[doug]

This is a C0000005 memory access violation error that is being returned when you attempt to run that. It’s not a BatchPatch error. It’s coming from your attempt to execute that syntax, which likely means that your syntax is not correct. And even if I just look at it without knowing anything about TITUS, I see you have “InstallClient_TCO=1 InstallClient_TCO=0” which seems very weird to assign both a 0 and 1 to the same InstallClient_TCO.

I would suggest you start by taking their recommended syntax and running it at the command line without using BatchPatch. Most likely it’s going to give you the same error at the command prompt, indicating that your syntax is no good.

Make sure you can get it working first at the command prompt before you try to put it into BatchPatch. If it can’t complete successfully at the command prompt, then it definitely isn’t going to work in BatchPatch. If it works at the command prompt but not in BatchPatch then there are two things to consider and check in BatchPatch:

1. The account that it’s running under… Make sure that you are using the same account to execute the command in BatchPatch that worked when executing it at the command prompt.

2. Check the remote execution context under ‘Tools > Settings > Remote Execution’ and try to execute it under ‘SYSTEM’. If no luck with SYSTEM, try to execute it using ‘Elevated token’ + ‘Interactive’. To be clear I’m saying that you would select BOTH ‘Elevated token’ and ‘Interactive’ at the same time.

[doug]

You’ll need to figure out what is different between your working machines and your non working machine. There is a permissions problem preventing BP from creating that directory.

[doug]

Under ‘Tools > Settings > Remote Execution’ there is a setting for ‘Remote working directory’ which defaults to C:\Program Files\BatchPatch . For everything I say below I will assume you have not changed this setting, but if you have changed it to a different location, then modify my suggestions accordingly.

BatchPatch is trying to create this directory on the target computer but isn’t able to because of a permissions problem. If you have not specified alternate logon credentials for the row in the BatchPatch grid, then BatchPatch uses integrated security and makes the connection to the target computer with the logon account that was used to launch the batchpatch.exe. This account needs to have permission to create the folder, or if you have specified alternate credentials for the row (Actions > Specify alternate logon credentials), then you would need to make sure that account has the permission. Under normal operating circumstances, the way this is accomplished is by adding the account to the local administrators group of the target computer. Normally that is the only thing that needs to be done. However, if you already have that account in the local admins group of the target computer, then it implies that specific folder permissions were modified in a way that is preventing the remote working directory from being created. So for example, maybe permission on C:\Program Files has been modified in a way that is preventing C:\Program Files\BatchPatch from being created. I can’t say for sure that this is what is happening as you’ll need to evaluate exactly what’s going on, but hopefully you get the idea of where to start looking. Also make sure that the account hasn’t expired etc.

[doug]

Perhaps I misunderstood your first posting. And to be honest I’m not sure I understand what you’re describing in your second posting either. It’s unclear to me exactly what you are experiencing on your machines, so at this point I would need more details from you before I can give you a proper explanation of what is going on and how to resolve it. Can you try to describe again exactly what you are seeing occur in BatchPatch as compared to what you think that you should be seeing? Please be as descriptive as possible. Or if you can share screenshots and logs (HTML grid export would be very helpful), feel free to contact us directly via the contact page on our website for support via email instead of here on the forum.

[doug]

Offline mode does not deliver the exact same set of updates that online mode delivers. This is explained more at the link below:

BatchPatch and the Windows Update Control Panel Report a Different Number of Available Updates

[doug]

Yes BatchPatch will work with child domains. The issue you are encountering is probably one of a couple/few things:

First let’s just consider syntax issues. Example proper syntax for this field is: domainControllerName
or
DC=myDomain,DC=com
or
domainControllerName/DC=myDomain,DC=com

Your syntax does not match any of the above three examples because you have CN=domaincontroller,DC=child,DC=prod,DC=domain,DC=com

I would suggest you instead try each of these and see which one(s) work:
domaincontroller
or
DC=child,DC=prod,DC=domain,DC=com
or
domaincontroller/DC=child,DC=prod,DC=domain,DC=com

My guess is that right there will probably solve your issue. However, if it does not solve it, then I think you prob need to connect to a different domain controller. Basically if you specify a domain controller that is not a global catalog server then I think that could cause a referral to be returned. For this reason, it’s usually better to NOT specify a domain controller but instead just specify the domain (like in the second example above). However, there may be cases where this won’t work and where you need to specify a particular domain controller, in which case you probably need to make sure it is a global catalog server too because otherwise I think it will always return a referral due to it not containing the directory information to handle your LDAP request.

-Doug

[doug]

Thank you for your feedback and suggestions. We really appreciate it!

