I am patching a group of servers and the way I configure the action for the following behavior:
Messages
No user interface will be shown before running this action.
No message will be shown while running this action.
Users
This action will run independently of user presence.
User interface will be shown to all users.
Execution
This action ends 4/8/2016 1:25:34 PM client local time.
It will run at any time of day, on any day of the week.
If the action becomes relevant after it has successfully executed, the action will be reapplied as a policy an unlimited number of times.
If the action fails, it will be retried up to 10 times, waiting until the computer is rebooted between attempts.
If a member action fails, the action group will continue to run.
Post-Action
After the action completes, the user will be requested to restart the computer.
The restart request will have a deadline of 1 minute after it is initially shown.
When the deadline is reached, the computer will restart automatically.
The following message will be displayed as the reboot/shutdown request:
Restart Now
Your system administrator is requesting that you restart your computer. Please save any unsaved work and then take this action to restart your computer.
For some reason the servers that fail one of the patches in the action, get stuck in a failed state and never retry again… I end up having to stop and then take the action. Anyone have any ideas what could be wrong?
Did the machines RESTART after the failed attempt? I ask because your RETRY tells the action to retry up to 10 times, but WAIT (each time) for the endpoint to restart before retying. Sorry if I am stating the obvious here, but …
No worries, yes they were restarted. Because we are so behind on patching, sometimes when a server is taking too long to complete, I will force a restart. This subsequently fails whatever patch was being applied but should just re-evaluate and continue the action. I have done this multiple times with no problem…
I did find out that one of my colleagues pushed the updated client and it seems to coincide with this issue. Is anyone else experiencing this after installing the update?
We think we may have identified an issue that could be causing this. Typically, because we are so far behind in Windows updates and patching, I select everything under Microsoft and Take Default Action. However, this includes something that sets up the Microsoft Office network share (How this is an update or a patch I have no idea) and they may be causing the issue. I have deployed the Delete option for these on any servers that the Setup action was deployed to and Globally Hid those actions.
Still the same result. To test this, after hiding the office share fixlets, I took action on the remaining Microsoft patches with the following behavior and forced the machine to restart in the middle of applying updates in order to fail on of the fixlets.
Messages
No user interface will be shown before running this action.
No message will be shown while running this action.
Users
This action will run independently of user presence.
User interface will be shown to all users.
Execution
This action ends 4/9/2016 9:54:51 AM client local time.
It will run at any time of day, on any day of the week.
If the action becomes relevant after it has successfully executed, the action will be reapplied as a policy an unlimited number of times.
If the action fails, it will be retried up to 5 times, waiting until the computer is rebooted between attempts.
If a member action fails, the action group will continue to run.
Post-Action
After the action completes, the user will be requested to restart the computer.
The restart request will have a deadline of 1 minute after it is initially shown.
When the deadline is reached, the computer will restart automatically.
The following message will be displayed as the reboot/shutdown request:
Restart Now
Your system administrator is requesting that you restart your computer. Please save any unsaved work and then take this action to restart your computer.
After the server comes back up and re-evaluates, it just sits with the following for summary:
The action failed.
This action has been applied 1 time.
SO you FORCE a restart of the machine as the patches were being deployed to force an error condition? Can you try this, change your Retry action from:
TO:
If I am following what you have stated in your 2nd example/test - you forced a restart to CAUSE the failure. Now at this point, the BigFix agent reports back to the system a failure, and now (even tho it just restarted) is waiting for the next reboot/restart to try again.
So if you change this to wait 10 min, and run your example again I am curious to see what happens 10-15 min after your restart.
I don’t think this is the cause, but it could be.
If you really really want something to run, you want to instead use the Reapply this action while relevant, waiting... option instead.
The Reapply this action whenever it becomes relevant again option only takes effect if the relevance is TRUE then FALSE then TRUE again, which doesn’t happen if it fails, though if it fails, then I would expect the On failure, retry policy to be triggered.