Resources for IT Professionals >
포럼 홈
>
Configuration Manager Software Updates Management
>
Software Updates Scan Interval Question
Software Updates Scan Interval Question
- This might be an easier question to answer. I am trying to install updates to production servers in a collection. I can install updates and initiate reboots only in a defined maintenance window. My maintenance window in this case is 12 hour long, starting 9am to 9pm, which is usually enough to accommodate the required run time for the updates. I see that the clients install a batch of updates starting 9am and followed by a reboot. Everything is fine so far. Several hours later, the clients scan for updates again and find more required updates in the same deployment, but this time there is either no open maintenance window or the window is too small for the updates. The clients report a failed status in this case.
The scan schedule on Software Updates Client Agent Properties is set to every 1 day, which is the most frequent schedule possible.
What changes should I make so that the clients install all required updates in a deployment in the defined maintenance window?
Thanks.
Mayur
답변
- imho, to get a better view on what's happening on the servers, you should really check "WUAHandler.log", there you'll see something like;
Update 1 (ID) finished installing (0x00000000), Reboot Required? Yes
Update 2...
etc.
If, between scans, there are lots of updates (and a lot of updates requiring reboots) it doesn't mean there's something wrong and you just have a lot of non compliant servers. If you see only 1 update at a time, it might mean either of two things; It's the last update until full compliancy or something else is wrong.
Also, check "patchInstall.log" to see what's being pushed to the servers and check for any inconsistencies.- 답변으로 표시됨Eric Zhang - MSFTMSFT, 중재자2009년 12월 4일 금요일 오전 4:54
모든 응답
- You could do mulitple things; the easiest tho is create smaller deployments and only allow certain deployments to be deployed on your servers. Also, you can choose to reduce windows update runtime duration, but be VERY causious when doing so, because if you set runtime to 1 minute (DONT DO THIS!) the update process will get cut off after 1 minute, leaving the update halfy installed.
- Generally this kind of problem happens the same as if you were to use the Web update. You install the patch restart and visit the Windows update page only to find more updates. The problem occurs when a restart or other patch is required before another one. Are you seeing this every month or just this one time. Or is that some other servers are installing all the patches but this partcular server is just installing and then waiting to long to get the other patches.
http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com - Thanks guys. There's too much going on right before the break which is why i couldnt reply sooner.
Matthew, I am actually seeing this happen every month. It does not happen on all servers at once because they are still at different patching levels. I dont know if other servers are installing patches in one go and if only this server is taking more than one scans. I hope these answers help.
Mayur - Well start by looking at all the patches that are required and what installs before and after the restart. Post them here so we can see what patches are working.
I have some machines that do this during patch tuesday but it is less than 50 out of several hundred. Sometimes this is because something else installed and is waiting for a restart and it just fails to restart itself during the Maint Window.
http://www.sccm-tools.com http://sms-hints-tricks.blogspot.com - imho, to get a better view on what's happening on the servers, you should really check "WUAHandler.log", there you'll see something like;
Update 1 (ID) finished installing (0x00000000), Reboot Required? Yes
Update 2...
etc.
If, between scans, there are lots of updates (and a lot of updates requiring reboots) it doesn't mean there's something wrong and you just have a lot of non compliant servers. If you see only 1 update at a time, it might mean either of two things; It's the last update until full compliancy or something else is wrong.
Also, check "patchInstall.log" to see what's being pushed to the servers and check for any inconsistencies.- 답변으로 표시됨Eric Zhang - MSFTMSFT, 중재자2009년 12월 4일 금요일 오전 4:54