1: We’ll consider this

2: The sorting of the ‘All Messages’ column is based only one the visible first line of text that you can see in the grid, and it works properly in our tests. Maybe you could email us a screenshot that shows how it is sorting incorrectly for you? In the meantime we will also consider printing the file version info to a separate column

3: Please see ‘Grid > Filter rows in grid’. I think this is what you are asking about. It already exists. If this is not what you were asking, please clarify what you were asking about.

4: We’ll consider this

[doug]

There is not currently any such option.

[doug]

This is not currently possible. Before we would consider adding an option for this I’d be curious to understand why this would be valuable to you. When the email is sent the email itself has a date/time stamp just as all emails do, so what purpose is served by also putting the date/time into the subject line? Let me know your thoughts. Thanks.

[doug]

In that case, one other thing to consider is the basic multi-row queue sequence instead of the advanced. All rows still need to be in the same grid, but you can then just select all rows for a given computer and execute the basic sequence. Each row will execute its job queue one row at a time. Maybe this helps you. Maybe not. Good luck.

[doug]

I know you said “Other than creating one job queue…” but I don’t understand why you’re looking for a different way. The way to handle this is with a single job queue that contains multiple deployments.

While the advanced multi-row queue sequence could actually also be used for this, it would just add additional complexity over the singular job queue method. To do the advanced multi-row queue sequence you would have to put put each row into a single grid (each row in the sequence would have the same host name, so you’d have multiple rows each with the same host name, and they’d have to go into the same grid because the sequence works in a single grid, not across grids), and then you would have to assign a different sequence position number to each row. Effectively, it would create the same result as putting all of the deployments into a single job queue, but it would do it with more complexity.

[doug]

Go to ‘Tools > Settings > Remote Execution > Remote Execution Context > Deployment’ and change it to ‘Elevated token’ + ‘Interactive’.

[doug]

Hmmm… I can’t reproduce the column issue. I would suggest you make sure all instance of batchpatch.exe are closed on your computer. Then load your grid and adjust the column sizes as desired. Close BatchPatch. Then re-open BP or your grid file, and it should be all set. If for some reason it’s not, in that second opening, reset your columns once more. Then close BP and reopen it, and it should stick.

[doug]

In ‘Tools > Settings > Grid Preferences’ if you disable “Allow BatchPatch to auto-resize column widths”, then the column widths will be remembered. However, it’s a global setting, not a per-grid setting, so whichever grid is closed last is the sizing that will be remembered on next launch. If you want everything to be identical to before closing BP, then you’ll prob also want to disable all or most of the other settings there too for window and column sizing. That said, we recommend leaving all of the settings enabled because BatchPatch will then automatically resize the columns as needed based on the column contents. There really shouldn’t be any need to be manually resizing the “Ping Reply” column or “Last Boot Time” etc because if you use the default settings then those columns will be properly sized for you by the application to fit whatever contents are in those cells.

Regarding the password thing, we’ll consider this for a future build. Thanks.

[doug]

I’m not quite sure what you’re describing. However, for further support with licensing issues please reach out to support directly.

[doug]

The scheduled tasks are saved in the BatchPatch grid file itself. If you don’t save the BatchPatch grid (File > Save), the scheduled tasks are not saved anywhere. The scheduled tasks will only run if the grid is loaded into BatchPatch and the scheduler is enabled, OR if you have enabled BatchPatch to run as a service (Tools > Run BP as a service), and you have sent the desired BatchPatch grids to run in the service instance.

[doug]

There is no “Scheduled task file.” I’m not sure what you’re trying to do.

[doug]

I’m not certain what’s happening here. I would need to see more details. You can send us an HTML export (File > Export grid to HTML), as well as a screenshot of ‘Tools > Settings > Windows Update’ for review by reaching out at the BatchPatch contact form.

Thanks

[doug]

For computers that will act as both the source BatchPatch computer AND the target computer, the updates will need to be put in the source location, which is on the BatchPatch computer in the directory defined under ‘Tools > Settings > Windows Update > Local Update Cache directory’

[doug]

Let me try to explain again more clearly:

1. The BatchPatch cache directory on the BatchPatch computer is defined under ‘Tools > Settings > Windows Update > Local Update Cache directory’. This can be any folder/location of your choosing on the BatchPatch computer. This is where you will put the update files that you have downloaded previously on a different computer. Just make sure you put the update files in the folder that is defined under ‘Tools > Settings > Windows Update > Local Update Cache directory’.

2. The target computer cache directory is defined under ‘Tools > Settings > Remote Execution > Remote working directory’, which I recommend leaving at the default setting of C:\Program Files\BatchPatch, which will cause the cache directory to be created as C:\Program Files\BatchPatch\cache. This setting is ONLY defined in BatchPatch. There are no settings stored on the target computers. BatchPatch uses the directory defined in this setting when BatchPatch is executing actions on target computers. You will NOT copy the cache folder to all systems. You will ONLY copy the cache folder to the BatchPatch computer. Then when the BatchPatch action is executed to download/install updates on target systems using offline mode, BatchPatch will then handle copying the files from its local cache directory to the cache directories of all target computers.

This is all explained in detail in the scenario 4 and 5 tutorials that you will be following at https://batchpatch.com/cached-mode-and-offline-updates

I would suggest you download the free evaluation software from our website, and then you can simply follow the tutorials yourself to see how it works. It’s pretty simple and straightforward once you start doing it, and so I think you will answer most or all of your questions by simply performing the operations. https://batchpatch.com/download

[doug]

Yes, this is a BatchPatch scheduled task. See the tutorial linked above for details.

In BatchPatch under ‘Tools > Settings > Remote Execution’ you can choose the location for the BatchPatch working directory on target computers. I recommend leaving it set to the default value, which is C:\Program Files\BatchPatch. The cache folder will get created by BatchPatch under that path as C:\Program Files\BatchPatch\cache

[doug]

I forgot to include this link in the previous posting: Creating a Recurring Scheduled Task in BatchPatch

[doug]

Hello –

1. No, this is not currently possible. We will consider it for a future build.

2. Yes, you can use a standard recurring scheduled task for this. However, note that in order for this to work as desired/expected, you would have to separately handle getting not only the new updates into the cache directory before the scheduled task runs, but you would also have to include with the new updates the new WsusScn2.cab file.

[doug]

0x80244007 -2145107961 WU_E_PT_SOAPCLIENT_SOAPFAULT
a SOAP Fault was returned by the server. See the more specific WU_E_PT_SOAP_xxxx mappings when a SOAP fault was returned by the server.
SOAP client failed because there was a SOAP fault for reasons of WU_E_PT_SOAP_* error codes.

This is probably an issue on your WSUS.

We discussed one possible cause here:
https://batchpatch.com/forums/x/topic/102-failed-to-execute-the-search-hresult-2145107961/

Microsoft discusses another possible cause here:
https://docs.microsoft.com/en-us/troubleshoot/mem/configmgr/error-80244007-when-wsus-client-scans-updates

Aside from the two possible solutions mentioned above, other options to fix or workaround the issue might include:

-Cleanup your WSUS database. This might resolve it.

-Configure BatchPatch to get updates from Windows Update instead of your local WSUS (‘Tools > Settings > Windows Update > Server Selection’). This doesn’t solve the issue with the WSUS but it should work to get the recent updates installed. It’s also possible that once the recent updates are installed that the machines will once again be able to properly communicate with the WSUS without modifying/fixing the WSUS itself.

[doug]

Please see: BatchPatch Error: -102: Failed to execute the search. HRESULT -XXXXXXXXXX

[doug]

I don’t have this Microsoft software installed to see what it looks like in the registry, but in the example you’re describing it sounds like DisplayName is the registry value that you’re searching for. The action that you’re using in the job queue can tell you whether or not DisplayName exists. It can’t tell you what DisplayName is actually set to. What it’s set to is considered the ‘value data’, but the value itself is DisplayName. “If specified registry value exists, goto label:X’ can be used to goto label:X if DisplayName exists, regardless of what the value data for DisplayName is.

[doug]

There is no “Check if Registry Value” exists option in BatchPatch, so I’m not sure specifically which BatchPatch action you’re using. There are registry actions in BatchPatch, of course, but there are several different ones, and none of them is named that exactly, so I don’t know specifically where you are entering your registry path. That said, the first thing that I would ask you is are you inputting a path to a registry key but using one of the registry value options in BatchPatch? To be clear, a key is a key, and a value is a value. If you are searching for a registry key, you have to use a registry key function in BatchPatch. If you are searching for a registry value, you have to use a registry value function in BatchPatch.

[doug]

Are you using integrated security or alternate credentials in the rows that connect to target computers? After just looking at the tutorial and script, I think it would only work for integrated security and would not work if the account that is being used to run the BatchPatch.exe does not also have permissions on the target computers.

We’ll look at updating the tutorial at some point in the future to account for this, but the best workaround right now is to NOT write the output to a single local file (because you won’t be able to with this method), but instead create a BatchPatch deployment that deploys the VBS script to the target computer. In the ‘Deployment’ configuration window check the box that says “Retrieve console output”, and type $computer in the parameters field. Then when you execute the deployment, the script will be copied to the target computer for execution, and the results will be reported in BatchPatch in the ‘Deployment output log’ column.

[doug]

Remote command 1/2 provides NO logged output. It just executes the command.

Remote command 3/4 provides logged output and is how you would see the results of the command.

That said, I think in order to see the currently logged on user’s information you would have to either specify alternate logon credentials in BatchPatch to run the command with the account of the currently logged on user, or you would have to specify the account to connect to inside of the ‘net use’ command, as described in the documentation for ‘net use’

[doug]

‘Get list of installed programs’ looks in the following places:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall

[Author]

Posts