out quite a while ago that can conflict with some ports SBS 2003 servers need when trying to boot. Otherwise it's usually because a server requires F1 to be pressed for some reason, or someone left a USB drive plugged in and the server is trying to boot from it. I do manual patch approvals for the Servers patch policy, so I know Kaseya shouldn't be installing things I haven't approved. If you have your patch policies set to Auto Approve, you might want to change that for the servers.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: kcears
  • I start our server patches at 2200 and see the servers reboot (those that set to reboot, we have some that we manually reboot) around the same times as kcears. The only issue we've had is with one SBS2003 server, but those issues go far beyond patch management. We're planning on taking that one out back and killing it soon.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: thirteentwenty
  • It sure would be nice if K's Automatic Updates supported Pre/Post script options like Initial Update does. I would include a Reboot in the post script (if it existed).

    I had thought I could accomplish the same thing by simply scheduling a reboot script at any time after the start of Automatic Updates. My thinking was that Automatic Updates would be treated as one big script and not allow any other script to run until it completed. That was a wrong assumption Confused Turns out that my reboot script fired off during the middle of Automatic Updates. So I guess we are back to trying to guess the approx time that we think Automatic Updates will finish, and schedule a reboot then.

    It would also be a neat feature if they offered not only a Pre and Post script option, but a "Progress/Notification" option too. Imagine if you could request a script to fire at every 25% of completion. My script might send me an email (or alert) saying "Automatic Update's patching of is 25% complete". I would use this notification option for workstations only in cases where I want to closely watch a problematic machine. But for servers I might use it quite often. Then again, maybe if all the bugs were out of PM I wouldn't need this at all Smile Actually, Joe P. at Kaseya recently squashed a PM bug that has been affecting us for nearly 2 years, so maybe PM will be a lot smoother going forward. Thanks Joe!

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: ReedMikel
  • ReedMikel
    It sure would be nice if K's Automatic Updates supported Pre/Post script options like Initial Update does. I would include a Reboot in the post script (if it existed).


    This is something that is included in K2. You can setup Pre/Post scripts (similar to the Initial Update Pre/Post scripts) for Automatic Update. I have tested this on a test network and it worked as I wanted.

    This is perfect for having to patch workstations during the business day. Create a notification script to use the Kaseya notifications or Notifu (I love Notifu, BTW) both at the beginning and end of the patching cycle.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: CCDave
  • A developer at Kaseya just told me that in K2 Auto Updates now has Pre/Post scripts - nice Smile

    Just Googled Notifu - that sounds like a better way to notify users during K scripts. I never liked the fact that if you execute more than 1 SEND MESSAGE in a K script that you end up with multiple windows - which only serves to confuse users. Another annoyance is that there is no easy way to display the date and time using SEND MESSAGE (user has no idea how old the message might be). Have you found a way to display date/time with Notifu?

    CCDave
    This is something that is included in K2. You can setup Pre/Post scripts (similar to the Initial Update Pre/Post scripts) for Automatic Update. I have tested this on a test network and it worked as I wanted.

    This is perfect for having to patch workstations during the business day. Create a notification script to use the Kaseya notifications or Notifu (I love Notifu, BTW) both at the beginning and end of the patching cycle.


    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: ReedMikel
  • ReedMikel
    Have you found a way to display date/time with Notifu?


    I'm not sure why you would need date/time with Notifu. This is a balloon-type popup that you configure to "come and go" usually without any interaction.

    If you still need date/time, you should try some of the variables or database views. You could try which would be the last time the agent checked in (which should be current).

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: CCDave
  • example: say I run an Initial Update during business hours. My Pre script might display a message like "This PC is being updated and may reboot several times. Please do not use until notified that update is complete". What if the user was away from their computer when the message appeared? An hour later they get back to their desk and see this message. They ask themselves: "when did this update start?". Was it minutes ago, hours, days etc? And yes, PM has had bugs that would get Initial Update stuck in an endless loop, so it could be for days Smile

    PM is just one scenario where it makes sense to display the date/time in the SEND MESSAGE window. I'd do the same for malware scans too.

    Another weakness with SEND MESSAGE (or Pre/Post scripting?) is that if a process like Initial Update does a Patch Reboot, the message is cleared from the screen. Once rebooted, the user has no idea that patching is going on. Same for malware scans that might restart a machine...

    CCDave
    I'm not sure why you would need date/time with Notifu. This is a balloon-type popup that you configure to "come and go" usually without any interaction.

    If you still need date/time, you should try some of the variables or database views. You could try which would be the last time the agent checked in (which should be current).


    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: ReedMikel
  • I see this happen mostly on the same servers. There are some usual suspects in our client networks that just can't reboot without getting stuck 50% of the time. Troubleshooting is a nightmare.. unless you want to hang out for a few hours after business hours and reboot a dozen times with different services disabled to see who the problem child is.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: jasonrdavis
  • Any of these machines have external USB drives installed on them? Many of our SMB clients have usb drives installed for backups which they rotate.

    A large majority of these servers will hang when trying to boot back up until the drive is removed. We've played with bios levels, disabling USB boot support, boot orders,etc without alot of luck.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: Mark.Hodges
  • Mark.Hodges
    Any of these machines have external USB drives installed on them? Many of our SMB clients have usb drives installed for backups which they rotate.

    A large majority of these servers will hang when trying to boot back up until the drive is removed. We've played with bios levels, disabling USB boot support, boot orders,etc without alot of luck.


    Just ran into this with a new client... they said their old IT guy set it up to boot off of USB "Just in case" and manually did all of their patches... midday... so yea when their servers didn't come up after an automated reboot... yay... took care of that when we changed the admin passes (SOP when we take over) upon the server reboots (which we now do at night) I killed the option to boot from USB devices...

    What I found with their boxes is that we had to remove (not disable, or change the boot order) the USB options from the BIOS completely. Those were older machines (~5-6 years unknowen IBM/whitebox looking things), the newer ones (Dells ~3-5 years) just changing the boot order worked.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: thirteentwenty