If Baseline fails, it does not retry

(imported topic written by Jay23)

I have a baseline setup with all the required updates for Windows XP which is set to retry upon reboot. However it appears not to be doing so.

here’s a basic run down of the config and whats happening.

On a new build PC, the automated install we have installs the Bigfix agent towards the end of the installation which unfortunately sometimes communicates with the master server and begins downloading updates. Around 20 seconds later, the build process will complete and automatically reboot the pc. Upon restart, the Baseline is shown to have failed and does not seem to restart deployment of the updates.

Here’s some of the fixlet config:

Constraints

This action will never expire.

It will run at any time of day, on any day of the week, independently of user presence.

Execution

If the Fixlet message becomes relevant after this action has successfully executed, the action will automatically be reapplied an unlimited number of times.

If the action fails, it will be retried up to 3 times, waiting until the computer is rebooted between attempts.

Has anyone seen this type of problem before? FYI I’m using 6.0.7.8

(imported comment written by BenKus)

Hey Jay,

I think the system is waiting until the next restart to retry. Can you double-click on the “Failed” status and post what the failed error message is?

Ben

(imported comment written by Jay23)

Hi Ben,

I tried restarting the PC’s several times without sucess. Here’s a copy of the “View Action Info” window.

NOTE: the patch that is “fixed” is the patch that would have installed before the first reboot.

Status: Failed

Started at: 06/09/2006 13:02:27

Completed at: 06/09/2006 13:03:08

The action has been run 1 time.

The action failed.

Sub-action status:

Fixed MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution - Windows XP SP1/SP2

Not Relevant MS06-042: Cumulative Security Update for Internet Explorer - IE 6.0 - Windows XP SP2

Waiting MS06-042: Cumulative Security Update for Internet Explorer - IE 6.0 SP1 - Windows 2000 SP4/Windows XP SP1

Not Relevant MS06-042: REVISED PATCH - IE 6.0 SP1 - Windows 2000 SP4/Windows XP SP1

Not Relevant MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution - Windows XP SP2

Waiting MS06-045: Vulnerability in Windows Explorer Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-046: Vulnerability in HTML Help Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-051: Vulnerability in Windows Kernel Could Result in Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-041: Vulnerability in DNS Resolution Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure - .NET Framework 2.0

Not Relevant MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution - IIS 5.1 - Windows XP SP1/SP2

Waiting MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-022: Vulnerability in ART Image Rendering Could Allow Remote Code Execution - IE 6.0 SP1 - Windows 2000/XP

Not Relevant MS06-022: Vulnerability in ART Image Rendering Could Allow Remote Code Execution - Windows XP SP2

Waiting MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution - Windows XP SP1/SP2

Not Relevant MS06-024: Vulnerability in Windows Media Player Could Allow Remote Code Execution - Windows Media Player 8 - Windows XP SP1

Waiting MS06-024: Vulnerability in Windows Media Player Could Allow Remote Code Execution - Windows Media Player 10 - Windows XP SP1/SP2

Not Relevant MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege - Windows XP SP1/SP2

Waiting MS06-032: Vulnerability in TCP/IP Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service - Windows XP SP1/SP2

Not Relevant MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution - Windows 2000/XP/2003

Waiting MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution - Windows XP SP1/SP2

Not Relevant MS06-014: Vulnerability in the MDAC Function Could Allow Code Execution - Windows XP SP1/SP2

Not Relevant MS06-016: Cumulative Security Update for Outlook Express - OE 6 - Windows XP SP2

Waiting MS06-016: Cumulative Security Update for Outlook Express - OE 6.0 SP1 - Windows 2000/XP

Waiting MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution - Windows XP SP1/SP2

Not Relevant MS06-011: Permissive Windows Services DACLs Could Allow Elevation of Privilege - Windows XP SP1

Waiting MS05-007: Vulnerability in Windows Could Allow Information Disclosure - Windows XP

Waiting MS05-013: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows XP

Waiting MS05-018: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service - Windows XP

Waiting MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution - Windows XP

Waiting MS05-032: Security Update for MSAgent ActiveX - Windows XP

Waiting MS05-033: Security Update for Telnet - Windows XP

Waiting MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service - Windows XP SP1/SP2

Waiting MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing - Windows XP SP1/SP2

Waiting MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-044: Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering - Windows XP SP1

Waiting MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service - Windows XP SP1/SP2

Waiting MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege - Windows XP SP1/SP2

Waiting MS05-048: Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-050: Vulnerability in DirectShow Could Allow Remote Code Execution - DirectX 9.0 on Windows XP SP1

Waiting MS05-051: Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution - Windows XP SP1/SP2

Waiting MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution - Windows XP SP1/SP2

Waiting MS04-014: Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution - Windows XP

Waiting MS04-015: Vulnerability in Help and Support Center Could Allow Remote Code Execution - Windows XP

Waiting MS04-022: Vulnerability in Task Scheduler - Windows XP

Waiting MS04-030: Vulnerability in WebDAV XML Message Handler - Windows XP

Waiting MS04-031: Vulnerability in NetDDE Could Allow Remote Code Execution - Windows XP

Waiting MS04-032: Security Update for Windows Kernel - Windows XP

Waiting MS04-034: Vulnerability in Compressed Folders Could Allow Remote Code Execution - Windows XP

