Most Valued Members ewong 8 Posted December 13, 2019 Most Valued Members Share Posted December 13, 2019 Hi, I'm finding the task executions results confusing. Note the time. 12:09. Time is 12:38. I logged onto the server and it indeed shows that there are 138 updates yet to be installed. Perhaps my understanding of how the Operating System update task works is limited (though I figured it's self-explanatory, which is to say that it tells the system in question to apply the updates). While it works on desktop systems, does it not work on servers? Have I missed something fundamental? Thanks Edmund Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted December 13, 2019 Administrators Share Posted December 13, 2019 The notification comes from the security product (agent can also report missing updates) and the number of updates depend also on this security product setting: This is, however, only a notification independent of the OS update task where you must specify if you want to install also optional updates: Link to comment Share on other sites More sharing options...
Most Valued Members ewong 8 Posted December 16, 2019 Author Most Valued Members Share Posted December 16, 2019 (edited) HI Marcos, I understand the point about the notifications; but what I don't understand is why the "Operating System Update" task don't actually tell the Operating system to install the updates even if I clearly said to install them? Edit: Actually, just to clarify, does this notification + operating system update task combination mean that if I set the Notification to "Critical Updates", it'll only update critical updates and ignore the rest? (I would've assumed that it'd just update the operating system with the critical and recommended patches and ignoring the optional ones (if I have optional ones ignored)? Thanks Edmund Edited December 16, 2019 by ewong Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted December 16, 2019 Administrators Share Posted December 16, 2019 There is no connection between the notifications about missing OS updates and the OS update task. On a client clicking the notification would open a Windows Update window with a list of missing updates that the user can choose to install. Sending an OS update task from the ESMC console would install critical, recommended and important updates for the OS. Installing optional updates would require the appropriate box to be checked. However, the task won't upgrade Windows 10 to a newer version, e.g. from v1903 to 1909. Link to comment Share on other sites More sharing options...
Most Valued Members ewong 8 Posted December 16, 2019 Author Most Valued Members Share Posted December 16, 2019 1 hour ago, Marcos said: There is no connection between the notifications about missing OS updates and the OS update task. On a client clicking the notification would open a Windows Update window with a list of missing updates that the user can choose to install. Sending an OS update task from the ESMC console would install critical, recommended and important updates for the OS. Installing optional updates would require the appropriate box to be checked. However, the task won't upgrade Windows 10 to a newer version, e.g. from v1903 to 1909. Then there's some sort of issue with ESMC sending OpsysUpdates task to the clients. Basic steps to reproduce (ESMC ver. 7.1 on a Windows Server 2012R2 system) Client is a Windows 8.0 system: 1) Create an Operating System Update task w/ No Reboot and No Optional installs. 2) Send it to one system which has the 'missing o/s updates'. 3) Wait. Nothing happens, as far as I can see. Nothing in the Server ERAServerApplicationData\Logs\trace.log (at least this is where I think it should've been shown if there were issues.). Any help appreciated. Thanks. