you possibly have non-compatible appserver/target agent versions, where one side understands the code 040C, while the other side does not.
What is the agent version on the servers that fail? If it's different from the working servers, then match the agent, and retest.
that was one of the things the arcticle suggestd. we have only been on 1 version of BBSA. i have confirmed that the agent version is the same on servers that work and servers that dont. i also tried down grading the agent, and upgrading the agent to a newer version.
we are on 8.2 SP2 app server and agent...
perhaps on the failing servers you have some application installed with the language that we do not understand. the missing patches are returned for this application with that language code, but we do not understand it.
running blpatchcheck2.exe manually from target server may give you more info:
in Configuration / patch global configuration / shavlik url configuration, you'll have a link for hf7b file. Download it and copy to target <bladelogic>/rscd/sbin folder.
run from command line: BLPatchCheck2.exe 0 -pt 13 hf7b.xml results.xml
generated Trace.txt and results.xml may have more info. Attach if you cannot proceed from there.
interesting that you say that. these servers are located in canada and at LEAST have the french language pack loaded on them. but i tried creating a french catalog and it had the same error.
i will run the blpatchcheck2.exe and upload the trace file.
how would i go about manually downloading this hf7b.xml file?
i paste the url in the browser but nothing happens?
can i pull in from the file server?
attached is a screenshot of the cmd line. it says "successful" not sure how to "attach" the files to this reply though..
if the cmd says successful here, what does that mean? i pulled the hf7b.xml file from the file server, so they are using the same one..
anyway here they are, thanks for your help.
nevermind, files are attached!
in sbin folder you should have sesuls.xml file. That file will contain everything that's found missing, and probably for some patches it will have that language code... Basically the analysis runs fine, but the appserver does not understand that language code. So find the patches that report with that language code - this at least will tell you which application causes the issue. See if you exclude those patches, will the analysis complete successfully.
once you validate all this, to see why the appserver does not recognize that language code, I'd probably file a ticket with support.
i guess i had created another discussion about this a while back. here is a reply i got from someone, have you ever heard of this defect?
"A defect was discovered recently which could lead to this error. A problem in the language detection of patches in multilanguage Patch catalogs can cause the patch dependency check to fail. A quick workaround could be to create different Patch catalogs depending on the language. In case you are hitting this, it's being fixed in 8.3 and a hotfix is being created for 8.2 SP2. If you open a ticket with BMC, please refer to defect QM001776456 "
I don't recall that defect, but it's completely possible. Juan Ortega knows his stuff : ) . Either way, I would file a ticket, reference the defect (to see if it's relevant), reference both communities threads so that the TSA has all the information that was already reviewed/discussed and take it from there. The info I asked in previous post could also be helpful for support team.
My sbin folder doesnt seem to contain the sesuls.xml files..
also on a seperate patch issue i was wondering if you can give me your opinion.
Basically we are a fairly large global organization with remote sites all around the world. i am now patching about 400 servers all located at seperate sites. Previously the sites have been patching by them selves using WSUS. this is the first round of patching and its going fairly well, but not as great as expected. many, many servers will complete the patching successfully, but when i run the next patch analysis job there are still some patches left to be installed that WERE included in the remediation previously. i was wondering if this is normal. if i should look at adjusting some settings on the remediation packages or what?
Also since the sites were using WSUS, we had a GPO that would set the windows automatic update settings. thoses are still in place right now and i feel like it might be causing issues. a lot of servers, if i rdp into them, have the option next to shutdown that says "install updates, and shut down" NOT install updates and restart. like i said all of the servers are remote from me so SHUTTING them DOWN is not the best option. do you know if this is releated to windows update services being on. what is the best practice? to disable it?
i filed a ticket on monday, have gotten 1 response and have been waiting ever since, thats why i turned to communities. you are much more responsive lol.
If you cd to <blade>/sbin folder, and run this command:
BLPatchCheck2.exe 0 -pt 13 hf7b.xml results.xml
...then results.xml should be there, provided that analysis scan completed, as you pasted a screenshot in previous posts (sesults.xml was a typo)
about the bigger issue of patches still reported missing by one product, while not reported by another, if they were installed or not, etc, here's the place to start (may be too much at first glance, but I recommend this to anyone who performs windows patching):
KA325243 - BBSA Windows Patch Troubleshooting: Analysis Job Results conflict with 3rd-party Vendors
KA363243 - BBSA Windows Patch Troubleshooting: Analysis Job reports an unexpected patch as Missing
KA366513 - BBSA Windows Patch Troubleshooting: Analysis Job does not report Missing expected patch
KA366485 - BBSA Windows Patch Troubleshooting: How to analyze Trace.txt generated by Analysis Job
KA366615 - BBSA Windows Patch Troubleshooting: Windows Hotfix Patch is not found in the Catalog
KA366147 - BBSA Windows Patch Troubleshooting: Patch Deploy Job failed with an error message
KA325206 - BBSA Windows Patch Troubleshooting: Patch Deploy Job failed but Analysis reported Installed
KA377574 - BBSA Windows Patch Troubleshooting: Patch Deploy Job succeeded but Analysis reported Missing
KA346631 - BBSA Custom Deploy Troubleshooting: Custom BLPackage Deploy Job failure
after going through the results.xml i have discovered the following
"</Product><Product Name="Adobe Reader 10.0.0" SP="Gold" LanguageID="040c"><Item class="Patch" BulletinID="APSB11-16" SQNumber="QAR1010" Superseded="false" PatchName="AdbeRdr1010_en_US.exe" Status="Missing" Reason="File version is less than expected. [\\127.0.0.1\C$\Program Files (x86)\Adobe\Reader 10.0\Reader\ACRORD32.DLL 10.0.0.407 < 10.1.0.534]"/><Item class="Patch" BulletinID="APSB11-03" SQNumber="QAR1001" Superseded="false" PatchName="AdbeRdrUpd1001_Tier1.msp" Status="Missing" Reason="File version is less than expected. [\\127.0.0.1\C$\Program Files (x86)\Adobe\Reader 10.0\Reader\ACRORD32.DLL 10.0.0.407 < 10.0.1.434]"/></Product><Product Name="Microsoft CAPICOM" SP="Gold"><Item class="Information" Reason="All necessary hotfixes have been applied."/>"
so i guess this is the culprit, however i dont even have adobe listed in my patch catalog filter, so possibly this is a internet explorer patch? anyway i tried creating a smart group for depot objects whos description contains adobe. and i excluded that from the analysis, but it still failed with the same job.
based on what i found in the results. do you think that was an OK way to create the smart group?
>>however i dont even have adobe listed in my patch catalog filter, so possibly this is a internet explorer patch?
No, this is Adobe patch. The reason you see it in the results.xml file is becuase patch analysis scan is not performed against what's in the Catalog, but against what's in the hf7b.xml... where the next step is to filter those results and only show you missing based on what's in your Catalog.
>>i tried creating a smart group for depot objects whos description contains adobe......
So this is the patch in question:
BulletinID="APSB11-16" SQNumber="QAR1010" PatchName="AdbeRdr1010_en_US.exe"
If you do not see this patch in your Smart Group, then if did not exclude it. If you do not have Adobe Filter in your Catalog, then you will not have this item in the Catalog to exclude..
- Perhaps if you add Adobe Filter to the Catalog, then you should be able to create a Smart Group to exclude this patch (Hotfix Object where Q_number = QAR1010 this is one of ways). Then try running Analysis with this Smart Group excluded.
- Another possible solution could be to uninstall Adobe Reader 10, and install different language (english?), and see if the issue comes back after that for adobe patches.