- This topic has 4 replies, 2 voices, and was last updated 5 years, 9 months ago by .
-
Posts
-
Why does batchpatch download unrequested updates, even though the settings states that classifications apply to DOWNLOADS and INSTALLATION
Had the correct updates installed, but more than we needed downloaded.
Please see below
What server downloaded
1> Update for Windows Server 2012 R2 (KB4339284) (660 KB) (2018-07-24) – Update Rollups
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4339284
2> Update for Windows Server 2012 R2 (KB4462901) (652 KB) (2018-10-18) – Update Rollups
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4462901
3> Update for Windows Server 2012 R2 (KB4468323) (651 KB) (2018-11-27) – Update Rollups
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4468323
4> Update for Microsoft Silverlight (KB4481252) (12 MB) (2019-01-15) – Update Rollups
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-FALSE)
http://support.microsoft.com/kb/4481252
5> Windows Malicious Software Removal Tool x64 – February 2019 (KB890830) (42 MB) (2019-02-12) – Update Rollups
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/890830
6> 2019-02 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4487123) (5 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487123
7> 2019-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4487080) (76 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487080
8> 2019-02 Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 for x64-based systems (KB4486474) (54 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4486474
9> 2019-02 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4487028) (24 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487028
10> 2019-02 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4487000) (367 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487000
What server installed
6> 2019-02 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4487123) (5 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487123
7> 2019-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4487080) (76 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487080
8> 2019-02 Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 for x64-based systems (KB4486474) (54 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4486474
9> 2019-02 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4487028) (24 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
http://support.microsoft.com/kb/4487028
10> 2019-02 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4487000) (367 MB) (2019-02-12) – Security Updates
(Type-SoftwareUpdate | Downloaded-TRUE | RebootRequired-MAYBE)
Are you sure that BatchPatch is what downloaded the updates in question? The log snippets you provided show that the updates were downloaded on the server, but they don’t show that BatchPatch was responsible for downloading them. For that matter your log snippet doesn’t even show that BatchPatch installed them. Can you provide the complete log that backs up your assertion? I’d like to see the log that shows the entire filter + download + install operation. Also what version of BP are you using? Version number is displayed under ‘Help > About’
The update classification filters are applied by the batchpatchremoteagent process that runs on the target computer. In normal (non-cached) mode, the target computer is responsible for downloading/installing updates, and since the update classification filters process runs on the target computer, update classifications that are UNchecked do not get downloaded or installed. However, in cached mode the BatchPatch computer is responsible for downloading the updates. It downloads all of the updates found in the search, even if they are UNchecked in the update classification filters. The BatchPatch computer then copies these files to the target computer’s BatchPatch remote working directory cache folder. Then the target computer processes everything according to the filtering that has been applied, and so it sees that the files are filtered by the update classification filters being UNchecked, and so the target computer does not copy the files from the BatchPatch remote working directory cache folder to the Windows Update cache folder. So, to the Windows Update agent, the files never get a status of ‘Downloaded-TRUE’. They are effectively never “downloaded” by the target computer. So to reiterate how the process works, the BatchPatch computer puts the files on the target computer into the BatchPatch remote working cache directory, and then the target computer performs a scan and only runs the copy to cache (this method copies files from the BatchPatch remote working directory cache folder to the Windows Update cache folder) for updates that are included (or NOT excluded) by the filter. We are aware of this behavior. We need to modify it to either not copy files to the target that will never be cached on the target, or to delete files on the target (in the remote working dir cache folder. default is C:Program FilesBatchPatchcache) that were copied there but were not cached into the Windows Update cache location (in C:WindowsSoftwareDistribution) due to being excluded by the filter.
In the log that you shared we can see a status of ‘Downloaded-TRUE’ for *all* of the updates, even the ones that should be excluded by your update classification filters set. This means that either you downloaded *all* of the updates on that machine prior to the session that you created to obtain the log file by using BatchPatch *without* UNchecking the update classifications filters, or you had a different process perform the download of updates, and so the BatchPatch filters were not observed by that other process. The log that you pasted does not show BatchPatch running copy to cache for the files that would be excluded by having the update classification filters UNchecked. Rather it shows the files *already* have a status of ‘Downloaded-TRUE’ before the log you included was created.
All that said, everything appears to be working properly, based on what you have shown me, and based on my testing here to confirm that the behavior is what I described. I realize that it’s not completely what one would expect to have happen, considering the language about “applies only to download / installation” but in reality the “applies only to download / installation” is from the perspective of the target computer remote agent, not from the BatchPatch computer. When running in cached mode things are a bit different, and so you’ll see the BatchPatch computer download updates that are UNchecked in the update classification filters, but when they go for processing on the target computer, the target computer excludes them properly and never caches them (never copies them from the BatchPatch cache folder to the Windows Update cache folder) and hence they never obtain a status of ‘Downloaded-TRUE’ as a result of a BatchPatch action, unless the BatchPatch action is executed with filters applied that do enable the updates to be copied to the Windows Update cache. In your case I can’t tell you how the updates got to a point where status would show ‘Downloaded-TRUE’. I can only tell you that it was not due to BatchPatch unless at an earlier time you ran BatchPatch with the update classification boxes *checked* for the updates in question, and then you subsequently unchecked the boxes at a later time to run the action that produced the logs that you shared.
You asked “A second question: When using offline mode, the client computers create their own download lists for use by the Batchpatch server, for the purpose of downloading updates:
C:Program FilesBatchPatchBatchPatch.log
C:Program FilesBatchPatchBatchPatchTempAvailableUpdates.log
My question is, do these lists get amalgamated on the Batchpatch server somewhere? Or does Batchpatch reach out to each client to check the contents of these lists prior to downloading require updates”
The two files that you mentioned are not “download lists for use by the Batchpatch server, for the purpose of downloading updates.” BatchPatch instructs the target computer batchpatchremoteagent process to create these files, and then BatchPatch consumes these files for a variety of purposes.
For any further questions on this matter, please contact us directly for support.
- You must be logged in to reply to this topic.