Kevin Holman's System Center Blog

Posts in this blog are provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified in the Terms of UseAre you interested in having a dedicated engineer that will be your Mic

How do I know which hotfixes have been applied to which agents?

TechNet Blogs > Kevin Holman's System Center Blog > How do I know which hotfixes have been applied to which agents?

How do I know which hotfixes have been applied to which agents?

24 Jun 2008 6:42 PM
  • Comments 10

***UPDATE***  A new hotfix has been released, which is a simple updated management pack.... which fixes the Patchlist table to include all hotfixes, and cleans up the formatting.  I recommend you get it and install it on your SP1 environments.

http://support.microsoft.com/kb/958253 

------------------------------------------------------------------------------------- 

As more hot-fixes are applied to our OpsMgr 2007 SP1 environments.... how can we know which hot-fixes have been applied to our agents?  How can we detect an agent that needs patching but got missed?

In MOM 2005... this was rather simple... in the Admin console, under Agent-managed Computers, there was a column called "version" which incremented the agent version number in most cases.

In OpsMgr... we do not update this field in the Administration tab.  See graphic:  The version here shows the major version number... like RTM 6.0.6500, SP1 6.0.6278.... etc....

image

So.... how do we examine this now for minor updates?

Create a new State view.  Call it "Custom - Agent Patch List" or something you like.  Target "Health Service" for "Show Data Related To".  You can filter it further to the "Agent Managed Computer Group".

Then - personalize this view, and show the columns for "Name" and "Patch List"  See graphic:

image

Now.... the "Patch List" column isn't super user friendly - because of the amount of text in the single column.... but it will let you see what has been installed.  For instance - here is an example of KB950853 installed:

image

To make this a bit easier.... I wrote the following SQL query which does essentially the same thing.... you can create a web based SQL report from this and the data will be much easier to manage in Excel:

select bme.path AS 'Agent Name', hs.patchlist AS 'Patch List' from MT_HealthService hs
inner join BaseManagedEntity bme on hs.BaseManagedEntityId = bme.BaseManagedEntityId
order by path

If you want to query for all agents missing a specific hot-fix... you could run a query like this.... just change the KB number below (thanks to Brad Turner for providing the idea):

select bme.path AS 'Agent Name', hs.patchlist AS 'Patch List' from MT_HealthService hs
inner join BaseManagedEntity bme on hs.BaseManagedEntityId = bme.BaseManagedEntityId
where hs.patchlist not like '%951380%'
order by path


I have noticed, however, that this field, "Patch List" is limited to 255 characters in the database.... which I imagine will run out of space fairly soon.  I will also be interested to see how we handle this table column, once SP2 comes out.... as any pre-SP2 applied hotfixes will no longer apply.

The Patch List information is discovered and updated once per day across all agents in the management group.

 

For a report which shows you the same information, but lets you query for all agent missing a specific hotfix - check out my more recent post with the report download:

http://blogs.technet.com/kevinholman/archive/2008/06/27/a-report-to-show-all-agents-missing-a-specific-hotfix.aspx

 

,
Comments
Comments
  • Kevin Holman's OpsMgr Blog
    27 Jun 2008 6:11 PM

      This is a continuation of my previous post on determining which agents are missing a hot-fix:

  • Sandy Wood
    22 Oct 2008 10:21 AM

    I found that by manually installing the update on an agent machine that the version column is indeed updated in my opsmgr 2007 console. Why is this?

  • Kevin Holman's OpsMgr Blog
    27 Jan 2009 12:45 PM

    Hey guys – a new hotfix is published, and I recommend this for all SP1 environments.  This cleans

  • Kevin Holman's OpsMgr Blog
    27 Jan 2009 12:49 PM

      In general - you should evaluate all hotfixes available, and only apply those applicable to your

  • Nejde jen o software...
    13 Feb 2009 11:03 AM

    Uvádím zde seznam důležitých oprav pro SCOM 2007 SP1, které používám a doporučuji nasadit v každém prostředí.

  • JOBBO
    7 Jun 2010 8:39 PM

    Hi Kevin,

    I have done installed CU1 on SCOM Server, then installed CU2 on SCOM Server and deployed update CU2 (KB979257) all agents.

    if I already installed CU2 (KB979257) to all agents, do I need to install update CU1 (KB974144) ?

    your answer really make me appriciate.

  • 8 Jun 2010 5:43 AM

    CU’s are *cumulative*.  That implies that if you apply CU2, you do not need CU1… as you already have all the fixes in CU1 included in CU2.

  • Tom Martin
    26 Aug 2010 2:26 PM

    Hi Kevin,

    The patch list column is blank for all our management servers (RMS, MS & GW). But, all other servers are showing as expected. Is this normal?

    Thanks,

    Tom

  • 26 Aug 2010 2:51 PM

    Hi Tom - yes - that's totally normal - we only collect for agents.  For RMS/MS/GW - you need to manually inspect DLL.

  • Dominique
    19 Mar 2012 9:29 PM

    Hello,

    Does this patch list works for Windows and Unix/Liniux?

    Thanks.

    Dom

Page 1 of 1 (10 items)
Leave a Comment
  • Please add 7 and 6 and type the answer here:
  • Post
Search Blogs
  • Advanced search options...
Options
Tags
Archive
Archives