Clients in the Patch deployment report is showing
Question
Hello,
Off late it has been noticed that there are few systems which are online, active and recent reporting status in the SCCM . However the clients are showing “Enforcement state unknown” in the patch deployment report.
Would appreciate if you could assist how to fix issue for those client to make them compliant.
See the below sample affected client Activity and general information :
Policy Request : 6/11/2020 3:50 PM
Heartbeat DDR : 6/9/2020 8:35 AM
Hardware Scan : 6/11/2020 10:36 AM
Software Scan : 6/9/2020 12:01 PM
Status Message : 6/8/2020 1:55 PM
Last Logon : 6/8/2020 7:28:03 AM
As per the SCCM Troubleshooting 4 – Computers failing with a specific deployment error report noticed below error :
Error Code : 0x80004005
Error Status ID : 11756
Error Description : Unspecified error
As per the SCCM Scan 3 – Clients of a collection reporting a specific state report noticed below error :
Error Code : -2147467259
Error Status ID : 11423
Error Description : Unspecified error
Thank you.
Answers ( 5 )
What is the information in wuahandler.log and scan agent log on problematic machines ?
Also I guess there a compliance default report to check the scan errors, you may please check that and see if you get some leads from there.
As per the scan report most of the system found with below error :
Error Status ID Last Error Code Error Description
11423 -2016409966 Group policy conflict
11423 -2147467259 Unspecified error
Below are sample logs :
UpdatesHander.log : Unable to read existing WUA Group Policy object. Error = 0x80004005.
WUAHandler.log:
Unable to find or read WUA Managed server policy. WUAHandler 6/14/2020 1:37:01 PM 244 (0x00F4)
Unable to read existing WUA Group Policy object. Error = 0x80004005. WUAHandler 6/14/2020 1:37:01 PM 12492 (0x30CC)
Enabling WUA Managed server policy to use server: http://SCCMSPROD.PCSTS.com:8530 WUAHandler 6/14/2020 1:37:01 PM 12492 (0x30CC)
Failed to Add Update Source for WUAgent of type (2) and id ({06A23598-36B6-45CB-86DE-2D18BCE1F480}). Error = 0x80004005. WUAHandler 6/14/2020 1:37:01 PM 12492 (0x30CC)
Hi,
There is no report which says that software update scan is successfully completed along with last sup scan date column. You have shared only software inventory, hardware inventory, status message, heartbeat discovery, policy request date and last logon date.
As per the second information. i comes to know that SUP location point is not properly assigned to that machine.
Possible reasons:
————————–
*GPO conflict.
*GPO overlapping
*SUP location overlapping
* SCCM client assignment issue.
Thanks
karthikeyan
I think you need to perform some kind checking at the client side… probably checking the log files might help to understand the problem better
Some tips are below
The flows which you need to check things from client side
1. Locationservices.log – Check whether it’s able to find WSUS Path= and Distribution Point with patches
2. WUAHandler.log to check whether scan is completed or not
3. Updatedeployment.log – Check for deadline of the assignment and Software Updates client configuration policy, DetectJob completion received for assignment, Added update (Site_, PercentComplete, etc…
4. Execmgr.log – Execution is complete for program Software Updates Program
5. RebootCoordinator.log – Reboot related things
6. Software Update Troubleshooting – https://sudheesh.azurewebsites.net/?p=34
Thank you for the quick responces. I have checked the sccm report as as per the SCCM Troubleshooting 4 – Computers failing with a specific deployment error report noticed below error :
Error Code : 0x80004005
Error Status ID : 11756
Error Description : Unspecified error
As per the SCCM Scan 3 – Clients of a collection reporting a specific state report noticed below error :
Error Code : -2147467259
Error Status ID : 11423
Error Description : Unspecified error
Does it give any direction what could be the reason of this issue ?