Trouble trying to deploy patches or feature updates
Trying to push out Windows 11. I either get the agent disconnected error or it says completed but not installed.
Quest support is slow rolling and I'm not getting anywhere. This is a snip of the end of the log. Anyone have any ideas?
[2023-12-29.11:34:38][KacePatch:CmdBar_FileVersionPrep] CmdBar_FileVersionPrependRegSz::Execute: prefix not found in registry, key HKEY_LOCAL_MACHINE, subkey SOFTWARE\Microsoft\Microsoft Antimalware\Signature Updates, value SignatureLocation, regType32
[2023-12-29.11:34:38][KacePatch:CmdLar::Execute ] CmdLar::Execute - LAR And results 0
[2023-12-29.11:34:38][KacePatch:CmdLar::Execute ] CmdLar::Execute - LAR Base results 0
[2023-12-29.11:34:38][KacePatch:DetectFileCmdBase::Det] DetectFileCmd::Detect - Product is not present
[2023-12-29.11:34:38][KacePatch:CmdBar_FileVersionPrep] CmdBar_FileVersionPrependRegSz::Execute: prefix not found in registry, key HKEY_LOCAL_MACHINE, subkey SOFTWARE\Microsoft\Microsoft Antimalware\Signature Updates, value SignatureLocation, regType32
[2023-12-29.11:34:38][KacePatch:CmdBar_FileVersionPrep] CmdBar_FileVersionPrependRegSz::Execute: prefix not found in registry, key HKEY_LOCAL_MACHINE, subkey SOFTWARE\Microsoft\Microsoft Antimalware\Signature Updates, value SignatureLocation, regType32
[2023-12-29.11:34:38][KacePatch:CmdLar::Execute ] CmdLar::Execute - LAR And results 0
[2023-12-29.11:34:38][KacePatch:CmdLar::Execute ] CmdLar::Execute - LAR Base results 0
[2023-12-29.11:34:38][KacePatch:DetectFileCmdBase::Det] DetectFileCmd::Detect - Patch is not present
[2023-12-29.11:34:38][KacePatch:KacePatchModule::CmdDe] KacePatchModule::CmdDetect: Patch was not detected
[2023-12-29.11:34:38][KacePatch:KacePatchModule::Detec] KacePatchModule::Detect: Patch PTCH348716 Name Security Intelligence Update for Windows Defender and Microsoft Security Essentials - Version: 1.403.1237.0 Applicable No
[2023-12-29.11:34:38][KacePatch:KacePatchModule::Detec] KacePatchModule::Detect: Detect Loop complete - processing the results
[2023-12-29.11:34:39][KacePatch:KacePatchModule::Detec] KacePatchModule::Detect: Log output created successfully
[2023-12-29.11:34:39][KacePatch:KacePatch::Execute ] KacePatch::Execute: Command finished
[2023-12-29.11:34:39][KacePatch:main ] KacePatch::Main: Sending final status 0 back to SMA
[2023-12-29.11:34:42][KacePatch:KacePatch::HandleUploa] KacePatch::HandleUpload
[2023-12-29.11:34:42][KacePatch:KacePatch::HandleUploa] KacePatch::HandleUpload: Attempting to upload result file C:\ProgramData\Quest\KACE\kpd\KPATCH_DETECT_OUTPUT.txt for the 1 time
[2023-12-29.11:34:42][KacePatch:KWeb::UploadUsingCurl ] UploadFile: uploading file C:\ProgramData\Quest\KACE\kpd\KPATCH_DETECT_OUTPUT.txt to http://127.0.0.1:49708/service/kbot_upload.php?checksum=233417a92f8b71e85eeb1d6f65cdd0a2cbf912734848504348e72464bee6d5552f3e6bcff6e9256e1cf7348aa00ce91a9ce5dd46ea513e028fd64add2c74aa42
[2023-12-29.11:34:42][KacePatch:KWeb::UploadUsingCurl ] UPLOADFILE: CURL DEBUG INFO --->>> START <<<---
* Trying 127.0.0.1:49708...
* Connected to 127.0.0.1 (127.0.0.1) port 49708 (#0)
> PUT /service/kbot_upload.php?checksum=233417a92f8b71e85eeb1d6f65cdd0a2cbf912734848504348e72464bee6d5552f3e6bcff6e9256e1cf7348aa00ce91a9ce5dd46ea513e028fd64add2c74aa42 HTTP/1.1
Host: 127.0.0.1:49708
User-Agent: Mozilla/5.0 (Windows 10 Enterprise/6.3.19044; WOW64) libcurl/7.76.1 OpenSSL/1.1.1t zlib/1.2.11 QuestKACE-Agent/13.1.19
Accept: */*
KUID: e074a857-bcc2-480a-a5da-9d50c3606bdf
Content-Length: 1315247
Expect: 100-continue
* Mark bundle as not supporting multiuse
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Fri, 29 Dec 2023 17:34:42 GMT
< Server: Apache
< X-Content-Type-Options: nosniff
< X-Frame-Options: sameorigin
< X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
< Access-Control-Allow-Headers: x-kace-auth-timestamp, x-kace-auth-key, x-kace-auth-signature, accept, origin, content-type
< Access-Control-Allow-Methods: PUT, DELETE, POST, GET, OPTIONS
< X-KACE-Appliance: K1000
< X-UA-Compatible: IE=9,EDGE
< Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
< Content-Length: 0
< Content-Type: text/html; charset=utf-8
<
* Connection #0 to host 127.0.0.1 left intact
[2023-12-29.11:34:45][KacePatch:KWeb::UploadUsingCurl ] UPLOADFILE: CURL DEBUG INFO --->>> END <<<---
[2023-12-29.11:34:45][KacePatch:KWeb::UploadUsingCurl ] UploadFile: Uploaded to http://127.0.0.1:49708/service/kbot_upload.php?checksum=233417a92f8b71e85eeb1d6f65cdd0a2cbf912734848504348e72464bee6d5552f3e6bcff6e9256e1cf7348aa00ce91a9ce5dd46ea513e028fd64add2c74aa42 Upload speed: 475333.000000 bytes/second
[2023-12-29.11:34:45][KacePatch:KacePatch::Execute ] KacePatch::Execute: Command finished
[2023-12-29.11:34:45][KacePatch:main ] KacePatch::Main: Sending final status 0 back to SMA
Answers (2)
I do not see an error in the snippet of the log. You may want to review the Windows Event logs for errors and, submit a support ticket for additional assistance.
So I had this problem and reached out to support. In the end, this is ultimately an issue with a .dll file inside of the Microsoft Windows 11 Iso.
The KACE Analyst I worked with gave me a guide on how to change the .dll file in the iso, then package that into a managed install in KACE. Then I can deploy that managed install to my clients with no error. Below was the last email I received that explains everything you need to do. Took me about 30 minutes to get everything packaged up, but works flawlessly now.
| ||||||||
|
Comments:
-
I removed the personal data of the engineer and yourself from the email. Please always keep in mind:
With the case number someone can get personal data from you just by calling support and especially if the attacker then also knows the engineer you had to do with it is validated that the attacker comes from your company. Therefore please always anonymize personal data where possible. Thanks - Nico_K 11 months ago