[doug]

ERROR_PATH_NOT_FOUND



3 (0x3)



The system cannot find the path specified.

---

It’s unclear to me what would cause windows to throw this error. I would suggest that you start by going through the steps under the ‘Windows Update’ section on the troubleshooting guide here:

https://batchpatch.com/batchpatch-troubleshooting-guide

-Doug

[doug]

Running a batch file is unnecessary. You can simply deploy the .exe file directly using the BatchPatch deployment feature and adding the appropriate silent installation switch. If you want to include a pop-up notification to the user, then I would add a custom remote command in BP with the following syntax:

MSG * "This is the message text"

You can then create a job queue with the deployment as step 1 and the custom remote command message as step 2.

However, if you are set on using a batch file instead for whatever reason, it will not work the way that you are trying to do it. The following link explains how you would have to modify your deployment to make it work.

https://batchpatch.com/deploying-a-script-with-relative-instead-of-absolute-paths

-Doug

[doug]

Yes. The service runner requires local admin privileges.

-Doug

[doug]

Note you can also use the ‘send message’ menu item under ‘Actions’ to notify the users with a popup message.

[doug]

Robert – ‘Cached mode’ *plus* ‘offline mode’ delivers just security updates. ‘Cached mode’ *without* ‘offline mode’ delivers all classifications of updates.

‘Offline mode’ is only recommended for segregated networks that have zero direct access to the internet and zero access to a single computer that has access to the internet. For your situation it sounds like you probably should not be using offline mode and should just use cached mode (or potentially not even use cached mode at all, depending on your requirements).

More on WSUS and group policy with BatchPatch here:

https://batchpatch.com/batchpatch-integration-with-wsus-and-group-policy

More on cached mode and offline updates options/configurations here:

https://batchpatch.com/cached-mode-and-offline-updates

[doug]

James_K – Perhaps it depends on the format that you download the update in. The update that I downloaded from Microsoft’s site is “WindowsXP-KB4012598-x86-Custom-ENU.exe” and when I run it at the cmd prompt with the /? as ” WindowsXP-KB4012598-x86-Custom-ENU.exe /? “switch, I am shown all of the available switches on the installer. In this case it says that it supports the /quiet switch but it but it does not make mention of /M /Q. I don’t have any XP computers here to install it on as a test.

booster – Thank for the info. I think when the patch was first released people were not seeing it appear yet in WSUS or through Windows Update, hence why they needed to download and distribute the offline installer.

-Doug

[doug]

This is already an available feature in the application. Go to ‘ Actions > Windows Updates > Generate consolidated report of update history ‘ From there you have two options. You may enter the KB number or update title into the ‘Filter by title (include)’ section, or you may run the report for all installed updates with no filter. If you run the report for ALL updates, then when you get the results list you would simply sort by update title or KB number to see which machines do not have it. If you run the report to JUST include the particular update in question, then you’ll have your answer that way too.

-Doug

[doug]

BatchPatch has a deployment feature that lets you deploy exe, msi, msp, msu, vbs, ps1, and more. I just downloaded the XP patch from Microsoft, and it’s in exe format. In this case you probably would need to add the /quiet switch in the deployment parameters.

There are numerous tutorials for deploying exe files to remote computers here: BatchPatch Software Deployment

[doug]

Thank you for the suggestion. We will consider this for a future build. In the meantime you can add almost any custom ‘get’ command that you want by using the ‘Get information’ user-defined commands under ‘Actions > Get info > Create/modify’

These two commands will give you CPU info and disk space, respectively:

WMIC CPU get name, caption, maxclockspeed, systemname

WMIC PATH Win32_LogicalDisk where "drivetype=3" GET deviceid, volumename, freespace, size

There are numerous other command examples displayed in the ‘help’ section of the ‘Create / modify’ window. I hope this helps.

-Doug

[doug]

Thanks for the info, Booster. I’m sorry that you had to experience such crashing. We’ll see what we can do to address this, likely in the next release.

-Doug

[doug]

Most likely yes that will break BatchPatch. I would suggest you test it and see.

-Doug

[doug]

Regarding question number 1:

I don’t see any obvious issues. I don’t know what your textual filter was set to, but according to the remote agent log there are two important things to note:

1. In the section that says “::Begin filtering collection,” updates are skipped there because “Reason: Update not in ‘IncludeSpecificUpdatesList'” which means that your textual filter did not include the update.

