Windows patch analysis job reports a patch as installed but it is not found on the target. Why is this? For example, a patch (KB3109094) is reported as installed on a windows server 2012 target by patch analysis job but the patch is not found on the server. Or Windows patch analysis job reports a patch as missing but remediation job fails with 'Not applicable' error (ReturnCode=-2145124329) |
If the windows patch analysis result seems inaccurate, the best approach would be to run DPDTrace on the problem target to get the detailed trace then open a case with BMC customer support with the trace log. Please download and use DPDTrace GUI tool from the following link: https://forums.ivanti.com/s/article/DPDTrace-GUI-Tool-Used-to-troubleshoot-patch-detection-issues NOTE: - select "9.3.2708" in 'OEM Version' - you would need to manually place & 'WindowsPatchData.zip' in 'DataFiles' folder as suggested in the above link (In case the target server does not have access to the internet) The DPDTrace result (xml file or hfcli log) may show the patch to be effectively installed as below. [20180601151521-wsapp2253-TR.xml] <Item Class="Patch" BulletinID="MS15-135" SQNumber="Q3109094" Superseded="false" PatchName="Windows8.1-2012-R2-KB3109094-x64.msu" Applicable="false" Status="Effectively Installed" Reason="Patch does not apply under the current configuration but may apply if some option is turned on."/>... |