Patch Manager and VMware Tools - anyone succesfully patching their VMs?

I'd like to use Patch Manager to start keeping our VMware Tools versions up to date. I had success Patch Manager deploying the latest VMware Tools version to my 32-bit VMs, but it is failing on my 64-bit VMs.

Find more posts tagged with

vmware_tools

Accepted answers

All comments

jwckauman

BTW, when i try to install the 64-bit VMware Tools upgrade via Windows Update on a Win2016 server i get the following error:

Some update files aren't signed correctly.

Error code: (0x800b0109)

I know if you look up that error there are notes about certificate issues and group policies, but if i'm able to install any other updates via Patch Manager, then doesn't that prove that the cert/policies are fine?

jrouviere

That error is specific to having the WSUS signing certificate in place and the "Allow signed content" policy enabled per the KB:

Error when deploying third-party updates to client systems - SolarWinds Worldwide, LLC. Help and Support

This is specifically for third party updates. So if you've been updating these machines with Microsoft updates and this is the first Third Party update you've tried, then you do need to complete the configuration before that part will work.

Since it seems to be working on 32 bit machines, but not 64 bit you may have disparate Group Policy settings for those machines or another issue, but you will want to check that the certificates are in place on the Trusted Root and Trusted Publishers stores and that the Allow Signed Content policy is enabled.

jwckauman

Thank you for replying. I checked one of the servers that is failing and ran "rsop.msc". I can see the WSUS Publishing Certificate is in place in the Trusted Root Certification Authorities store AND the Trusted Publishers store.I can also see that the "Allow Signed Updates from an Intranet Microsoft update service location" is enabled.

If both of these are in place what might be the issue?

jwckauman

Here is the info from the WindowsUpdate.log file on one of the Win2012R2 servers.

2017-12-08 10:30:00:806 952 532c AU AU received approval from UX for 1 updates

2017-12-08 10:30:00:806 952 532c AU AU setting pending client directive to 'Progress Ux'

2017-12-08 10:30:00:900 952 532c AU BeginInteractiveInstall invoked for Download with sessionId 5

2017-12-08 10:30:00:900 952 532c AU Auto-approving update for download, updateId = {073589FE-6687-4A17-B0CF-87106A1D7EC7}.1, ApprovalIsForUx=1, UpdateOwner=UX, Deadline=0, IsMinor=0, UpdateFlags=16936

2017-12-08 10:30:00:900 952 532c AU Auto-approved 1 update(s) for download (for Ux)

2017-12-08 10:30:00:900 952 532c AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037

2017-12-08 10:30:00:900 952 532c AU #############

2017-12-08 10:30:00:900 952 532c AU ## START ## AU: Download updates

2017-12-08 10:30:00:900 952 532c AU #########

2017-12-08 10:30:00:900 952 532c AU # Approved updates = 1

2017-12-08 10:30:00:900 952 532c AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037

2017-12-08 10:30:00:900 952 532c AU WARNING: GetCurrentNetworkCostPolicy failed, error = 0x80240037

2017-12-08 10:30:00:900 952 532c IdleTmr Incremented idle timer priority operation counter to 2

2017-12-08 10:30:00:900 952 532c AU AU initiated download, updateId = {073589FE-6687-4A17-B0CF-87106A1D7EC7}.1, callId = {14F9FDC9-7622-41CB-A96E-B1FD83CCAEC3}

2017-12-08 10:30:00:900 952 532c AU Currently AUX is enabled - so not show any WU Upgrade notifications.

