[doug]

Well, it’s all relative. 70% of 0 is 0. But 70% of 64GB is ~45GB. So the real question is how much absolute memory is available, not how much percentage is available. I don’t know if adjusting the page file would have any impact or not because 32-bit systems only have a max of 4GB of addressable memory, and the OS is going to be using most of that, and it’s not really clear what’s happening under the hood with the Windows Update Agent that would cause the out of memory error to occur in the first place, and I don’t know the current size of your paging file or if it would change the outcome of what you’re encountering. As for producing reports, I hear ya. You can still see the history report under ‘Actions > Windows update > Generate consolidated report of update history’ so maybe that helps. But also try doing a fresh reboot of a target system and then immediately scanning after it comes back online, and see if that does the trick. Or try evaluating if there are any other RAM hogs that can be killed before doing the scan for updates. Etc.

[doug]

The error is: 0x8007000E -2147024882 E_OUTOFMEMORY

If these 32-bit computers are memory-constrained then you could see if rebooting one and then immediately performing the scan right after that works (before memory gets hogged by anything else on the machines). However, that might not be a sustainable practice.

As a workaround I would suggest that since you are able to manually install the updates directly… just use the BatchPatch ‘Deploy’ feature to deploy those .msi files directly to target computers. This way you can still do it all quickly, and it avoids the scan process that is failing due to lack of available memory.

The offline WsusScn2.cab file is different each month, and it’s possible that each month it has different memory requirements to run. However, it’s also possible that the target OS memory usage increased after applying Windows updates a few months ago. Or maybe you installed some other app on those target systems a few months ago that increased their memory usage? Another option then might be to manually kill apps that are hogging memory before you do the monthly patching.

[doug]

Please see here: https://batchpatch.com/batchpatch-error-198-failed-to-add-scan-package-service-hresult-xxxxxxxxxx

[doug]

This is a little confusing to me because on the one hand you’re saying that you “use it a lot,” but on the other hand you’re saying it doesn’t work at all. If it doesn’t work, how could you be using it a lot?

As a start, you said you’re using “check if process is running” while then referring to just the *service* status after that, as opposed to *process* status. A service effectively is indeed just a running process, but I suspect you are mixing up service names with process names. If you use “check if process is running” then you’ll need to identify the name of the *process* that you want to check for. This is usually not the same as the name of the corresponding *service* that’s running the process.

[doug]

Disabling won’t stop a ‘copy file/folder’ job. You’ll need to close the application altogether. We’ll look at adding functionality for stop/cancel in a future version.

[doug]

For now you can create a remote command and add that to your job queue. The syntax of the command would be:

TASKKILL /F /IM "hungProcess.exe"

[doug]

I would suggest you follow all of the steps and links outlined at Troubleshooting Common Errors in BatchPatch

[doug]

@all – The error you’re getting is because BatchPatch is not getting a response to WMI queries against the target computer.

[doug]

The same info that I posted previously still applies. When BatchPatch executes a remote command with logged output (or a user-defined ‘Get info’ command) it will log the output to a file (BatchPatchRemoteProcessOutputXXXXXXXXX.log) in the remote working directory on the target computer. A BatchPatch deployment with ‘Retrieve console output’ enabled will log to a file (BatchPatchDeploymentOutputXXXXXXXXX.log) in the BatchPatch deployment remote working directory. Each command will log to a unique file (the XXXXXXXXX is a random number that’s appended to the file name, so each new command that is executed from BP gets a new random number assigned, which means that each new command gets a new log file created).

The content of logged output is limited to the output that a particular command produces. So for any normal/typical command, the output is tiny. The command runs on the target computer, the output of the command is sent to the .log file. When the command completes, BatchPatch reads the contents of the .log file and then deletes it.

If the .log file is excessively large then it indicates that one of the commands that you executed produced a massive output. I can’t imagine any command producing 66GB of output unless it contained an infinite loop, but perhaps there could be some other weird edge case problematic command that doesn’t contain a loop but instead just somehow creates 66GB of output because of some other reason or problem with the command. I don’t know.

If I were in your shoes there are really just a few things I would do.

1. I would check the ‘modified’ stamp on the file to see when it was modified, and then I would compare that to my BatchPatch grid to see if I could figure out which command created it. Then I would examine that command and test running it so that I could watch in real-time what it does and what it outputs.

2. If I can’t get a ‘modified’ stamp because the file has already been removed, I would do a general review of the BatchPatch grid and all the commands that were executed against that target computer, and then I’d see if I could reproduce it by re-executing those same commands/sequences in BatchPatch.

