Question: How do I troubleshoot a client updating / rebooting outside the Patch Policy schedule for Patch Management 7.x - PM 7.1 SP2 MP1.x?
Answer: To troubleshoot why the client is running the Software Update Cycle and / or rebooting outside the Default Software Update Plug-in Policy; work through the following:
- Check the settings on the Software Update Policy > Package Options:
- Found on Console > Actions > Software > Patch Remediation Center > Software > Patch Management > Windows
- Ensure the Package Options are disabled; these settings are in place for a one-off scheduled run, or testing of that Software Update Policy, and is not best practice for executing the Software Update Cycle or rebooting.
- Note: This configuration will execute the Software Update Cycle / Reboot; however, the caveat is that if the client missed the Software Update Cycle, the schedule will retort back to the Default Software Update Plug-in Policy, and if missed again, it will run as soon as possible.
- Detailed on KM: TECH41865
- Advisory: These settings will overwrite the Default Software Update Plug-in Policy schedule as they are designed to be the one-off schedule to deploy outside the regular schedule
- Check the Default Software Update Plug-in Policy:
- Found on the Console > Settings > Agents/Plug-ins > All Agents/Plug-ins > Software > Windows
- Refer to KM: HOWTO56242 - Section 5; best practices on how to configure the Software Update Cycle / Reboot schedules.
- Ensure these settings are in order and that any Notification Settings for deferrals and popups during the Software Update Cycle / Reboot is in order.
- The best practice configurations for these settings are outlined on KM: TECH127404
- Check the ClientPolicy.xml:
- Found default on Client: C:\Program Files\Altiris\Altiris Agent\Client Policies
- Open the larger sized xml file; review if the client is targeted appropriately by each policy entry
- Helpful to collapse each main entry and overview the listed policies targeting without details
- Check the Client Logs:
- Found default on Client: C:\ProgramData\Symantec\Symantec Agent\Logs
- Advisory: best to review the logs in the Altiris Log Viewer (on the SMP) for better viewing and interaction/searching
- Search for the following: 'change' or 'state' or 'reboot' as these will allow for review of each entry that the client changed state from 'Ready' to 'Applying' to 'Reboot'
- The logs will show the cronological order by which the Software Update Cycle began and worked through Assessment Scan, initiating the install of updates, and rebooting.
Advisory: It is critical that the Client Logs are saved as soon as possible, for the logs are constantly being overwritten, and troubleshooting hinges on the Client Logs. Please drill down to the Log Folder > right-click > Send to - Compressed, and gather those as soon as the client is found to be in question.