LGarvin

I'm not quite understanding the issue over "opening 65000" ports. First, as noted, there is no requirement to open any ports in the perimeter firewall, other than port 4092 which allows the Patch Manager PAS to communicate with the Patch Manager Automation Role server in the DMZ. Second, there is no need to configure ports…

Then after the report runs the first time, the xml file hardcodes the date and the results for the "last seven days" will never change because the GETDATE statement is gone Ahhh.. yes... I do vaguely recall encountering this defect a few years ago. The only real way to make this work is to extract the SQL code from the…

The only way to get rid of the "No Link-Local or Site-Local Cloud Available" error seems to be activating IPv6 on the NIC settings. That makes perfect sense. Disabling the IPv6 settings on the NIC is an improper way to achieve that objective, and does cause application-level issues related to IPv6 connection attempts. Some…

When defining Command-line parameters in a "Run a Program" task in PackageBoot, the %MODULEPATH% variable IS available. The associated license file would need to be included in the "Additional Files" list so that it's contained within the CAB file downloaded by the client, and thus unpacked into the installation source…

Not from PatchManager directly. There is a report in the Errors and Exceptions report category named Datasource Exceptions by Device that lists the speciifc WMI object(s) that failed - in the Exception Table field. But beyond that information you'd need to enable some client-side logging to find out specifically what was…

It has no impact on the Windows Update History itself. What is being indicated is that the Windows Update History could not be read via WMI. Most likely this is a manifestation of some other process/task that was writing to Windows Update History.

Additionally, the first part of the installation completes successfully and that application is a third party app. It fails out when it gets to the batch file. The most common scenario that produces this behavior is that the SETUP.EXE returned a non-ZERO result code (i.e. maybe Reboot Required?), and because the result…

Just additional info.. eventually you'll want that Installed Rule to not just test for the presence of WINVNC.EXE, but also for the correct version of that file; else the WUAgent will be unable to distinguish between machines with the current version of WINVNC, and older versions of WINVNC. For Applicability Rules the…

Can PackageBoot be used to copy a file to a path that includes a wildcard? C:\Users\*\AppData\LocalLow\Sun\Java\etc… No, it cannot But *maybe* you could invoke a PowerShell script that would run a FOREACH $profile IN C:\Users.

I didn't make any changes in Package Boot, i just added it to the package because i remember reading how package boot makes sure the environment is good to install applications. If you're not actually configuring anything in PackageBoot, merely enabling it does nothing since all of the sample rules are disabled by default.…

I would encourage you to re-evaluate exactly what happened during your WDS installation. I can tell you for a fact that it will work, because I have DHCP, WSUS, WDS, and a Patch Manager Automation Role server all installed together on a single Windows Server 2012 instance. The specific order of installation was: * WSUS…

Hmmm... that's interesting. I agree, it seems that they're logging a different version number for the MSI installation. Of course, this *IS* entirely possible. Generally in the realm of update packages, we pay attention to individual FILE VERSION numbers. Sometimes vendors are smart enough to align the FILE version of the…

If the registry keys are in HKLM it would be possible to do in a package boot step, no? Certainly it is possible, but doing so is not worth the effort needed to test the methdology when Group Policy is a much simpler and proven technology. Furthermore, you would actually have to deploy an update to a machine to disable the…

Greetings Kevin I know you're not really asking for anything complicated from this customization, so it should certainly be solution that can be achieved. Would you do me a favor please -- understanding that generally SolarWinds does not provide support for custom packaging -- but this scenario has my interest, and is…

This WSUS server cannot issue a self-signed certificate. I'm not aware of any reason why a WSUS v3.2 (WS2008R2) server would not be able to create a self-signed certificate. I would suggest opening a support ticket via the Customer Portal.

if that fixes the problem I would still wonder why hard coding the path doesn't work: it's included as a valid option to use. Because, aside from the 'best practice' of using the common paths to begin with, as it happens, hard-coding the path causes the Package Wizard to create an invalid value for the CSIDL, which causes…

Attached is the .xml file. Seconding what Justin posted, you should be using a Registry Value to obtain the installation pathname... most likely this value will be contained at HKLM\Software\Altaro. If not a registry value (best), then at a minimum you should be using the CommonPath = PROGRAM_FILES declaration, rather than…

well... shucks. Yes, quite plainly we do see the WUAgent attempting to install the expired Revision 201 on Jan 9. I'll need to do some additional research on this. As previously noted, the WUAgent should have been ignoring the Expired update. The fact that it did not is particularly concerning, and defeats a fundamental…

I tried to run as you say but it not work. I setup it this way: Glad it worked. FWIW, the way you set it up is exactly how I suggested. * Configure a "Run as Program" step that calls CMD.EXE * Pass the name of the script as a command line parameter.

No, you need to give it a real version number, e.g. 1.0.0.0, and then the implicit test that occurs when the file is not present (e.g. the assumption that the file version is 0.0.0.0 because there is no other file version attribute to actually obtain from an existing file)... will take care of the rest.

This would be immensely more helpful if you would EXPORT this package to a CAB file (without the BINARY FILE), and post the CAB file as an attachment. That way I can inspect the package in the Package Wizard, which will be exponentially faster than trying to manually parse this XML from a forums post. :-) One additional…

That would certainly be problematic.... but the original error occurred long before IIS would have had a chance to throw the HTTP 404 as a result of attempting to use port 8530.

Confirmed tried that process to refresh. Validated that no cert was present when viewing it in the Update Services node. To be true, this doesn't really indicate that the cert is not present in the store on the WSUS server; it merely means that the Patch Manager server does not have a cached copy of any cert that may…

The requirements to use DameWare in a cross-domain environment are functionally no different than it is to use any other application or service in a cross-domain environment. If you can map a drive to a resource in Domain2 using your Domain1 password, everything else should work exactly the same. If you cannot map a drive…

Thanks Justin. We're looking into this.

The natural behavior of Windows Vista and later systems is to provide a user notification when a machine is being rebooted. The Patch Manager Update Management tools allow you to define a custom message to be displayed to the end-user following an update deployment. The delay after installation is an item of interest, but…

Thank you for the feedback, Andrew. I've shared this anomaly, along with the technique for invoking the CLR4 just for the PM console.

Obviously if we don't need to go through ALL of those other steps (which don't seem to apply to this situation at all) there's no point in touching anything. Please do not skip steps. We wrote these steps for very explicit reasons. Every time a customer has skipped a step it results in a support call in which we point out…

I attempted to stop the tasks this morning and there was no change. I would suggest opening a support ticket via the CustomerPortal on this. Something is (not) happening that's causing unexpected behaviors in your environment.

The remaining machines in that group either have not gotten it or are not reporting correctly that they did get it. I've checked my upstream/downstream synchronization and everything appears OK Keep in mind the chronology and logistics of how an update gets to a client of a downstream server. 1. After publishing to the…