When performing security updates on SharePoint with a database in a basic Always On availability group, you may encounter errors if the secondary replica of the database is not synchronized or if the secondary replica is not available. Here are some suggestions you can try:
Verify the health of the Always On availability group: Check if the Always On availability group is healthy, and if the secondary replica is synchronized with the primary replica. If there are any issues with synchronization or availability, resolve them before proceeding with the security patch.
Failover the availability group: Failover the availability group to make the secondary replica the primary replica, and apply the security patch on the new primary replica. Once the patch is successfully applied, fail back to the original primary replica.
Use PowerShell to remove and add databases to the availability group: Instead of manually removing each database from the availability group, you can use PowerShell to remove and add the databases to the availability group. This can help simplify the process and save time.
Use a rolling upgrade approach: Upgrade one database at a time, by removing it from the availability group, performing the security patch, and adding it back to the availability group. This approach can be time-consuming, but it allows you to perform the security updates without impacting the availability of other databases in the availability group.
It is important to note that before attempting any of these suggestions, it is recommended to have a backup of the databases and to test the upgrade process in a test environment.