Forum Replies Created
-
Posts
-
Thanks.
Thanks.
BP does not provide a way for you to customize the HTML grid export.
Please see BatchPatch Error: -102: Failed to execute the search. HRESULT -XXXXXXXXXX for more details on this error. We’ve had a handful of users report that installing Silverlight resolved the issue for them.
Modify it how?
I’m sorry to say I don’t understand you. Just check the boxes you want to include. Then perform the download and installation. Only updates with the classifications that you have checked will be downloaded/installed.
The “Search Preferences” checkboxes apply to only the search for updates.
The “Update Classification Filtering” checkboxes apply to only the download and installation of updates.
When you use ‘Check for available updates’ it will search based only on the “Search Preferences.” This means that you will see all different types of updates listed as available for the target computer. However, if you then go to actually perform the download/installation, only the updates that have the classifications that you have ticked/checked/selected will be downloaded and installed. So if you have ONLY “Security Updates” checked, then only updates with the classification ‘Security Updates’ will be downloaded and installed.
Very peculiar. I would try adding the IP address directly as a row in BP. Also try adding the FQDN (e.g. “Timson2-ACX.yourdomain.com” instead of just “Timson2-ACX”). See if either of those works.
First make sure that the update is visible/available when you check for available updates. If the update is not in the list of available updates, then BP won’t install it because BP won’t know about it. So, if you have used ‘Check for available updates’ and you see that the update is in the list, then BP can install it. You have to select ‘Include “Upgrades”‘ under ‘Tools > Settings > Windows Update’ in order for that update to be included during a download/install operation. Also, in general, if you look in the ‘Remote Agent Log’ column after a download/installation attempt, you can see all the details for if a particular update was skipped, and why it was skipped. If it simply does not appear at all, then it is not being offered to the computer in the first place. In that case, check your WSUS to make sure the update is approved for installation. If you are not using WSUS, make sure that you don’t have any update deferral policy or Windows Update setting in place that would prevent you from seeing a feature update.
is there a way to have BatchPatch try and install any pending updates
I’m not really sure what you mean here. BatchPatch installs Windows Updates. That’s what it does.
Or if BatchPatch is done (with the download + Install + Reboot) is Windows up to date and the errors on older cumulative updates irrelevant?
BatchPatch can report which updates are available to download/install for a given target computer, and BatchPatch can download/install those updates. If BatchPatch is reporting that there are no available updates… then it means that based on your current settings/configuration/filters, and based on what your WSUS has approved for installation, there are no available updates for the target computer. In general, with Windows, if you do not install a cumulative update for one month, but then you install the next month’s cumulative update, there would no longer be a need to install the previous month’s missed cumulative update, and under most circumstances BatchPatch would not report that previous month’s cumulative update as available for installation. If BP is reporting it as available/needed, then that means Windows is reporting is as available/needed.
Windows update installation filters that can affect what BatchPatch finds as available and what BatchPatch downloads/installs:
Have a look at the details printed in the ‘Remote Agent Log’ column. You can also view this info in the BatchPatch.log file in the remote working directory on the target computer (default location is C:\Program Files\BatchPatch\BatchPatch.log). This will show the details of what installed successfully and what didn’t. Normally if some updates are successfully installed but others fail, then BatchPatch reports “Succeeded with errors” not “Succeeded” and not “Success”. If BP reported “Succeeded” or “Success” without mentioning any errors, then probably what you are seeing on the computer is not related to the work that BP performed.
This will be fixed in the next release. In the meantime you can avoid that issue by launching the queue differently. Go into the Job Queue window, select the desired queue, and then select ‘Execute now.’ The confirmation window that appears will not contain the entire queue contents, so it will fit on the screen without issues.
Thanks for the feedback and suggestions.
Yes. In the grid synchronizations window there is an option in the lower-right corner to ‘Exclude hosts from synchronizations’
Host names included in the exclusions list will be excluded from synchronizations executed for the current BatchPatch grid.