3. If I did have access to the file, I might try to see if I could read the file to get a sense of what’s in it, which might help identify what caused it to get so large. Since it’s so big it might be hard to read even with a program that is designed to read large text files (such as the app “Large Text File Viewer”), so I probably would not try to open it in any type of app that will attempt to display the whole file. It is probably better to explore with cygwin commands or something similar just so that you can read just single lines of the file without having to open the entire file in a text file viewer, which will likely be problematic. Or if you do any coding you could even write a little text file reader in C++ or C# that would be scan the file and spit out a line here and there just to see what’s in it, similar to what you could do with cygwin commands like to read the head and/or tail of the file.

[doug]

Excellent. You’re welcome.

[doug]

Thanks. We’ll look at adding this.

[doug]

Create a local command in BatchPatch (‘Actions > Execute local process/command > Create/modify local commands‘) with the following syntax:

cmd.exe /c start \\$computer\c$

or

cmd.exe /c start \\$computer\SomeOtherFolder

You will then see your local command under ‘Actions > Execute local process/command > Execute saved local command‘. You can also add a toolstrip button with ‘Tools > Customize visible toolstrip buttons‘. Just scroll to the bottom of the ‘Customize Toolstrip’ window and check the box next to the local command that you created.

[doug]

This functionality already exists. The ‘add hosts from directory’ and ‘synchronize grid with directory’ options already let you select security groups in addition to OUs.

[doug]

Based on what you’ve said, it sounds like the results showing in the Windows control panel are simply stale. BatchPatch shows a real-time picture of what’s available. Windows doesn’t. Please refer to reason number 3 on the list at the link above, and then follow the link and instructions there. Let me know how it goes.

[doug]

BatchPatch and the Windows Update Control Panel Report a Different Number of Available Updates

[doug]

Thanks. We’ll consider this.

[doug]

No. We’ll consider something like this for a future version.

[doug]

You can just type directly into the notes field for a given row, or you can use ‘Actions > Modify category, description, location, notes, color, etc’ to put something in the notes column for many rows at the same time.

[doug]

Or are you saying you want the timer to appear on the BatchPatch computer? Or actually inside of BatchPatch? The short answer is no, there isn’t a built-in way to display a countdown-timer for each row inside of BatchPatch. But you could put a note inside of one of the notes columns for a BP row and put the end-time there for reference. Something like that anyway.

Or you could even conceivably maybe write a script that displays a countdown somehow, but that wouldn’t run inside of BP. So you would have to come up with a script that takes as its parameters hostname and start time. Then have that script display a countdown in a window. You’d then be able to call the script as a local command from inside of BP. Maybe something like that is possible. I’m not sure.

[doug]

Countdown, no. But you can pop a message box on the target computers that says whatever you want, like “Maintenance will be ongoing until 11:45PM” etc.

‘Actions > Send message to logged-on users’

[doug]

The filtering mechanism enables you to filter which of the available updates you want to be included or excluded. The key word here is “available.” That is, an update has to be presented as available to then be included or excluded by the filter. If an update is not presented as available, then it can’t be installed.

When Microsoft releases the new cumulative update for a given month, it replaces the cumulative update from the previous month. Similarly, the WsusScn2.cab file from November will contain the cumulative update from November. It won’t contain the cumulative update from October.

If you are in November and want to install the October cumulative update using offline mode, then you would need the WsusScn2.cab file from October. If you don’t have that file then you would need to manually obtain the desired updates from the Microsoft Catalog. After you download the desired updates from the catalog you can then use the ‘Deploy’ feature in BatchPatch to deploy that update to target computers.

In the future if you intend to always be working in offline mode a month behind, then just make sure to download and retain the WsusScn2.cab file from each month. Then when it comes time to perform the installation you can use the WsusScn2.cab file from the desired month.

[doug]

You have a few options:

You can manually edit those fields directly in the grid by just typing into them. Also see ‘Grid > Enable/disable column editing’

You can use ‘Actions > Modify category, description, location, notes, color, etc.’

You can import the description field when using ‘Grid > Add hosts from directory’ by checking the ‘Import description field’ checkbox.

When using the ‘Grid > Add hosts’ dialog, or when importing a text file list of hosts into the grid (File > Import), the following are all valid (See ‘Help > Usage, tips, shortcuts’) :

The order of values entered must be the same as the order shown below:
# MAC
| NOTES
|| NOTES2
||| DESCRIPTION
|||| LOCATION
|U| USERNAME
|P| PASSWORD
|D| DOMAIN

Syntax examples for adding hosts with extra values: (Note it is not necessary to include all elements as long as the overall order of elements is preserved)
host1#1C6F65D56413
host2#1B3A65B54322|notes for host2
host3|notes for host3
host4|||Description information for host4||||Location information for host4

[doug]

No problem. If you observe anything that is inconsistent with what I said above, let me know. Thanks.

