/build/static/layout/Breadcrumb_cap_w.png

Incorrect "Detect" results after a "Detect and Deploy"

Hi KACE users,

Has anyone been getting incorrect "Detect" results after a "Detect and Deploy" ?

Last night I ran a "Detect and Deploy" on some servers. 


I did not use any Patch Label. I checked the default "All Patches" as shown below:


Detect

All Patches
Deploy
All Patches


We subscribe to these patches: 

Publishers:

Adobe Systems, Inc, Google Inc., 7-Zip.org, TechSmith, WinZip Computing Inc, Microsoft Corp., Skype, TeamViewer, Wireshark Foundation, WinZip Computing, S.L., UltraVNC, Evernote Corporation, RealVNC Ltd.

They all got fully patched.

I then ran a Detect "All Patches" on the same servers this morning.

They all show 10 patches missing shown below:

SERVERB54xx.xx.xx.xxcompletedPatched: 257, Not Patched: 10, Detect Failures: 0

I have a ticket open with KACE but am curious if any of you have the similar issues.


Thank.


3 Comments   [ + ] Show comments
  • The appliance may not yet have downloaded the required patches for the 2nd patch cycle. Check to see that the file size for the required patches is now greater than 0 and deploy the patches again. - napiert 6 years ago
    • Thank you napiert. All patches that show missing show "Active" but size is 0. What baffles me is that why are these patches showing "Active" but are not in the kbox. Also the missing patches are from 2013. When I run a manual MS update on these servers, they show fully patched per MS. MBSA shows them as fully patched too. I have an open ticket with KACE but no success. - endlessknot 6 years ago
  • MBSA should be telling the truth... Maybe those 10 patches are superseded or included in a Monthly Roll-up...
    If you open the device's details, you should be able to see what patches are not installed, and looking for them in the catalog, see if they are superseded - Channeler 6 years ago
    • The 10 patches are not superseded. They show active and 0 in size. KACE tech advised to change patch download settings from "download active patches" to "download all subscribed patches." Subscribed patches are being downloaded for the past 6 hours. I am not sure if this was the right thing to do. I've been asking for Tier 3 support but no success. - endlessknot 6 years ago
      • I would rather activate manually those 10 patches using the radio button...
        What bugs me is MBSA, I mean...I use that one to determine if KACE is lying.. for example K1 says everything is fine, I use MBSA to confirm if that is true, not the other way around...

        If a patch is active, but not being downloaded to the KBOX (file size 0KB), that probably means it does not match your subscription or patch download settings. - Channeler 6 years ago
  • Hi Channeler, Thank you for your time ;). KACE Tech ran a detect and deploy on 1 server with default "All Patches". It showed fully patched. Then he ran a Detect on the same server with default "All Patches". It came with Not Patched 10. He said he will push this up to Management. Should hear back today. Will post the solution. - endlessknot 6 years ago

Answers (1)

Posted by: endlessknot 6 years ago
Senior Yellow Belt
0
Upon moving this issue to a TPS, we finally found the problem.

Our Anti Virus software Cylance is configured to block "c:\Windows\temp". 
KACE Detect uses the c:\Windows\temp where the information is cached.

If "c:\Windows\temp" is not blocked by AV, then Detect reports correctly.

Thank you all.


Comments:
  • Did you have to exclude this folder? - rleb29 6 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