This means that if a host name exists in an OU or group that is linked to the current BatchPatch grid, and if the host name is also included in the exclusions list, then that host name will be ignored during synchronizations. It will not be added to the BatchPatch grid.
Similarly, if the host name exists in the current BatchPatch grid, and if the host name is included in the exclusions list, then that host name will be ignored during synchronizations. It will not be removed from the BatchPatch grid.
Yes, you can use the ‘Row Template Configurator’ for that.
You found a bug. Thank you for reporting this. We will have all four of those job queue items fixed in the next release.
In the meantime we have a few custom script integration examples posted at the following links. These examples are written in vbscript, not powershell, but they might help give you some ideas for how you could accomplish your goal. For example if you want to have the job queue check for file existence or file version on a file that is currently failing due to the parenthesis bug/issue you described above, you could use a script that checks for the existence of the file and then returns 0 or 1 depending on whether or not it finds the file. Then in BatchPatch you could create a Deployment job to execute the script, and then insert that Deployment job in the Job Queue right before using the step ‘If previous action failed/errored (returned non-0), goto label:X’ or ‘If previous action was successful (returned 0), goto label:X’
https://batchpatch.com/advanced-script-integration-with-batchpatch
https://batchpatch.com/advanced-script-integration-with-batchpatch-part-2
My guess is that probably when you modified the XML directly the issue was created due to line breaks or spaces. Either you accidentally created a space or line break without realizing, or your text editor uses a different line break format than what BatchPatch is anticipating, causing things to appear correct to you as the viewer, but in the actual data of the text file it’s coded differently (for example ‘\n’ vs ‘\r\n’).
I would suggest that instead of creating a brand new job queue from scratch, you simply use your existing job queue as a template for the new queue. So if you go into the job queue window and load your saved queue by double-clicking the saved queue in the list of saved queues (or by clicking the double-left-arrow), you can then give it a new title, and you can replace just the specific steps/lines that you care to replace. Then save it. This way the old queue will still be there, and now the new queue will also exist. This should be quicker than exporting to XML, modifying, importing. And it will also ensure that things work properly in the new queue.
Thanks for the suggestion. Indeed it’s something that we have considered, but there are some significant concerns that it raises with regard to permissions and security, so I don’t know if it’s something that we will implement in the future or not. There likely isn’t a “safe” way to do it, as the executing user will still ultimately have local admin permission on all target computers.
Oh ok, so you mean the column name is ‘Host’ but the variable name is $computer, not $host? Yeah, I can’t remember off the top of my head why we did this, but I think there was a good reason for it. I’ll follow up with the team to see if we can add an alias for $host, but I’m not sure if it will be doable or not.
$notes2 works for the ‘Notes2’ column in the same way that $notes works for the ‘Notes’ column. I’m not quite sure what you mean when you say “$notes2 just outputted 2”.
The icons used on the toolstrip can not be customized. There is a different icon for ‘local command’, ‘remote command’, ‘remote command (logged output)’ etc, but if you have two of the same type of command they cannot currently have different icons. We have been discussing adding the ability to customize per command, but it’s not currently possible, and I’m not sure if/when it will become possible. One thing you can do now that help eliminate the confusion is use ALT-LeftClick drag to move icons around on the toolstrip, so that you can customize the order of icons however you want. This way you can separate the buttons to help eliminate the confusion of having two same icons right next to each other.
Deployment, Remote Command, and Local Command all support $notes, $notes2, $description, $category, and $location in addition to $computer
When you say “Tried $notes however it’s not standardised as BP that pulls hosts across as $computer” I’m not quite sure what you mean.
-Doug
I think you are correct that the only release channels for “Security Only” updates for .NET are the Microsoft Update Catalog and Windows Server Update Services (WSUS). SCCM gets these updates because SCCM is installed with and uses its own WSUS. To get these updates with BatchPatch you have two options.
