/build/static/layout/Breadcrumb_cap_w.png
05/09/2019 119 views

I have machines at several layers of patching deficiencies. Some are behind a week or two and some are months behind. I'm looking into why this is and how it affects machines differently. I want to start with some reasons why machines would not be getting patched on a regularly scheduled basis. Some of the reasons I have so far are:


1) patches are delayed from Lumension

2) systems were taken off the network but the record was not removed from Inventory

3) the Quest agent service has stopped

4) Quest agent is not installed

5) patch download failed


In your experience, what are some other common reasons that a machine would not be getting patched on a regular schedule?


Thanks for the help.


Answer Summary:
0 Comments   [ + ] Show comments

Comments


Answer Chosen by the Author

1

1 - You are using replication shares and do not allow fallback to the SMA, and something is wrong at that replication site.

2 - AV messing with patching

3- Zombie jobs stuck on that machine and you need to clean the job from the agent command queue before other jobs will run against that machine.

4-The Machines have upgraded versions and you have not added that OS version to your patching schedule.

5-Win updates have changed something with Defender or Firewall

6-You have something wrong with the local patch cache on the machine and need to flush it C:\ProgramData\Quest\KACE\patches

You can check the logs on the machines to see if you have errors listed.  There is now a Tshooting tool

https://support.quest.com/kb/263376/using-the-kace-agent-toolkit-kat-





Answered 05/09/2019 by: SMal.tmcc
Red Belt

  • Thank you so much. I hadn't considered these options.
    • I am sure there are others as well, those are from past experience. I exepect others will give you even more things neither of us have heard of being a solution.