1. Work through the following before moving to the less common section below, make sure to start with the most likely based on the cause and symptoms before looking at other resolutions:
- Licensing: Renew the current Licensing AUP and ensure the count of machines to be updated did not exceed the count of available licenses
- Download Software Update Packages:There are some instances where this is a timing issue with package servers or other processes and can resolve itself (Note: product is not real-time):
- Troubleshoot Agent to Site Server communications;
- View Altiris Agent and SMP Logs, and view IIS Logs on SMP to ensure clients are able to obtain data
- View Site Server Agent GUI and Logs; issue may be Site Server is out of sync as outlined in KM: HOWTO83906
- This can be one of many policies missing; check the Agent's ClientPolicy.xml to ensure all Patch Policies are targeting
- Ensure only one Default Software Update Plug-in Policy is targeting the client if the policy was cloned.
- Ignoring update schedule: Updates cannot be applied whilst in this state; client needs reboot
- Missing Inventories:
- Change the Windows System Assessment Scan to run 'Send Inventory Results Only If Changed'
- Troubleshoot further as outlined on KM: HOWTO60750
2. To resolve the less common issues:
- DNS: Resolve the DNS issue or change the Agent configuration to use IP Address instead of a name.
- IIS: IIS issues like having multiple versions registered or Verbs not associated to the Virtual directory
- IIS: In IIS, go to the Default Web Site > Altiris > InventoryRuleManagement > Agent > Properties > Directory Security Tab > Authentication and Access Control. Here, check the anonymous access check box.
- Missing Policies:
- Missing or corrupt Vendor Data: TECH189223
- Windows Patch Remediation Settings lacks targeted filter: HOWTO79488
- Verify that the upgrade policies for the Software Update Plug-in \ Symantec Management Agent are enabled and have a schedule defined other than ASAP.
- Caution: If there have been multiple agent upgrades and a schedule is not defined then subsequent upgrades may not happen.
- If nothing else has helped and it is a small number of computers remove the Agent and install it again, for it could be a problem with recent Agent upgrade deployment.
3. Disable the Maintenance Window, or the Schedule Window on the Default Software Update Plug-in Policy and run a single schedule on the Plug-in Policy.
Patch Management Solution for Windows 7.1 SP1, SP2, MP1 & 7.5