1. Install a WSUS to use in conjunction with BatchPatch. BatchPatch can utilize any existing WSUS *except* for a WSUS that is currently in use with SCCM. This is because SCCM basically completely takes over the WSUS, so it can no longer be used as a standard stand-alone WSUS. However, you can install a new WSUS, if desired, and you can use that with BatchPatch. The problem with this approach is that if you are already using SCCM, your computers are going to be pointed to it in group policy, and to then have your computers utilize the separate WSUS just for ‘spot cleanups’ would require you to modify the group policy (or the underlying registry values) temporarily on those computers. This probably isn’t the greatest approach.
2. You can manually download the desired updates from the Microsoft Update Catalog, and then using the BatchPatch ‘Deployment’ feature you can easily deploy those updates to the target computers as needed. This is what I would recommend, and you can use the following two tutorials to see how it’s done:
Remotely Deploy a Standalone .MSU Update to Multiple Computers
Remotely Install Multiple .MSU Files (or .MSI and .MSP files) to Numerous Computers
Considering that you can see the IP in the ‘ping reply’ column when you ping a host, and that you can enter an IP directly into the host column if desired, could you elaborate on why it would be beneficial to have an additional column that displays the IP? What is your use case?
Also btw fyi you can put the following syntax into either a BatchPatch ‘local command’ or into a BatchPatch ‘remote command (logged output)’ to get the result as well:
powershell.exe "Test-Connection -ComputerName $computer -Count 1 | Select IPV4Address"Thanks.
No need to send a screenshot. We understand the behavior. It’s not a bug, per se, but we do understand why it’s not optimal, and we’re considering ways to improve the experience and give the user the ability to update the queue with changes that are made outside of the queue, such as to a deployment like you have done.
Thanks.
The account that is used to launch BatchPatch will be the account that launches the process on the target computer unless you specify alternate credentials for the row in BatchPatch under ‘Actions > Specify alternate credentials’ in which case those alternate credentials will be used to launch the remote process.
To execute a remote process where the exe already exists on the target computer, you can create a remote command ‘Actions > Execute remote process/command’ > Create/modify remote command 1′ with the following syntax. In this example notepad.exe will be executed. You’ll see it appear in the Task Manager processes list:
"C:\WINDOWS\system32\notepad.exe"For installing an agent on target computers, I would generally recommend that you create a BatchPatch deployment. There are many examples posted here: BatchPatch Software Deployment
-Doug
Thanks for sharing!
We have no plans to remove the wuauclt.exe commands in the near future because we still have many users who use those commands for their older operating systems.
We talk about usoclient for Windows 10/2016/2019 in this blog posting from Nov 2017.
We have a built-in usoclient command under ‘Actions > Windows updates > usoclient.exe startscan‘. This is the only usoclient.exe command that we have found to have any real value, as of yet, so it’s the only one that we have included. You are certainly welcomed to add your own additional ones. And if you think that any other usoclient commands are useful/valuable, we’d love to hear how and why, so please feel free to explain. It’s certainly possible that you know something that we don’t, and we make adjustments to the software all the time based on customer feedback.
However, we also make BatchPatch customizable so that it can be tweaked by the end-user because not all users have the same needs and desires, obviously. If you think there is a particular command that is not currently included out-of-box but should be included, let us know. If we think it’s a command that many users would find valuable, then we will add it. If not, then you can simply add it to your own BP installation.
You can hard-code your own remote commands as explained at the following link. Once you have added a command, it appears in the BatchPatch menu just like out-of-the-box commands do, so you don’t need to add it every time you launch the app: How to Hard-Code Your Own Custom Commands in the BatchPatch Actions Menu
1. The saved queues are ordered by clicking on the column headers. You can order alphabetically by ‘Title’ or by ‘Queue’
2. We’ll fix this. Thanks.
I just treat the BP system independently of all other systems. I don’t touch the BP system until everything else has been patched. Once everything else has been completely patched and rebooted, then I use BP to patch the BP system. I then manually reboot it.
No. If you reboot the system that BP is running on you will kill everything that is currently happening in BP. Nothing will automatically resume after the machine comes back up. Using BP to reboot the BP machine is not a great idea. Also, depending on which method you use to initiate the reboot, and depending on which OS is running on the BP system, Windows will in most cases prevent the self-reboot from occurring in the first place.