We encountered weird issue where clients are not showing applicable for patch MS25-SEP: Security Update for SQL Server 2019 RTM CU - SQL Server 2019 - KB5065222 (x64) (Superseded) even though Supersede evaluation is set to true
Tried Relevance check on multiple servers and all 7 relevance are passed with True but during deployment it comes as not relevant.
Gather is performed no error in FillDB. Client settings reset complete on few servers to avoid client corruption issue but still the same issue.
@SJPutman Hi Steve,
Can you help us here for this content. Our automation for patching is failing since the entire content is marked as Not relevant for all applicable CIs which were relevant earlier in month of December. Manual installation and custom fixlet post removing relevance is working fine. BES client reset already performed on few CIs
I think you should open a Support Incident to get the kind of one-on-one support you'll need to diagnose this.
Otherwise you should try removing the relevances one piece at a time to see which one is making the patch Not Relevant. I don't think it's the "_BESClient_WindowsOS_EnableSupersededEval" setting unless you don't have that set correctly - that's a template that the fixlet inherits, if it was wrong on that fixlet it would affect all of your superseded evaluations; but it could be set incorrectly on some of your clients I suppose.
In the context of a support incident, we would likely provide a breakdown of the relevance clauses so you could determine which one is making it false when you send the action.
And, just to be sure - you tried sending the action manually with your operator account, not just with the automation, right? It could be that the computer does not recognize the automation account has management rights, in which case it might appear as a 'not relevant' result on the action as well.
Hi Jason,
Yes, tried with Operator account as well automation and results were same Not relevant. Ticket with HCL is already opened last week.
I was able to diagnose the issue which I am still thinking its weird. Since our automation runs on Fixlet IDs, hence the entire deployment is failing.
Not relevance is happening because of relevance 7 - (exists value "PatchLevel" whose (it >="15.0.2000.5" and it < "15.0.4445.1") of key "SQL2019\CurrentVersion" of it) of (keys "HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\150" of it) of (x64 registry)
As soon as I am creating a custom copy post removing this relevance condition CIs are showing applicable. Weird part is when ran via QNA on one of the CI applicability is showing true Q: (exists value "PatchLevel" whose (it >="15.0.2000.5" and it < "15.0.4445.1") of key "SQL2019\CurrentVersion" of it) of (keys "HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\150" of it) of (x64 registry)
A: True
T: 1725
In case you want to test in your lab environment. I have noticed none of the newer fixlets has this relevance condition