none
Servers showing as compliant for software updates when they are not

    Question

  • I am extremely new to SCCM so please bare with me.  This is my first deployment with SCCM.  I stood it up myself and I'm pretty proud of that but I'm in need of guidance on what I am seeing with update compliance.

    I am trying to push out the following 2018-01 rollups : 

    2018-01 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4056890)

    2018-01 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4056897)

    2018-01 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4056898)

    All of these servers were updated with the 2017-10 rollup back in November so they aren't too far off from current patch level.  My problem is, the 2016 servers are installing their required update but the 2008r2 and 2012r2 servers are not.  They are showing as compliant.  It is my understanding that this may be because there is a prereq missing?   When I install the patch manually it installs just fine however.

    Thanks in advance!

    Friday, January 26, 2018 7:08 PM

All replies

  • Have you added the proper registry value required for the meltdown/spectre update to be installed automatically?

    Jason | https://home.configmgrftw.com | @jasonsandys

    Friday, January 26, 2018 7:49 PM
  • I do not.  My understanding is that you do not need to have the registry value in place to install this rollup.  The 2016 version of the rollup is installing just fine.  My goal is not to remedy meltdown/spectre but to just get the rollup installed.
    Friday, January 26, 2018 9:17 PM
  • Not if you are doing it manually, that is correct. But for automatic deployment using any Microsoft tool, the value needs to be in place.

    For your 2016 server, Windows Defender I believe will add the value for you automatically.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Saturday, January 27, 2018 12:15 AM
  • create the following Key 

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat

    add the following value:

    cadca5fe-87d3-4b96-b7fb-a231484277cc

    Data 

    0

    Saturday, January 27, 2018 7:42 AM
  • you also might want to create a CI to check for this key and create it if needed.

    let me know if you need help with that.

    Saturday, January 27, 2018 7:44 AM
  • After comparing the 2016 and 2008/2012 boxes it does look like the reg key / value is the culprit.  

    I'd be interested in knowing how to do this via a CI!

    Saturday, January 27, 2018 4:20 PM
  • Create a CI call it "QualityCompat" or whatever you want.

    Supported Platforms i selected all but you can select whatever you want.

    Settings: Script, Powershell.

    Discovery Script: Test-Path hklm:\Software\Microsoft\Windows\currentVersion\QualityCompat

    Remediation Scrip: 

    Push-Location
    Set-Location HKLM:
    Test-Path .\Software\Microsoft\Windows\currentVersion
    New-Item -Path .\Software\Microsoft\Windows\currentVersion -Name QualityCompat
    Pop-Location
    New-ItemProperty "hklm:\Software\Microsoft\Windows\currentVersion\QualityCompat" -Name "cadca5fe-87d3-4b96-b7fb-a231484277cc" -Value 0 -PropertyType "DWord"

    Compliance Rule:

    Rule Type: Value

    The Setting must comply with the following rule:

    The value returned by the specified script: Equals True

    dont forget to tick Remediation none compliance when you deploying the CI

    hope that helps.

    Sunday, January 28, 2018 3:26 AM
  • i have uploaded the .CAB file here:

    https://gallery.technet.microsoft.com/Configuration-Item-4cda74a8

    download it and import it.

    Sunday, January 28, 2018 6:54 AM
  • I am having similar issues as listed above with the January security patches for my servers. I can not figure out where I went wrong.

    I have added the ALLOW registry key and override registry keys for mitigation. I rebooted the servers.

    I created a new collection with our standard maintenance window. I deployed a software update group to that collection that only contained the January security updates. Normally after a period of less than hour I can view deployment status and see that the updates have been downloaded to the servers and are waiting for the maintenance window to happen. They did not appear in the normal amount of time. I checked later that night and much to my surprise the status now showed compliant even though the maintenance window had not occurred yet. When I checked the servers and listed installed updates the January updates were not installed. I ran the following actions from the client on each server: policy evaluation, software updates scan, and scan evaluation. Shortly after that I received the notification that updates were waiting. All the while the deployment status in sccm console was now showing in progress but the status was successfully installed. When I went to software center on the client I tried to install the updates. It showed "downloading" 0 percent and stayed there indefinitely. So that is where I am at now? How do I get the updates applied and how to a make these updates in the future behave as a normal deployment. Is there something else that need to be done to client or to SCCM itself? Please help.