Waiting MS04-037: Vulnerability in Windows Shell Could Allow Remote Code Execution - Windows XP

Waiting MS04-041: Vulnerability in WordPad Could Allow Code Execution - Windows XP

Waiting MS04-043: Vulnerability in HyperTerminal Could Allow Code Execution - Windows XP

Waiting MS04-044: Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege - Windows XP

Waiting MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure - Windows XP

Waiting MS03-041: Vulnerability in Authenticode Verification Could Allow Remote Code Execution - Windows XP

Waiting MS03-043: Buffer Overrun in Messenger Service Could Allow Code Execution - Windows XP

Waiting MS03-011: Flaw in Microsoft VM Could Enable System Compromise - Windows NT/XP/95/98/ME

Waiting MS04-028: Buffer Overrun in JPEG Parsing (GDI+) Could Allow Code Execution - Windows XP

Waiting MS05-003: Vulnerability in the Indexing Service Could Allow Remote Code Execution - Windows XP

Not Relevant MS05-004: Vulnerability in ASP.NET Path Validation - .NET Framework 1.1 SP1 - Windows 2000/XP

Waiting UPDATE: Windows XP Update Rollup 1

Waiting MS06-003: Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution - Outlook 2003 (Local Install)

Waiting MS06-027: Vulnerability in Microsoft Word Could Allow Remote Code Execution - Word 2003 (Network/Local Install)

Waiting MS06-028: Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution - PowerPoint 2003 (Network/Local Install)

Waiting MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel 2003 (Local Install)

Not Relevant MS06-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2003 (Network/Local Install)

Waiting MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution - Office 2003 (Network/Local Install)

Waiting MS06-048: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - PowerPoint 2003 - (Network/Local Install)

(imported comment written by wnolan91)

I noticed the simular in my testing. But the interesting part to it is… if I had the first fixlet fail it would reapply… if the first Fixlet of the Baseline was successful. I noticed the failure to reapply.

(imported comment written by BenKus)

We will check this out and see if we can reproduce this issue.

Ben

(imported comment written by Rolf.Wilhelm91)

Hi Jay,

Jay

On a new build PC, the automated install we have installs the Bigfix agent towards the end of the installation which unfortunately sometimes communicates with the master server and begins downloading updates. Around 20 seconds later, the build process will complete and automatically reboot the pc. Upon restart, the Baseline is shown to have failed and does not seem to restart deployment of the updates.

During my automatic installation process, I do a silent installation of the BES Client (I assume in the same way you do that) and after that STOP THE SERVICE with “net stop besclient”. This will stop the BES Client until next reboot. In the meantime, the automatic PC installation process is finishing it’s other tasks and finally restarts the system.

Maybe this helps you avoiding the problem.

Regards,

Rolf.

(imported comment written by Jay23)

Thanks for the feedback. I hope you find the same issues as us.

(imported comment written by Jay23)

Rolf.Wilhelm

Hi Jay,

{quote:title=Jay}On a new build PC, the automated install we have installs the Bigfix agent towards the end of the installation which unfortunately sometimes communicates with the master server and begins downloading updates. Around 20 seconds later, the build process will complete and automatically reboot the pc. Upon restart, the Baseline is shown to have failed and does not seem to restart deployment of the updates.

During my automatic installation process, I do a silent installation of the BES Client (I assume in the same way you do that) and after that STOP THE SERVICE with “net stop besclient”. This will stop the BES Client until next reboot. In the meantime, the automatic PC installation process is finishing it’s other tasks and finally restarts the system.

Maybe this helps you avoiding the problem.

Regards,

Rolf.{quote}

Great idea Rolf, I’ll submitt that idea to the build team.

(imported comment written by Jay23)

Ben Kus

We will check this out and see if we can reproduce this issue.

Ben

Hi Ben,

have you made any progress on this issue yet?

Cheers

(imported comment written by BenKus)

Hey Jay,

We tried it here as you described using BES 6.0.12.5 Client and it seemed to work as expected. Can you tell me which BES Client version you are using? Let’s convert this to a support question so we can see if something is different in your deployment that is causing the issue.

Can you please email enterprisesupport@bigfix.com, reference this email thread, and please send us the file “Action XXX.fxf” from the folder “C:\Program Files\BigFix Enterprise\BES Client__BESData\actionsite” where XXX is the number of your action?

Thanks,

Ben

(imported comment written by Bjowah91)

Hi Jay,

We also use automatic build of XP clients. What I have done is that I use the /Integrate option of the windows patches.

Then I have created a task that contains all the patches we want in the build. This leaves only the office patches to be implemented after boot up of a newly build computer. This method interfere less with the install process and does not interupt the user after wards.

{path of network share “program”}\WxpWks_Backup\SP2\ is patch to the I386 folder from which you install the computer.

Example:

Appendfile ms06-034

download http://download.microsoft.com/download/a/9/f/a9f7ef10-6b38-40ba-8256-42ce8e9308aa/WindowsXP-KB917537-x86-ENU.exe

continue if {(size of it = 698168 AND sha1 of it = “a4dbb2338b97e63f46d45f1d69aa6a7908269b13”) of file “WindowsXP-KB917537-x86-ENU.exe” of folder “__Download”}

wait __Download\WindowsXP-KB917537-x86-ENU.exe /integrate:{path of network share “program”}\WxpWks_Backup\SP2\ /quiet

/Björn