2. In the section that says “::Begin adding downloaded items to installer collection,” updates are skipped there because they were not downloaded yet. For this action you chose ‘Install downloaded updates’ which will only install updates that had already been downloaded to the computer. These updates were never downloaded, and so they could not be installed with ‘Install downloaded updates.’ They would need to be installed with ‘Download and install updates.’

---

Regarding question number 2:

‘::Begin offline search’ indicates that you chose the action ‘Install downloaded updates.’ This is NOT the same as when ‘offline mode’ is enabled in BatchPatch. The ‘Install downloaded updates’ search is performed ‘offline’ because BatchPatch searches the target computer (*not* the WSUS server and *not* Microsoft’s Windows Update server) to see which updates it already/previously downloaded.

When ‘offline mode’ is used the remote agent log instead says “::Begin ‘offline sync service’ search.”

[doug]

The error that you received is:

0x80072EE2 -2147012894 ERROR_INTERNET_TIMEOUT The request has timed out.

This means that the target computer is having problems connecting to the WSUS server. Is this the only computer that produces this error? Do you have a proxy in your environment? This error could be due to a proxy issue. If you are using a proxy in your environment, then that’s probably the reason. Please review the following link to see how to resolve proxy issues:

Using BatchPatch with an Enterprise Web Proxy

-Doug

[doug]

I would suggest starting with these pages:

https://en.wikipedia.org/wiki/DCE/RPC

http://wiki.wireshark.org/DCE/RPC

[doug]

Opening those ports is not sufficient. WMI, which is one of the protocols used by BatchPatch, relies on dynamic port configuration for its connections, which means that the actual ports used for a given connection are established on-the-fly at the time of connection. Each connection will end up using different ports. You would additionally need to modify your network/hardware firewall to enable/allow DCE/RPC. More info here:

BatchPatch Port Requirements

-Doug

[doug]

Thanks, Mats. We’ll consider how to incorporate this in a future version.

-Doug

[doug]

We have unfortunately not had any success delivering this update through BatchPatch in a standalone configuration. I believe it may/should work if you are delivering the update through WSUS, but if there is no WSUS it does not seem to work at all.

-Doug

[doug]

Thanks for the suggestion, Mats. We will consider this for a future build. Do you happen to have a saved .bps file from a previous run from last month? That file would likely contain the IPs, right?

-Doug

[doug]

Generally speaking, a reboot shouldn’t really ever be required. As for some kind of “smother” way to kill processes, BP can only currently do this for processes it knows about such as for the Windows Update menu actions that are built-in to BP. But when you execute custom commands and/or processes, BP doesn’t really know what exactly it would need to be killing. You can certainly use BP to kill remote processes by name, but you would have to insert the names yourself.

[doug]

The issue that you are describing sounds like BatchPatch was not the cause of the problem but rather was a symptom of an issue that occurred with the operating system. This is why you had to reboot the system to get things working again.

-Doug

[doug]

The cache does not have any kind of built-in cleaning routine. You can manually clean the cache by simply deleting all of the cache folder contents. If you want to setup a task to do it, then you could use a BatchPatch ‘local command’ under ‘Actions > Local process/command > Create/modify local commands’ such as this, substituting the path to your cache directory:

cmd.exe /C del "F:Some FolderBatchPatch_Cache" /Q

Then just create a scheduled task to execute the local command at the desired time.

-Doug

[doug]

You said “I want batchpatch to run a script against each machine I’ve loaded into batchpatch and this script will not be executed from within the list of machines.”

I don’t understand what you mean when you say “this script will not be executed from within the list of machines.”

There are two ways that BatchPatch can be used to execute a script against a target computer.

1. BatchPatch can be used to deploy a script to a target computer and have that script run on the target computer. For this you would follow the normal deployment process, but the item that you are deploying is a script, not an installation package. There are numerous examples at Software Deployment. There is also a script being deployed as part of this tutorial: Install Windows Updates Only If Sufficient Space Is Detected On Target C Drive

2. BatchPatch can be used to execute a local script on the BatchPatch computer, but you can feed the target computer name into the script, so that the script can operate against the target computer without actually running directly on the target computer. In this case you use a Local command in BatchPatch with the $computer variable used to send the host name into the script as a parameter. An example of this is illustrated inside the following tutorial: Advanced Script Integration with BatchPatch

[doug]

Excellent. Thank you for following up. I’m glad you got it working!