    Monday, January 29, 2018 4:10 PM
  • > "I created a new collection with our standard maintenance window."

    Do you realize that the collection a maintenance window is assigned to have no relationship to the collection a deployment is targeted at, correct?

    IOW, clients know nothing about collections. They get their maintenance windows and their deployment from their machine policy. They then enforce those deployments within the union of all open maintenance windows without consideration for which collection was used to assign them because they know nothing about collections (so couldn't consider collection even if they wanted to).

    Keys or values? You need to add specific registry values, not keys.

    As for your issue, which I think you started another thread for, that's a content download issue. Once you get to there, then you're past detection.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, January 29, 2018 9:59 PM
  • I couldn't get your method to work for some reason so I ended up following the scenario here and was able to deploy the key.  I can see it on the machines now but the patches are still showing as compliant for the 2008R2 and 2012R2 servers.  Any thoughts as to why this might be?  They don't need to be restarted after the key is created do they?

    

    Tuesday, January 30, 2018 4:33 PM
  • First, that's not a key, it's a value (which I've said multiple times in this thread).

    Compliant where? In the ConfigMgr console? If so, has a software update compliance scan been run since you've added or updated the value?


    Jason | https://home.configmgrftw.com | @jasonsandys

    Tuesday, January 30, 2018 11:17 PM
  • My apologies, Jason.  I wasn't even responding to your comment.  I had hit reply next to iSCCM's comment about creating the key and value via a CI.  Sorry if I upset you.  

    My reference to compliance is I am seeing the 2008 and 2012 servers listed as compliant in Config Manager in the deployment.  I had manually initiated a software update compliance scan from the client without change.

    Wednesday, January 31, 2018 12:35 AM
  • > "Sorry if I upset you.  "

    :-)

    Not upset, I just think folks should use the right names for things. In this case, it's like calling a file a folder -- it's simply not correct.

    Have you reviewed WindowsUpdate.log on the client? Ultimately, all update compliance scans are performed by the Windows Update Agent and this log is the log for the WUA and thus will show you exactly what's going on with the compliance scans.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Wednesday, January 31, 2018 1:50 AM
  • I am thankful for the help and the info!

    On this particular client I would expect KB4056898 to be available to install.   When searching WindowsUpdate.log I find no mention of it.   There are many instances of updates being added like this : 

    2018-01-31 08:08:08:903  680 c94 Agent   * Added update {01A0100C-C3B7-4EC7-866E-DB8C30111E80}.201 to search result

    Ultimately with this being reported : 

    2018-01-31 08:08:08:903  680 c94 Agent Reporting status event with 15 installable, 128 installed,  0 installed pending, 0 failed and 0 downloaded updates

    Wednesday, January 31, 2018 3:02 PM

  • 

    Dears,

    I am having same issue and I am a bit lost!

    Here what I have: 

    2 servers 2012r2 (1 with SCCM 1706 and one WSUS)

    Automatic Deployment rules every 2nd wednesday, one for W7, one for W10 and Others for O2010 and O2016.

    we are deploying updates every 2 months for internal reasons. It worked like a charm for years (SCCM 2007 until now). It is controlled by GPOs.

    Now all Office updates are working perfectly but not Operating Systems !! not even W7 !!! 

    I just discovered about the AV issue and the value to add in HKLM. 

    I have recreated SUPackage, included created a single update deployment with deadline ASAP.

    Both on the right collection with the computer inside!

    What is strange is in the monitoring/deployments, it says computer (brand new deployment without KBs) is compliant.

    But once you click on "more details", it gives you error code 0x000000  Success and the Software Updates Tab is empty.