[doug]

All grids in the service instance are auto-saved every 15 seconds as well as when the service stopped. That said, while what you are doing sounds like it should be ok for now, I can’t make any guarantees about the behavior that you can expect since you’re doing something that isn’t directly supported in the app. You should definitely test it to make sure it behaves the way that you want and are expecting. Also note that while you might get it working just fine for now, I also can’t make any guarantees about whether or not it will continue to work in future versions of the app (again, simply because you’re doing something that is not directly supported in the app, and it’s possible that we could make a change in a future version that breaks your existing automation).

-Doug

[doug]

There is a setting in BatchPatch that controls where a BatchPatch search for updates will look when executed against a given target computer:

Tools > Settings > Windows Update > Server Selection

Default / Managed: Uses the target computer’s existing configuration to determine where to search for updates.

Windows Update: Bypasses the target computer’s configuration and searches for updates on Microsoft’s public server. Includes only Windows updates.

Microsoft Update: Bypasses the target computer’s configuration and searches for updates on Microsoft’s public server. Includes Windows updates AND updates for other Microsoft products. Before using Microsoft Update, target servers must be opted-in to the service. See Actions > Windows Updates > Opt-in…

However, if you have SCCM in your environment, it’s important to understand that SCCM utilizes its own WSUS server. Once SCCM takes control of a WSUS during the setup/configuration of SCCM, that WSUS can no longer be used by a non-SCCM application like BatchPatch to search for updates. So, if your target computers are configured via Group Policy to search for updates on a WSUS that is controlled by your SCCM server, then if you use BatchPatch to initiate a scan for available updates, and if BatchPatch’s Server Selection setting is set to Default/Managed, BatchPatch will always report No applicable updates. In order to use BatchPatch with a WSUS, the WSUS must be independent. It cannot be linked to or controlled by SCCM.

Based on what you have said, it seems like your BatchPatch server selection setting must currently be configured to either use Windows Update or Microsoft Update otherwise if BatchPatch’s server selection setting were set to Default/managed then we would not expect BatchPatch to find any available updates when searching for updates on a target computer that is configured to be using SCCM, even if there are updates available according to the SCCM console.

We have more details on BatchPatch in SCCM in environments here: Can BatchPatch Be Used to Install Windows Updates through SCCM?

[doug]

We’ll look at making a similar tutorial soon that covers the use case that you are asking about.

[doug]

Let me know how it goes.

[doug]

This functionality does not currently exist built-in to the app, but we are considering it for a future version. In the meantime you can still accomplish this in BatchPatch by integrating a custom script. We have a blog posting that shows exactly how to do this with a service, but the script could be modified slightly to suit your needs and search for a process instead of a service.
BatchPatch Custom Script Integration – Wait for Service to be Running Before Proceeding to Next Step in Job Queue

[doug]

Something is preventing BatchPatch from copying the file to the target computer.

I would suggest you first make sure that you are not attempting to have multiple rows in BatchPatch deploy to the same target computer at the same time. Based on what you’re seeing it seems like there could be something like that occurring. BatchPatch can’t copy the file to that location because the file is already there and in use. You said the file isn’t already there, so that makes me wonder if you have two rows trying to put it there at the same time, and neither is able to do it successfully as a result.

Next I would suggest rebooting both the BatchPatch computer and the target computer.

Next I would double-check the permissions on the target computer remote working directory (C:\Program Files\BatchPatch) and make sure something didn’t get hosed up that is preventing BatchPatch from doing what it needs to do. You can also delete the BatchPatch folder, if needed, and then let BatchPatch create it again from scratch.

Next I would check to see if something on the target computer is somehow locking the file as soon as BP starts copying it there. I’m not sure exactly how this could be possible until the file copy completes successfully, but maybe there is anti-virus or similar security software locking the file for a scan.

Those are all just best guesses. I can’t really say for sure exactly what the issue would be or would be caused by because the issue that you are encountering doesn’t appear to have anything specific to do with BatchPatch. It looks like something in the environment or your particular setup or configuration is creating the block/lock, so you’ll have to examine the computers and your setup/config to see if you can determine what it might be.

[doug]

Please see this tutorial: BatchPatch Custom Script Integration – Wait for Service to be Running Before Proceeding to Next Step in Job Queue

[Author]

Posts