/build/static/layout/Breadcrumb_cap_w.png
06/07/2019 345 views

We currently use our K1000 appliance for Windows patching, but we are having issues patching some of our Windows Server 2012 machines, where it looks like some updates are getting applied in 2012 but KACE doesn't have any of the Cumulative Monthly Rollups in its catalog to deploy (from here: https://support.microsoft.com/en-us/help/4499151). Any ideas what we can check to ensure that KACE is set to push these updates and/or how to populate these types of updates into the catalog?

0 Comments   [ + ] Show comments

Comments


All Answers

1

Hi... it does... the Cumulative Updates are there. (for 2012 SP0 and 2012 R2).

ywwPF.png


You might want to review your Patching Subscriptions and Download Settings.
Make sure your Patching Smart Labels have that patch included, and run a Detect against that 2012 server, the KACE needs to detect a patch as missing, and then during the Deploy phase it will install them.



Answered 06/07/2019 by: Channeler
Red Belt

  • Thank you very much Channeler. I found that update in the catalog as you indicated - I had the wrong filter set to not show individual updates so I wasn't initially finding it. I also see that the PC we want to deploy the update to is tagged as a detect label and then later a deploy label.

    Whats odd now is that the server we are trying to patch still isn't isn't having KB4499151 offered to it though - KACE says that its up to date and isn't missing anything, but the server indicates otherwise.

    Looking at this from another angle now, when KACE runs Windows Updates, since its not via the WIndows Update service itself, logging is rather limited. I am wondering if any of you know if Installed Updates under Programs and Features actually reflect the updates KACE pushed, or because its technically using DISM to run the patches, is that list not reflective of new updates installed?
    • KACE uses the Windows Registry to determine if a patch is installed or missing.

      When you install a KB update via KACE, it should show up in your Control Panel > View Installed Updates.

      Maybe the patch requires a reboot to be installed, and your Deployment Schedules are set to not reboot. (the good thing to do when patching Servers).
      • Thanks Channeler, not sure what I did but its working now and its deploying patches. I hate posting a useless post like that, but hopefully what we covered above will help someone troubleshoot. Thanks again for your help in the troubleshooting process!