Patch Manager not connecting to workstation off of the Domain

This is most likely a DNS issue rather than a patch manager issue. If the off domain machines are in your DNS server, patch manager should be able to find them without modifying the hosts file.

jbaits, thank you... What prompted my question as to whether there was anything that could be done in PM, was that the workstations appeared in the WSUS groups prior to adding it to the hosts file. When it appeared in the WSUS group, I was able see the workstation name and ip in PM. Since there's an IP for the workstation in PM, I was hoping that there was something I could do in order to get PM to use the ip and not the hostname.

There are no entries in DNS for workstations that off are the domain so I would just edit the hosts file.

To my knowledge, patch manager will will tell you the IP a machine had the last time it checked in with the server but it does not use that data to try and connect to machines. It needs to be able to resolve the hostname through DNS to connect and run tasks. Perhaps one of the support reps can tell you how to change this behavior but I have never seen that option in the server configuration or mentioned in the admin guide.

Exception occurred at 6/11/2013 3:27:17 PM: Attempt to connect to TestWorkstation-XP01 failed.

The following attempts were made:

ARP Resolution result: No

DNS Resolution result: No

NETBIOS Name Resolution: No

MS Endpoint Mapper: No

WMI Connection: No

Generally speaking, this collection of responses indicates a machine that is powered off, or physically disconnected from the network. Not being able to resolve a hostname to an IP Address is equivalent to being physically disconnected from the network.

DNS Resolution = NO indicates that there is no entry in DNS for the machine. If the machine is a DHCP client, auto-registration should create DNS records. If the DHCP lease has expired (because the machine has been powered off), the DNS record will be removed from DNS. If DHCP is not being used, or DHCP is not auto-registering DNS records, this may be a normal indication -- but failure of DNS Resolution will be a notable issue with building RPC/WMI connections using Patch Manager. The fact that you have to add IP Addresses to the Patch Manager HOSTS table is a strong indication that DHCP/DNS are not efficiently configured. I would definitely suggest investing some effort in setting up DHCP/DNS properly.

ARP Resolution = NO indicates that the machine could not respond to an ARP resolution request from the Patch Manager server. If the machine is on the same IP Subnet with the Patch Manager server, then this is an authoritative indication that the machine is powered off or disconnected from the network. If the machine is on a different IP Subnet, then this is a normal indication because the router is responding for the client, and Patch Manager is able to recognize that. If the IP Address is not resolvable by Patch Manager, then it won't be able to generate an ARP Resolution request, because there's no IP Address to request resolution for.

NETBIOS Name Resolution = NO indicates that the machine did not respond to a NetBIOS name resolution request on port 137. If port 137 is being blocked, this may be a normal indication. If the machine is powered off, this is an expected response. If the machine is on a different LAN segment this is a normal response because NetBIOS broadcasts cannot span network segments. The presence/absence of a working DNS or entries in the HOSTS file should not affect the ability of NetBIOS to resolve a NetBIOS hostname.

MS Endpoint Mapper = NO indicates the machine did not respond on port 135. This is a requirement to using Patch Manager to initiate RPC/WMI connections. However, if the Patch Manager server cannot obtain an IP Address for the target client, then this functionality will fail. RPC requires an IP Address.

WMI Connection = NO indicates WMI was not available. If the client cannot respond with an RPC Endpoint, this function will always fail.