-Doug

[doug]

0x8007000E -2147024882 E_OUTOFMEMORY

I’ve never seen this error before, but note that it is a Windows Update error code. It seems that the Windows Update service does not have enough free memory to perform the check for updates.

-Doug

[doug]

Hugo – The ‘copy file/folder’ works fine with 2016 targets. We have no problems with the functionality here and no customer has ever reported any similar issues before. If you need further assistance troubleshooting this issue, I would suggest that you please email us so that we can trade screenshots more easily. At the moment it is unclear to me what might be going wrong in your case. If you are only having issues with just a 2016 machine, it would seem to imply that there is something with that particular machine’s setup or configuration or permissions that could be the cause of the problem. The fact that the OS is 2016 should have no effect/impact.

Thanks,

Doug

[doug]

This is related to the user account and permissions. I have never seen this particular HRESULT before… is it really 2147022987 or is it actually -2147022987 ? Makes a huge difference when you leave out the negative. I suspect it’s the latter with the negative, which translates to 80070775 for Windows and according to some googling would appear to mean that the user account is locked out or something else related to the user account not being active or permissioned properly.

-Doug

[doug]

Error -198 comes with an HRESULT value. The HRESULT is the value that tells us what the actual reason for the failure is. So, without knowing for sure what the reason is, the fix is harder to determine. However, generally speaking the -198 error usually means that there is a problem with the WsusScn2.cab file. One of the possible problems with this file could be that it is missing a valid signature. You can look at the WsusScn2.cab file in your BatchPatch cache folder to see if has a valid signature. Simply right click on the file and view the properties. In the properties there will be a tab titled “Digital Signatures.” If this tab does not exist, then there is no digital signature on the file. If the tab exists but the signature is bad, then it will tell you that. Either of those situations will cause the -198 error to occur. The signature is not being lost during the file copy on your network. It’s just not on the file in the first place. This is why you need to re-download the file and make sure it has a signature.

If you want a way to auto-redownload and verify signature, BatchPatch can do that. However, in the current version it only does it in one part of the app, which is not the part of the app that you previously used to download it. If you use ‘Tools > Download offline updates repository’ and then check one box from each section in the window that it presents, it will download the WsusScn2.cab file and verify the signature before continuing. Once it downloads successfully you can just quit the window so that it doesn’t do anything else. If it cannot validate the signature it will redo the download until it gets a good file. This way you can just let it keep looping on its own until it gets a good download. Alternatively you can manually download the file from Microsoft using this link: http://go.microsoft.com/fwlink/?LinkId=76054 and then manually check the file properties to make sure there is a valid signature.

In the next version of BatchPatch the other areas of the software that download the WsusScn2.cab file will also validate the signature, but in the current version they don’t do that. They just verify that the download completes successfully, which is unfortunately not enough because it seems that Microsoft is sometimes posting WsusScn2.cab files that do not contain valid signatures. We have been seeing this occur occasionally for the past 6 months. Prior to that it never happened before, which is why the other areas of the app were never written to validate the signature. It was never necessary in the past because simply validating that the download was successful was enough. However, starting about 6 months ago we started seeing Microsoft sometimes have unsigned files on their servers, and so we now need to also verify the signature to make sure it’s good. In our experience, when you repeatedly download the file you will eventually connect to a server that has a signed file.

-Doug

[doug]

Mike – I replied to your email.

-Doug

[doug]

I just tested the same and did not have any problems. My first suggestion to you would be to re-create your grid using the BP GUI. If you have modified the .bps file in a text editor, that might be the cause of the problem.

-Doug

[doug]

This likely means that WMI is broken on the target computers. I would suggest having a look at the following articles for troubleshooting:

WMI Troubleshooting:

https://msdn.microsoft.com/en-us/library/aa394603(v=vs.85).aspx

This fix might work for you too:

http://mikeymurph.me/fix-wmi-service-error/

This fix might also work for you too:

https://www.veritas.com/support/en_US/article.000005356

[Author]

Posts