2017-12-08 10:30:00:900 952 532c AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

2017-12-08 10:30:00:900 952 1508 DnldMgr *********** DnldMgr: Begin Downloading Updates [CallerId = AutomaticUpdatesWuApp] ***********

2017-12-08 10:30:00:900 952 1508 DnldMgr * Call ID = {14F9FDC9-7622-41CB-A96E-B1FD83CCAEC3}

2017-12-08 10:30:00:900 952 1508 DnldMgr * Priority = 3, NetworkCostPolicy = 6, Interactive = 1, Owner is system = 1, Explicit proxy = 0, Proxy session id = 5, ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}

2017-12-08 10:30:00:900 952 1508 DnldMgr * Updates to download = 1

2017-12-08 10:30:00:900 952 1508 Agent * Title = VMware Tools 10.1.15 (x64) (Upgrade)

2017-12-08 10:30:00:900 952 1508 Agent * UpdateId = {073589FE-6687-4A17-B0CF-87106A1D7EC7}.1

2017-12-08 10:30:00:900 952 1508 DnldMgr *********** DnldMgr: New download job [UpdateId = {073589FE-6687-4A17-B0CF-87106A1D7EC7}.1] ***********

2017-12-08 10:30:00:900 952 1508 DnldMgr * BITS job initialized, JobId = {5A9998A9-6085-4656-AFD6-391961099A22}

2017-12-08 10:30:00:900 952 532c AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

2017-12-08 10:30:00:916 952 1508 DnldMgr * Downloading from http://wsus04:8530/Content/AE/503725BD1840CFB372E837EB90764C740EF467AE.cab to C:\Windows\SoftwareDistribution\Download\edb2296d57230b79496b810e00af6719\503725bd1840cfb372e837eb90764c740ef467ae (full file).

2017-12-08 10:30:00:916 952 532c AU # Pending download calls = 1

2017-12-08 10:30:00:916 952 532c AU <<## SUBMITTED ## AU: Download updates

2017-12-08 10:30:00:916 952 1508 IdleTmr WU operation (DownloadManagerDownloadJob) started; operation # 4557; does use network; is not at background priority; will NOT stop idle timer

2017-12-08 10:30:00:916 952 1508 IdleTmr Incremented idle timer priority operation counter to 3

2017-12-08 10:30:00:916 952 1508 DnldMgr *********

2017-12-08 10:30:00:916 952 1508 DnldMgr ** END ** DnldMgr: Begin Downloading Updates [CallerId = AutomaticUpdatesWuApp]

2017-12-08 10:30:00:916 952 1508 DnldMgr *************

2017-12-08 10:30:01:306 952 256c DnldMgr BITS job {5A9998A9-6085-4656-AFD6-391961099A22} completed successfully

2017-12-08 10:30:01:322 952 256c IdleTmr WU operation (DownloadManagerDownloadJob, operation # 4557) stopped; does use network; is not at background priority; will NOT start idle timer (task did not previously stop it

2017-12-08 10:30:01:322 952 256c IdleTmr Decremented idle timer priority operation counter to 2

2017-12-08 10:30:01:478 952 256c Misc Validating signature for C:\Windows\SoftwareDistribution\Download\edb2296d57230b79496b810e00af6719\503725bd1840cfb372e837eb90764c740ef467ae with dwProvFlags 0x00000080:

2017-12-08 10:30:01:916 952 256c Misc FATAL: Error: 0x800b0109 when verifying trust for C:\Windows\SoftwareDistribution\Download\edb2296d57230b79496b810e00af6719\503725bd1840cfb372e837eb90764c740ef467ae

2017-12-08 10:30:01:916 952 256c Misc WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\Download\edb2296d57230b79496b810e00af6719\503725bd1840cfb372e837eb90764c740ef467ae are not trusted: Error 0x800b0109

2017-12-08 10:30:01:916 952 256c DnldMgr WARNING: File failed postprocessing, error = 800b0109

2017-12-08 10:30:01:916 952 256c DnldMgr Failed file: URL = 'http://wsus04:8530/Content/AE/503725BD1840CFB372E837EB90764C740EF467AE.cab', Local path = 'C:\Windows\SoftwareDistribution\Download\edb2296d57230b79496b810e00af6719\503725bd1840cfb372e837eb90764c740ef467ae'

2017-12-08 10:30:01:916 952 256c DnldMgr Error 0x800b0109 occurred while downloading update; notifying dependent calls.

