ZAC PS and ZAC PAP Installing Patches

I noticed that my servers weren't updating and logging a "reboot is needed" message. It appears that the devices are no longer downloading and installing patches. I tried manually running ZAC PS and ZAC PAP, but it doesn't seem to do anything. The only way to make them compliant is to manually run Windows updates, reboot and run another ZAC PS. Where I should I start looking to trouble shoot this?

  • 0  

    Based on your description...It sounds like your servers needed a reboot.   Reboots are required after applying many patches.  Attempts to apply future patches w/o a reboot could be disastrous as "Pending File Reboot" actions could backdate and create a huge mismatch.  I would recommend looking at your Server Maintenance schedule to ensure reboots after patching and perhaps even before in case there are pending reboots since servers likely get restarted very rarely....unlike desktops.

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

  • 0 in reply to   

    Sorry I should have clarified that I did reboot, execute a ZAC PS and waited a bit to see if ZCC would report the update as installed prior to manually running Windows updates. That is the process I've followed for years and never had an issue. This is the firstt time I recall the patches not already being installed and ready for a reboot and why I posted this comment. I typically would see a message in ZCC for the server that a reboot was required, but I wasn't seeing that. The patch policy had been rebuilt and was showing the latest October patches prior to doing any of this as well.

  • 0   in reply to 

    Instead of "ZAC PS" try running "ZAC PS --Complete"

    This will also ensure the proper "DAU" has run.  I'm less confident that will fix your issue but I think it may.  If it does help, then you may or may not need to look at your DAU schedule.

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

  • 0 in reply to   

    I've ran zac ps --complete, zac pap, zac ref bypasscache, rebooted, and nothing seems to help with pushing the latest patch policy. The server I'm currently looking at shows only one patch (an old .net one from Nov 2019) as missing when I run ZAC PLP. The assigned patch policy shows the latest updates as part of it in ZCC and the device shows it has the latest version of the patch policy assigned to in the Technician Application view.

    After scouring ZCC logs, it looks like ZPM stopped getting new logs for my devices a little over a month ago so I'm guessing something got borked at that time......

  • 0   in reply to 

    What Server OS?  What is the last "Cumulative Update that was applied?  Sometimes Patches have system requirements such as "Servicing Stack Updates"....So if those are not part of your policies....They may not be seen as needed, but your other patches will not apply until they are pushed.

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks