IT Management Suite

Hi,

I have an odd situation with patch. I have done a patch run and some of the clients have done the patch install run and rebooted and are showing the patches installed in the agent, but the server shows these patches as being required and that a reboot is pending - and the patches don't get cleared down from the client. Rebooting, rescanning, disabling/re-enabling the policy etc. doesn't clear this and I can find no reboot pending flags in the registry of the clients. So this seems to be a server issue. Any thoughts as to how I find and clear this?

Thanks in advance

Hi Hannah - I would check the Event Queue on your Notification Server and make sure that NSEs are not backed up. (C:\ProgramData\Symantec\SMP\EventQueue\EvtQueue). You can go to Resource Manager for that computer in the console and then View > Inventory, navigate to Data Classes > Software Management > Patch Management > both the data classes in that folder, and then the Status tab to see the dates to see if they are updating (comes from the Windows System Assessment Scans). 

I would also set the year in Release Date From on your compliance by computer report back to 2000 (oldest bulletin is 11/2021 in our feed) and see if any older updates are missing. 

If either of those doesn't help, if you open a support case we would be glad to help troubleshoot further. 

Hi Chris, 

Queues were backed up. Didn't think or expect that. Result of suspending the VM running the SMP. All good now.

Thanks

Hannah