2017-12-08 10:30:01:916 952 17f0 AU >>## RESUMED ## AU: Download update [UpdateId = {073589FE-6687-4A17-B0CF-87106A1D7EC7}]

2017-12-08 10:30:01:916 952 17f0 AU # WARNING: Download failed, error = 0x800B0109

2017-12-08 10:30:01:931 952 1508 DnldMgr *********

2017-12-08 10:30:01:931 952 1508 DnldMgr ** END ** DnldMgr: Download Call Complete [Call 6 for caller AutomaticUpdatesWuApp has completed; signaling completion.]

2017-12-08 10:30:01:931 952 1508 DnldMgr *************

2017-12-08 10:30:01:931 952 17f0 AU Download call completed, hr = 0x800B0109

2017-12-08 10:30:01:931 952 17f0 AU #########

2017-12-08 10:30:01:931 952 17f0 AU ## END ## AU: Download updates

2017-12-08 10:30:01:931 952 17f0 AU #############

2017-12-08 10:30:01:931 952 17f0 AU Currently AUX is enabled - so not show any WU Upgrade notifications.

2017-12-08 10:30:01:931 952 17f0 AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

2017-12-08 10:30:01:947 952 17f0 IdleTmr Decremented idle timer priority operation counter to 1

2017-12-08 10:30:02:900 952 532c AU BeginInteractiveInstall invoked for Install with sessionId 5

2017-12-08 10:30:02:900 952 532c AU Auto-approved 0 update(s) for install (for Ux), installType=0

2017-12-08 10:30:02:900 952 532c AU WARNING: BeginInteractiveInstall failed, error = 0x8024000C

2017-12-08 10:30:02:931 952 522c AU AU received handle event

2017-12-08 10:30:02:931 952 522c AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037

2017-12-08 10:30:02:931 952 522c AU Triggering Offline detection (non-interactive)

2017-12-08 10:30:02:931 952 522c AU Adding timer:

2017-12-08 10:30:02:931 952 522c AU Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2017-12-08 15:30:02, not idle-only, not network-only

2017-12-08 10:30:02:931 952 522c AU Currently AUX is enabled - so not show any WU Upgrade notifications.

2017-12-08 10:30:02:931 952 522c AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

2017-12-08 10:30:02:947 952 522c AU WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

2017-12-08 10:30:02:947 952 522c AU #############

2017-12-08 10:30:02:947 952 522c AU ## START ## AU: Search for updates

2017-12-08 10:30:02:947 952 522c AU #########

2017-12-08 10:30:02:947 952 522c IdleTmr WU operation (CSearchCall::Init ID 7) started; operation # 5059; does not use network; is at background priority

2017-12-08 10:30:02:947 952 522c Agent *** START *** Queueing Finding updates [CallerId = AutomaticUpdates Id = 7]

2017-12-08 10:30:02:947 952 522c AU <<## SUBMITTED ## AU: Search for updates [CallId = {5C93D289-0FDC-40AA-9656-2FDF4D976D2D} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]

2017-12-08 10:30:02:947 952 3268 Agent *** END *** Queueing Finding updates [CallerId = AutomaticUpdates Id = 7]

2017-12-08 10:30:02:947 952 3268 Agent *************

2017-12-08 10:30:02:947 952 3268 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates Id = 7]

2017-12-08 10:30:02:947 952 3268 Agent *********

2017-12-08 10:30:02:947 952 3268 Agent * Online = No; Ignore download priority = No

2017-12-08 10:30:02:947 952 3268 Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"

2017-12-08 10:30:02:947 952 3268 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed

2017-12-08 10:30:02:947 952 3268 Agent * Search Scope = {Machine & All Users}

2017-12-08 10:30:02:947 952 3268 Agent * Caller SID for Applicability: S-1-5-18