    Here is the windowsupdate.log from Windows 10 computers:

    2018/02/17 10:35:00.2684937 10480 2404  AppAU           * START *
    2018/02/17 10:35:00.2685727 10480 2404  AppAU           Flight settings ring provisioned default, range-checked minimum search interval: 20 hours
    2018/02/17 10:35:00.2754268 10480 2404  AppAU           * START * Finding app updates
    2018/02/17 10:35:00.5459469 12516 3264  ComApi          * START *   SLS Discovery
    2018/02/17 10:35:00.5479607 5628  12588 IdleTimer       WU operation (CDiscoveryCall::Init ID 3) started; operation # 19; does use network; is not at background priority
    2018/02/17 10:35:00.5482795 12516 3264  ComApi          *QUEUED* SLS Discovery
    2018/02/17 10:35:00.5484808 5628  1852  IdleTimer       WU operation (CDiscoveryCall::Init ID 3, operation # 19) stopped; does use network; is not at background priority
    2018/02/17 10:35:00.5565935 12516 11664 ComApi          *RESUMED* Discovery
    2018/02/17 10:35:00.5566006 12516 11664 ComApi          Exit code = 0x00000000, Result code = 0x8024500C
    2018/02/17 10:35:00.5566016 12516 11664 Api             * END *   Discovery ClientId
    2018/02/17 10:35:00.5580399 12516 3264  ComApi          *FAILED* [8024500C] Method failed [CSLSClientProxy::GetSLSDataChunk:247]
    2018/02/17 10:35:00.5929117 1256  16224 ComApi          * START *   SLS Discovery
    2018/02/17 10:35:00.5968391 5628  12588 IdleTimer       WU operation (CDiscoveryCall::Init ID 4) started; operation # 24; does use network; is not at background priority
    2018/02/17 10:35:00.5970055 1256  16224 ComApi          *QUEUED* SLS Discovery
    2018/02/17 10:35:00.5971332 5628  1852  IdleTimer       WU operation (CDiscoveryCall::Init ID 4, operation # 24) stopped; does use network; is not at background priority
    2018/02/17 10:35:00.6080897 1256  9704  ComApi          *RESUMED* Discovery
    2018/02/17 10:35:00.6081112 1256  9704  ComApi          Exit code = 0x00000000, Result code = 0x8024500C
    2018/02/17 10:35:00.6081151 1256  9704  Api             * END *   Discovery ClientId
    2018/02/17 10:35:00.6143145 1256  16224 ComApi          *FAILED* [8024500C] Method failed [CSLSClientProxy::GetSLSDataChunk:247]
    2018/02/17 10:35:00.6337666 12516 3264  ComApi          * START *   Federated Search ClientId = Update;taskhostw (cV: uMJbvhwVD0WaEnRI.0.3.1.1.0)
    2018/02/17 10:35:00.6374705 5628  12588 IdleTimer       WU operation (SR.Update;taskhostw ID 5) started; operation # 29; does use network; is not at background priority
    2018/02/17 10:35:00.6384261 5628  9688  Agent           Processing auto/pending service registrations and recovery.
    2018/02/17 10:35:00.6395485 5628  9688  Misc            *FAILED* [8024500C] Method failed [CSLSEndpointProvider::GetWUClientData:1996]
    2018/02/17 10:35:00.6395629 5628  9688  Misc            *FAILED* [8024500C] Method failed [CSLSEndpointProvider::GetSecondaryServicesEnabledState:1503]
    2018/02/17 10:35:00.6402040 5628  9688  Agent           *FAILED* [8024500C] Method failed [CAgentServiceManager::DetectAndToggleServiceState:2880]
    2018/02/17 10:35:00.6402297 5628  9688  Agent           Failed to resolve federated serviceId 855E8A7C-ECB4-4CA3-B045-1DFA50104289, hr=8024500c
    2018/02/17 10:35:00.6407463 5628  9688  Agent           *FAILED* [8024500C] Failed to execute service registration call {AB1DB3BA-E2F4-4631-B355-5753B032B2D7} (cV: uMJbvhwVD0WaEnRI.0.3.1.1.0.1)
    2018/02/17 10:35:00.6408507 5628  9688  IdleTimer       WU operation (SR.Update;taskhostw ID 5, operation # 29) stopped; does use network; is not at background priority
    2018/02/17 10:35:00.6416539 12516 7008  ComApi          * END *   Federated Search failed to process service registration, hr=0x8024500C (cV = uMJbvhwVD0WaEnRI.0.3.1.1.0)
    2018/02/17 10:35:00.9864775 10480 2404  AppAU           * END * Finding app updates, exit code = 0x8024500C
    2018/02/17 10:35:00.9874497 10480 2404  AppAU           * END *, exit code = 0x8024500C
    2018/02/17 10:38:23.9557381 1056  13488 AppAU           * START *
    2018/02/17 10:38:23.9558302 1056  13488 AppAU           Flight settings ring provisioned default, range-checked minimum search interval: 20 hours
