June patches not getting deployed on client systems

Question

Hi,

we have scheduled patch deployment for the month of June 2022 on 16th June but deployment status is showing unknown for all workstations. I did check at both ends(SCCM server and SCCM client) but no issue observed. issue with all clients(VPN and locally connected).

Any help would be respected.

Answer 1

Check if the client update scan successfully completed

Check default Scan status reports, which will give you details status of scan failed machines,

Report - Troubleshooting 1 - Scan errors

Answer 2

Hi @Rakesh Kumar ,

After deploying the software update, there might be seven steps to troubleshoot the common issues.

Step 1: We could check Policyagent.log. When policy is received, the following entry is logged in PolicyAgent.log:

We could check if Deployment Unique Id on the console is consistent with policy id displayed in PolicyAgent.log.

Step 2: Software update would be checked if it is required by client , kindly check UpdatesStore.log. UpdateStore.log would record updates as missing if they are required. If it is not required or has been installed by client, there is no record in this log.

Step 3: If the update is required, the content could be detected before downloading. We could refer to UpdatesDeploymentAgent.log.

Step 4: The content could be downloaded. We could refer to UpdatesHandler.log, CAS.log, and ContentTransferManager.log.

Step 5: After the download is completed, detection could be followed before installation. We could refer to UpdatesHandler.log,ScanAgent.log, UpdateStore.log, WindowsUpdate.log and WUAHandler.log.

Step 6: Software update could be installed. We could refer to Windowsupdate.log and UpdatesDeployment.log.

Step 7: After the updates are installed, Updates Deployment Agent checks whether any updates require a reboot, and then it notifies the user if client settings are configured to allow such notification. We could refer to UpdatesDeployment.log and UpdateStore.log.

Here is an article about some detailed log screenshots.
Using log files to track the software update deployment process

---

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 3

@Amandayou-MSFT ,

thanks for followup. i did follow the log files as per your steps on some of clients but i can see the policy getting downloaded on some of them and some of not showing any entry for it. All the systems where policy downloaded but i can't see any entry on other logs as per rest of steps. we are also planning to log case with Microsoft for help.

Answer 4

Hi,

Thanks for your update. As we mentioned, some of clients received the policy, then we will check if there is any record ex: missing in UpdateStore.log. If not, it means the update is not required by these clients.

And other client which has not record in policyagent.log, please check if they are healthy, if so, the update is also not required by these clients.

Please check it on the side of sccm console:

And we are willing to open the ticket, and I am looking forward to the engineer solving our issue.

---

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 5

Can you provide the UpdateHandler.log from one of the affected machines?

Cheers