Fully refresh the Patch Assessment scan files
search cancel

Fully refresh the Patch Assessment scan files

book

Article ID: 178297

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite Patch Management Solution

Issue/Introduction

Sometimes there may be a need to refresh the Patch Assessment scan files if the PMImport fails due to a file being held open i.e. WindowsPatchData.zip, or any other file in the windowsvulnerabilityscan folder.

Common Errors (the file may be different):

Failed to update Tools\WindowsPatchData.zip
The process cannot access the file 'D:\Program Files\Altiris\Patch Management\packages\windowsvulnerabilityscan\WindowsPatchData.zip' because it is being used by another process.

Failed to update assessment files for: 'Import Patch Data for Windows' (c27dbb50-6ddf-4125-87c1-d8f5b588491d)
The process cannot access the file 'D:\Program Files\Altiris\Patch Management\packages\windowsvulnerabilityscan\WindowsPatchData.zip' because it is being used by another process.

Environment

Patch Management Solution 8.x

Resolution

To fully refresh the Windows System Assessment Scan files in Patch Management 8.x, work through the following steps:

  1. RDP to the SMP
    1. Confirm there are no current PMImports running
      1. Console > Manage > Jobs and Tasks > System Jobs and Tasks > Software > Patch Management > Import Patch Data for Windows
    2. If in Hierarchy: Confirm there are no current replication jobs running
      1. Console > Reports > All Reports > Notification Server Management > Server > Replication > Current Replication Activity
  1. Stop main Altiris Services in this order
    1. Altiris Support Service
    2. Altiris Client Message Dispatcher
    3. Altiris File Receiver
    4. Altiris Event Receiver
    5. Altiris Service
    6. Altiris Object Host Service
    7. Altiris Service Hoster
    8. Altiris Event Engine
  1. Go to default install directory: C:\ProgramData\Symantec\SMP\Snapshots
    1. Delete the snapshot.xml for the Windows System Assessment Scan package
      1. {6D417916-467C-46A7-A870-6D86D9345B61}.xml
    2. Check all snapshot.xml's in this location and ensure none have a GUID of all 0's
    3. Delete any with all 0's
  1. Go to default install directory: C:\Program Files\Altiris\Patch Management\Packages\WindowsVulnerabilityScan
    1. Note: Do not delete the RunAssessment.bat file or your Windows System Assessment Scans will fail on endpoints when they redownload these files. Also leave any certificate files if present (see the article, Windows System Assessment Scan fails with Exit Code: 4)
    2. Delete the following files from the WindowsVulnerabilityScan folder
      1. AeXPatchAssessment.exe
      2. catalog.xml
      3. STPatchAssessmentSrv.exe
      4. WindowsPatchData.zip
  1. Restart all services that were stopped as outlined in Step 'c' above
  2. Run the PMImport with the following settings disabled (as viewed in the screen shot below)Incremental Import
    1. Delete previously downloaded data for vendors, software and languages that are now excluded
    2. Automatically revise Software Update policies after importing patch data
    3. Enable distribution of newly added Software updates
    4. Disable all superseded Software Updates


  3. Re-enable all desired settings. Configurations for best practices are detailed in KB 156151- Step 3
    1. Advisory: Leave the setting 'Delete previously downloaded data for vendors, software and languages that are now excluded' disabled, for if the Vendor Data is not being altered, there is no reason to add this process to the PMImport and it will increase performance to leave it disabled.
  4. Ensure the clients are downloading the updated Windows System Assessment Scan folder
  1.  

     9. Verify that the PMImport finishes successfully

    1. If PMImport failed to run successfully; troubleshoot as outlined in KB 180740

Additional Information

If the issue keeps reoccurring where this WindowsPatchData.zip file keeps getting locked, try to identify what is locking it. Some ideas on how to do this:

Option 1:

1. Download Microsoft Process Explorer: https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer

2. Check if the WindowsPatchData.zip file is still locked.

Steps for finding:

  1. Go to File, and select "Show Details for All Processes" option
  2. Go to Find > Find Handle or DLL.
  3. In the "Handle or DLL substring:" text box, type the path to the file (e.g. "C:\path\to\file.txt") and click "Search".
  4. All processes which have an open handle to that file should be listed.

3. If nothing is locking the file, try to run PMImport again and when you see the error in the NS logs for this error:

The process cannot access the file 'D:\Program Files\Altiris\Patch Management\packages\windowsvulnerabilityscan\WindowsPatchData.zip' because it is being used by another process.

Then open Microsoft Process Explorer and see if it shows what it is.

https://www.windowscentral.com/how-delete-locked-files-windows-10

Option 2 - Try the following article:

http://woshub.com/managing-open-files-windows-server-share/

Powered by Wolken Software