    2018/02/17 10:38:23.9660680 1056  13488 AppAU           * START * Finding app updates
    2018/02/17 10:38:24.1659522 15488 2764  ComApi          * START *   SLS Discovery
    2018/02/17 10:38:24.1691544 5628  12588 IdleTimer       WU operation (CDiscoveryCall::Init ID 6) started; operation # 34; does use network; is not at background priority
    2018/02/17 10:38:24.1694287 15488 2764  ComApi          *QUEUED* SLS Discovery
    2018/02/17 10:38:24.1696382 5628  1852  IdleTimer       WU operation (CDiscoveryCall::Init ID 6, operation # 34) stopped; does use network; is not at background priority
    2018/02/17 10:38:24.1766658 15488 5196  ComApi          *RESUMED* Discovery
    2018/02/17 10:38:24.1766813 15488 5196  ComApi          Exit code = 0x00000000, Result code = 0x8024500C
    2018/02/17 10:38:24.1766831 15488 5196  Api             * END *   Discovery ClientId
    2018/02/17 10:38:24.1787106 15488 2764  ComApi          *FAILED* [8024500C] Method failed [CSLSClientProxy::GetSLSDataChunk:247]
    2018/02/17 10:38:24.2145260 2916  2532  ComApi          * START *   SLS Discovery
    2018/02/17 10:38:24.2199111 5628  5876  IdleTimer       WU operation (CDiscoveryCall::Init ID 7) started; operation # 39; does use network; is not at background priority
    2018/02/17 10:38:24.2202451 2916  2532  ComApi          *QUEUED* SLS Discovery
    2018/02/17 10:38:24.2203533 5628  1852  IdleTimer       WU operation (CDiscoveryCall::Init ID 7, operation # 39) stopped; does use network; is not at background priority
    2018/02/17 10:38:24.2231136 2916  14420 ComApi          *RESUMED* Discovery
    2018/02/17 10:38:24.2231245 2916  14420 ComApi          Exit code = 0x00000000, Result code = 0x8024500C
    2018/02/17 10:38:24.2231259 2916  14420 Api             * END *   Discovery ClientId
    2018/02/17 10:38:24.2263217 2916  2532  ComApi          *FAILED* [8024500C] Method failed [CSLSClientProxy::GetSLSDataChunk:247]
    2018/02/17 10:38:24.2356960 15488 2764  ComApi          * START *   Federated Search ClientId = Update;taskhostw (cV: pk0YWwe5T0iNDATz.0.3.1.1.0)
    2018/02/17 10:38:24.2373904 5628  12588 IdleTimer       WU operation (SR.Update;taskhostw ID 8) started; operation # 44; does use network; is not at background priority
    2018/02/17 10:38:24.2375314 5628  9688  Agent           Processing auto/pending service registrations and recovery.
    2018/02/17 10:38:24.2376361 5628  9688  Misc            *FAILED* [8024500C] Method failed [CSLSEndpointProvider::GetWUClientData:1996]
    2018/02/17 10:38:24.2376457 5628  9688  Misc            *FAILED* [8024500C] Method failed [CSLSEndpointProvider::GetSecondaryServicesEnabledState:1503]
    2018/02/17 10:38:24.2376502 5628  9688  Agent           *FAILED* [8024500C] Method failed [CAgentServiceManager::DetectAndToggleServiceState:2880]
    2018/02/17 10:38:24.2376552 5628  9688  Agent           Failed to resolve federated serviceId 855E8A7C-ECB4-4CA3-B045-1DFA50104289, hr=8024500c
    2018/02/17 10:38:24.2376605 5628  9688  Agent           *FAILED* [8024500C] Failed to execute service registration call {7B82F9D0-67AB-45AE-9825-5A68AE7B7643} (cV: pk0YWwe5T0iNDATz.0.3.1.1.0.1)
    2018/02/17 10:38:24.2376785 5628  9688  IdleTimer       WU operation (SR.Update;taskhostw ID 8, operation # 44) stopped; does use network; is not at background priority
    2018/02/17 10:38:24.2391725 15488 5196  ComApi          * END *   Federated Search failed to process service registration, hr=0x8024500C (cV = pk0YWwe5T0iNDATz.0.3.1.1.0)
    2018/02/17 10:38:24.3719307 1056  13488 AppAU           * END * Finding app updates, exit code = 0x8024500C
    2018/02/17 10:38:24.3728556 1056  13488 AppAU           * END *, exit code = 0x8024500C
    2018/02/17 10:48:24.2579405 5628  6156  Agent           Earliest future timer found: 
    2018/02/17 10:48:24.2579610 5628  6156  Agent               Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2018-02-17 23:02:01, not idle-only, not network-only
    2018/02/17 10:48:25.0525436 5628  244   IdleTimer       Non-AoAc machine.  Aoac operations will be ignored.
    2018/02/17 10:48:25.0526663 5628  244   Agent           WU client version 10.0.16299.98
