6 Replies Latest reply on Nov 29, 2011 3:50 PM by Russ Todd

    troubleshooting windows patch analysis

      Hello all,


      Here's what I got.


      target is windows 2008 R2


      Patch catalog contains - Windows 2008, .net, studio componenets. These are the only items I want to deploy.



      I patch the server with SP1, I built the job for this manually and deployed it to the server with no issues. It was the only thing I deployed.


      When I create a secondary job to analyze the target post SP1 deploy the analysis returns nothing to be patched. However, when I run Windows Update it returns 40 post SP1 patches to be installed.


      I see the blpatchcheck2 run when I execute the analysis, is there a whay to see what it is collecting for data to return?






        • 1. troubleshooting windows patch analysis

          Hi Russ,


          Make sure your analysis job has all the group options selected (Analysis Options tab in the patch job).

          Also make sure that your patch catalogue has an ACL Policy applied that allows the role you are executing the the analysis job to have read permissions at least on the hotfixes etc.



          • 2. troubleshooting windows patch analysis

            Thanks Scott for your reply.


            I created the calatlog so it shoudl have all the perms necessary, but I just re-updated them now to be sure, still no luck. I also do have all the group optiosn selected in the analysis job.


            I have even run the job as BLadmins with no results.That is why I'm wondering what is being returned at the target side.

            • 3. troubleshooting windows patch analysis

              I think you are running list based analysis. What if you do not select anything in the job option? Check the trace.txt on the target to see if there are missing patches.


              You said you patches the server with Sp1, is it with Bladelogic 8.1 Sp1 or Windows 2008 R2 SP1?

              • 4. troubleshooting windows patch analysis

                I am running group options not list, with "excude service packs" deselected.


                I will look a the trace.txt file to see what it s showing.


                The sp1 I was referring to is te SP on the target Windows server being patched.

                • 5. Re: troubleshooting windows patch analysis
                  Steffen Kreis



                  there is a bug in the early releases of BL 8.1 that prevents a successful patch analysis for Windows Server 2k8 R2 SP1.


                  The Patch-Catalogs simply does not include the correct patches.


                  This issue was fixed in BL 8.1 SP1 Patch 2 and is tracked under


                  QM001703904 - Windows Server 2008 R2 Service Pack 1 is not in Windows Master Catalog.



                  We ran in the same issue before.

                  After updating BL to the version described above or later, the patches are in the catalog and will be shown as missing in an Analysis job.




                  • 6. troubleshooting windows patch analysis

                    it appears that this was a lack of communication to our admins from BMC.


                    The problems with Windows catalog update jobs relate to a change Shavlik implemented in their XML files as of Tuesday 8 November. We provided a fix for this along with sending a Proactive Notification back in early October. Here are the steps, also available in our Knowledge Base as KA354674:

                    This fix will be automatically included in the future BladeLogic Server Automation versions and upcoming Service Packs.