This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Win2019 Patch scan result not show on ZCC

My customer still use 2017 U4FTF1a who will plan upgrade next year..

recently, he response New install win2019 or upgraded (From2012R2 to 2019) the Patch Scan Result could not show on ZCC 

other OS (2012R2 /2016) seem work fine.

I testing again ...I find if this server manual install 2021-08 SSU (it seem last SSU) and 2022-08 CU patch , the reboot, the patch list show fine on ZCC.

But Customer use ZPM to scan and deliver patch ...could not use offline patch to patch to let ZPM patch show well.

Who has similar experience and could provide suggestion to me ??

Thanks!!

Wencheng

Tags:

Parents
  • 0

    Update:

          I find all patch been move to [include Disabled], I only select [include Disabled] , then all patches will list well.

    But even I could see the patch and update the cache...I try to deliver patch (for example 2021-08 SSU) and could select this device (Win2019) , When I complete patch deliver procedure..the patch still not been deliver...I check the Patch deliver bundle..the assigned device that I select Win2019 is empty...

  • 0   in reply to 

    Apply "Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112) (See Notes)"

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

  • 0 in reply to   

    manual install SSU to let patch to applicable and show fine...it work fine for 2016 now. it seem work fine for win2019 but it is several month ago. Now it is not work for win2019.

    I had tested manual install 2021-08 SSU....still same result.

    5 mins ago..I close a support chat...I show him about this issue and try to install 2021-08 ssu...get the same result (emply list when select "patched " and "not patched") , and only select "not applicable" or "included Disabled", this patch list will show well.

    Support check the state file...all patche records show "not applicable"

    Wencheng

  • 0   in reply to 

    You stated this....

    I testing again ...I find if this server manual install 2021-08 SSU (it seem last SSU) and 2022-08 CU patch , the reboot, the patch list show fine on ZCC.

    -

    That is 100% What I would expect.  Everything you said is Totally Expected.

    Everything AFTER 2021-04 Require a NEW SSU.....That includes the SSU ITSELF!!!!!

    The "Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112) (See Notes)" works as a Software Installer and not a Patch behind the scenes...so it can install without needing SSU updated.

    So you need to add ""Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112) (See Notes)" to your Policies.

    Until SSU is updated, then it is 100% true none of the Patches are applicable....INCLUDING SSUs.

    This is why you need to push out 

    "Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112) (See Notes)"

    as a software installer via the policy.

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

  • 0 in reply to   

    Hi Craig

      I have tested just installing SSU (except 2021-08 SSU, I have also tested SSU in other months) The device (Win2019) still does not display the patch list correctly (all the patch lists are placed in [not applicable] ] or [include Disabled])


      At present, the only test that can be displayed correctly in Win2017U4FTF1a is to manually install the 2022-08 CU with the installation (I have tested the CU of other months... no, only the 2022-08 CU)


       Simply installing the SSU itself can display the Patch list normally. At present, the test in Win2016 is normal and successful. In the past, it was also possible in Win2019. However, in the past two months, customers reported that this method is no longer available (the same is true for my Lab). )

    Customers use ZPM to replace WSUS or manually install patches such as CU. If they need to manually install CU in addition to SSU, or must install the latest CU (exceeding the policy scope set by the customer ==> Usually, the customer will delay the process for a quarter. patch delivery)...which would be inconvenient for customers and make ZPM less meaning

  • 0   in reply to 

    There is not any need for an "offline patch"

    They need to deploy "Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112)" on the Installers Tab of the policy.

    "2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112)" is NOT the patch they need to push.

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

  • 0 in reply to   

    Ifind it and set enable 

    then add it to Patch Policy to keep enable status.

    run subscription to merge DAU...Win2019 could detect this "Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112)" and show Patched is Yes.

    But other windows patch list still  show failed.

    PS: Customer install 2021-08 SSU (latest SSU) yet , then I enable  "Workaround - 2021-08 Servicing Stack Update for Windows Server 2019 x64 (KB5005112)" today , after reboot and scan again..get the same result

    Wencheng

  • 0 in reply to 

    Hi All

         After Case discuss, I provide some information:

    1. Workaround patchh as craig's explain , it resolve customer need provide ssu for CU's requirement. but these workaround usually disable ...so need manual enable it or them , them merge by using patch policy.

    2. About Win2019 , After 2017U4FTF1a Agent scan then import result to primary server but could not show correct patchlist. jit lm.Detection_64.exe /s problem...need replace lm.Detection_64.exe file....Engineer provide another file to place WIn2019....it work fine in my lab..I will test new file to production end on next week.

    Wencheng

Reply
  • 0 in reply to 

    Hi All

         After Case discuss, I provide some information:

    1. Workaround patchh as craig's explain , it resolve customer need provide ssu for CU's requirement. but these workaround usually disable ...so need manual enable it or them , them merge by using patch policy.

    2. About Win2019 , After 2017U4FTF1a Agent scan then import result to primary server but could not show correct patchlist. jit lm.Detection_64.exe /s problem...need replace lm.Detection_64.exe file....Engineer provide another file to place WIn2019....it work fine in my lab..I will test new file to production end on next week.

    Wencheng

Children
  • Suggested Answer

    0 in reply to 

    After replace another lm.Detection file (you must also replace them on primary Server, if you do not do it...it will recover by old.Deteection from primary server). it scan again then the patch list could show on ZCC well.

    Wencheng