    2018/02/17 10:48:25.0531469 5628  244   Agent           SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.
    2018/02/17 10:48:25.0534861 5628  244   Agent           Base directory: C:\WINDOWS\SoftwareDistribution
    2018/02/17 10:48:25.0545052 5628  244   Agent           Datastore directory: C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
    2018/02/17 10:48:25.0560704 5628  244   DataStore       JetEnableMultiInstance succeeded - applicable param count: 5, applied param count: 5
    2018/02/17 10:48:25.1052753 5628  244   Shared          UpdateNetworkState Ipv6, cNetworkInterfaces = 6.
    2018/02/17 10:48:25.1053208 5628  244   Shared          UpdateNetworkState Ipv4, cNetworkInterfaces = 1.
    2018/02/17 10:48:25.1060885 5628  244   Shared          Network state: Connected
    2018/02/17 10:48:25.2620718 5628  1972  Misc            CSusClientGlobal::DoServicePreShutdown
    2018/02/17 10:48:25.2621356 5628  1972  IdleTimer       Idle timer disabled in preparation for service shutdown
    2018/02/17 10:48:25.2621462 5628  1972  Misc            WUTaskManager uninit
    2018/02/17 10:48:25.2621554 5628  1972  Agent           Earliest future timer found: 
    2018/02/17 10:48:25.2621769 5628  1972  Agent               Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2018-02-17 23:02:01, not idle-only, not network-only
    2018/02/17 10:48:25.2656586 5628  1972  Misc            CreateSessionStateChangeTrigger, TYPE:2, Enable:No
    2018/02/17 10:48:25.2656777 5628  1972  Misc            CreateSessionStateChangeTrigger, TYPE:4, Enable:No
    2018/02/17 10:48:25.2711083 5628  1972  Misc            Agent uninit
    2018/02/17 10:48:25.2741038 5628  244   Misc            *FAILED* [8024000C] LoadHistoryEventFromRegistry completed
    2018/02/17 10:48:25.2742876 5628  244   Shared          UpdateNetworkState Ipv6, cNetworkInterfaces = 6.
    2018/02/17 10:48:25.2742988 5628  244   Shared          UpdateNetworkState Ipv4, cNetworkInterfaces = 1.
    2018/02/17 10:48:25.2743108 5628  244   Shared          Power status changed
    2018/02/17 10:48:25.2755464 5628  1972  Misc            Reporter uninit
    2018/02/17 10:48:25.2757117 5628  1972  Misc            network cost manager uninit
    2018/02/17 10:48:25.2757385 5628  1972  Misc            Eventer uninit
    2018/02/17 10:48:25.2758708 5628  1972  Misc            ServiceManager uninit
    2018/02/17 10:48:25.2759138 5628  1972  Misc            PersistentTimeoutScheduler uninit
    2018/02/17 10:48:25.2759166 5628  1972  Misc            datastore uninit
    2018/02/17 10:48:25.2760520 5628  244   Agent           Initializing global settings cache
    2018/02/17 10:48:25.2760545 5628  244   Agent           WSUS server: http://Server2.domain.com:8530
    2018/02/17 10:48:25.2760570 5628  244   Agent           WSUS status server: http://Server2.domain.com:8530
    2018/02/17 10:48:25.2760640 5628  244   Agent           Alternate Download Server: (null)
    2018/02/17 10:48:25.2760662 5628  244   Agent           Fill Empty Content Urls: No
    2018/02/17 10:48:25.2760683 5628  244   Agent           Target group: (Unassigned Computers)
    2018/02/17 10:48:25.2760700 5628  244   Agent           Windows Update access disabled: Yes
    2018/02/17 10:48:25.2760721 5628  244   Agent           Do not connect to Windows Update Internet locations: Yes
    2018/02/17 10:48:25.2770450 5628  244   Agent               Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2018-02-17 23:02:01, not idle-only, not network-only
    2018/02/17 10:48:25.2831432 5628  244   Agent           Initializing Windows Update Agent
    2018/02/17 10:48:25.2843378 5628  244   Agent           CPersistentTimeoutScheduler | GetTimer, returned hr = 0x00000000
    2018/02/17 10:48:25.2880717 5628  6156  IdleTimer       WU operation (SR.<<PROCESS>>: taskhostw.exe ID 1) started; operation # 3; does use network; is not at background priority
    2018/02/17 10:48:25.2910062 5628  8848  IdleTimer       WU operation (SR.<<PROCESS>>: taskhostw.exe ID 1, operation # 3) stopped; does use network; is not at background priority
    2018/02/17 10:48:25.3090496 3668  15148 ComApi          Federated Search: Starting search against 1 service(s) (cV = qcYTXrDvPEWft9EO.1.0)
    2018/02/17 10:48:25.3094763 5628  656   DownloadManager PurgeExpiredFiles::Found 0 expired files to delete.
    2018/02/17 10:48:25.3095048 5628  656   DownloadManager PurgeExpiredUpdates::Found 0 non expired updates.
    2018/02/17 10:48:25.3095144 5628  656   DownloadManager PurgeExpiredUpdates::Found 0 expired updates.
    2018/02/17 10:48:25.3095581 3668  15148 ComApi          * START *   Search ClientId = <<PROCESS>>: taskhostw.exe, ServiceId = 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 (cV = qcYTXrDvPEWft9EO.1.0.0)
    2018/02/17 10:48:25.3134252 5628  5876  IdleTimer       WU operation (CSearchCall::Init ID 2) started; operation # 6; does not use network; is not at background priority
    2018/02/17 10:48:25.3140702 5628  656   DownloadManager Received power state change notification: Old: <unknown>; New: DC(considered as AC).
    2018/02/17 10:48:25.3140748 5628  656   DownloadManager Power state changed from <unknown> to DC(considered as AC).
    2018/02/17 10:48:25.3225302 5628  5876  Reporter        OS Product Type = 0x00000004
    2018/02/17 10:48:25.3550894 5628  1972  Misc            setting cache uninit
    2018/02/17 10:48:25.3550929 5628  1972  Misc            security checker uninit
    2018/02/17 10:48:25.3550975 5628  1972  Misc            Test Hook uninit
    2018/02/17 10:48:25.3550993 5628  1972  Misc            IdleTimer uninit
    2018/02/17 10:48:25.3556617 5628  1972  Shared          * END * Service exit Exit code = 0x240001
    2018/02/17 10:48:25.3605511 5628  5876  Agent           * START * Queueing Finding updates [CallerId = <<PROCESS>>: taskhostw.exe  Id = 2]
    2018/02/17 10:48:25.3605680 5628  5876  Agent           Service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 is not in sequential scan list
    2018/02/17 10:48:25.3605779 5628  5876  Agent           Added service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 to sequential scan list
    2018/02/17 10:48:25.3611717 5628  12960 Agent           Service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 is in sequential scan list
    2018/02/17 10:48:25.3702812 5628  14192 Agent           * END * Queueing Finding updates [CallerId = <<PROCESS>>: taskhostw.exe  Id = 2]
    2018/02/17 10:48:25.3781453 5628  14192 Agent           * START * Finding updates CallerId = <<PROCESS>>: taskhostw.exe  Id = 2
    2018/02/17 10:48:25.3781541 5628  14192 Agent           Online = No; Interactive = Yes; AllowCachedResults = No; Ignore download priority = No
    2018/02/17 10:48:25.3781643 5628  14192 Agent           Criteria = IsInstalled=0 and Type='Software' and IsHidden=0 and IsAssigned=1 and CategoryIDs contains 'e6cf1350-c01b-414d-a61f-263d14d133b4'""
    2018/02/17 10:48:25.3781717 5628  14192 Agent           ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
    2018/02/17 10:48:25.3781731 5628  14192 Agent           Search Scope = {Machine}
    2018/02/17 10:48:25.3781858 5628  14192 Agent           Caller SID for Applicability: S-1-5-21-2081130476-404142261-4264002752-3383
    2018/02/17 10:48:26.2299456 5628  14192 Agent           Found 0 updates and 0 categories in search; evaluated appl. rules of 0 out of 1534 deployed entities
    2018/02/17 10:48:26.2379620 5628  14192 Agent           * END * Finding updates CallerId = <<PROCESS>>: taskhostw.exe  Id = 2
    2018/02/17 10:48:26.2409434 5628  14192 IdleTimer       WU operation (CSearchCall::Init ID 2, operation # 6) stopped; does not use network; is not at background priority
    2018/02/17 10:48:26.2625352 3668  4844  ComApi          *RESUMED*   Search ClientId = <<PROCESS>>: taskhostw.exe, ServiceId = 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 (cV = qcYTXrDvPEWft9EO.1.0.0)
    2018/02/17 10:48:26.2664193 3668  4844  ComApi          * END *   Search ClientId = <<PROCESS>>: taskhostw.exe, Updates found = 0, ServiceId = 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 (cV = qcYTXrDvPEWft9EO.1.0.0)
    2018/02/17 10:48:26.2669986 3668  15148 ComApi          * END *   All federated searches have completed. Jobs = 1, Succeeded = 1, ClientId = <<PROCESS>>: taskhostw.exe (cV = qcYTXrDvPEWft9EO.1.0)

