IT Management SuiteClient Management SuitePatch Management Solution
Issue/Introduction
Sometimes there may be a need to refresh the Patch Assessment scan files if the PMImport fails due to a file being held open i.e. WindowsPatchData.zip, or any other file in the windowsvulnerabilityscan folder.
Common Errors (the file may be different):
Failed to update Tools\WindowsPatchData.zip The process cannot access the file 'D:\Program Files\Altiris\Patch Management\packages\windowsvulnerabilityscan\WindowsPatchData.zip' because it is being used by another process.
Failed to update assessment files for: 'Import Patch Data for Windows' (c27dbb50-6ddf-4125-87c1-d8f5b588491d) The process cannot access the file 'D:\Program Files\Altiris\Patch Management\packages\windowsvulnerabilityscan\WindowsPatchData.zip' because it is being used by another process.
Environment
Patch Management Solution 8.x
Resolution
To fully refresh the Windows System Assessment Scan files in Patch Management 8.x, work through the following steps:
RDP to the SMP
Confirm there are no current PMImports running
Console > Manage > Jobs and Tasks > System Jobs and Tasks > Software > Patch Management > Import Patch Data for Windows
If in Hierarchy: Confirm there are no current replication jobs running
Console > Reports > All Reports > Notification Server Management > Server > Replication > Current Replication Activity
Stop main Altiris Services in this order
Altiris Support Service
Altiris Client Message Dispatcher
Altiris File Receiver
Altiris Event Receiver
Altiris Service
Altiris Object Host Service
Altiris Service Hoster
Altiris Event Engine
Go to default install directory: C:\ProgramData\Symantec\SMP\Snapshots
Delete the snapshot.xml for the Windows System Assessment Scan package
{6D417916-467C-46A7-A870-6D86D9345B61}.xml
Check all snapshot.xml's in this location and ensure none have a GUID of all 0's
Delete any with all 0's
Go to default install directory: C:\Program Files\Altiris\Patch Management\Packages\WindowsVulnerabilityScan
Note: Do not delete the RunAssessment.bat file or your Windows System Assessment Scans will fail on endpoints when they redownload these files. Also leave any certificate files if present (see the article, Windows System Assessment Scan fails with Exit Code: 4)
Delete the following files from the WindowsVulnerabilityScan folder
AeXPatchAssessment.exe
catalog.xml
STPatchAssessmentSrv.exe
WindowsPatchData.zip
Restart all services that were stopped as outlined in Step 'c' above
Run the PMImport with the following settings disabled (as viewed in the screen shot below)Incremental Import
Delete previously downloaded data for vendors, software and languages that are now excluded
Automatically revise Software Update policies after importing patch data
Enable distribution of newly added Software updates
Disable all superseded Software Updates
Re-enable all desired settings. Configurations for best practices are detailed in KB 156151- Step 3
Advisory: Leave the setting 'Delete previously downloaded data for vendors, software and languages that are now excluded' disabled, for if the Vendor Data is not being altered, there is no reason to add this process to the PMImport and it will increase performance to leave it disabled.
Ensure the clients are downloading the updated Windows System Assessment Scan folder
If this is failing to download; review troubleshooting steps outlined in KB 154257
Additional Information
If the issue keeps reoccurring where this WindowsPatchData.zip file keeps getting locked, try to identify what is locking it. Some ideas on how to do this:
2. Check if the WindowsPatchData.zip file is still locked.
Steps for finding:
Go to File, and select "Show Details for All Processes" option
Go to Find > Find Handle or DLL.
In the "Handle or DLL substring:" text box, type the path to the file (e.g. "C:\path\to\file.txt") and click "Search".
All processes which have an open handle to that file should be listed.
3. If nothing is locking the file, try to run PMImport again and when you see the error in the NS logs for this error:
The process cannot access the file 'D:\Program Files\Altiris\Patch Management\packages\windowsvulnerabilityscan\WindowsPatchData.zip' because it is being used by another process.
Then open Microsoft Process Explorer and see if it shows what it is.