    Please !!! I am getting crazy !!

    Saturday, February 17, 2018 11:21 AM
  • hey Gasp, 

    "But once you click on "more details", it gives you error code 0x000000  Success and the Software Updates Tab is empty" you mean the ADR? have you tried to right click on the ADR and run it manually?

    What the "ruleengineer.log" say?

    in Software Update, Deployment Package, can you see a Package being created for the ADR? if yes, whats the size?? note that there are 2 parts for the ADR, the Rule is self which will create/update the Update group based on the conditions you set and then you have the Deployment part.

    if the ADR is scheduled to run but the Deployment is Disabled the Deployment Package will be Empty.

    run the ADR manually and paste the ruleengineer.log here is you can.

    good luck.

    Imzi


    • Edited by Imad Ubadat Sunday, April 15, 2018 12:59 AM
    Sunday, April 15, 2018 12:58 AM
  • This is the second forum whare requirement for reg key is stated to de bone manually or through CI.

    if there is any active AV then it will be responsible for that, not to be done through GPO, except if no AV is being used within company, 


    Cherif Benammar

    Sunday, April 15, 2018 5:12 PM
  • Should and actually is are two different things though.

    Also, I would never do this with a GPO, that's what CIs are for.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, April 16, 2018 2:32 AM
  • Not correct, some AV’s did rectify this, but some didn’t, Symantec jumped on it with a definition update while Dell ATP provided a manuals method. And CI’s would be the way to go, more control, less risk and will only apply to devices that are missing the Value.
    • Proposed as answer by Gasp_easy Tuesday, April 24, 2018 6:59 AM
    Monday, April 16, 2018 8:32 AM
  • That's why, maybe, Microsoft said or qualified them as non compatible AV for future updates.

    Cherif Benammar

    Monday, April 16, 2018 8:37 AM
  • Dear Imad,

    Sorry for late answer but culprit was once again this reg key and the process slowness of ConfigMgr/Wuclient to understand that clients have this key.

    It worked after few hours !!

    Thanks again

    Tuesday, April 24, 2018 6:58 AM
  • A Push of Reg Key through CI is the best to ensure your updates to be installed. All AVs don't rectify it correctly.

    We had the issue with TrendMicro.

    Tuesday, April 24, 2018 7:00 AM
  • glad i could help :)
    Tuesday, April 24, 2018 7:07 AM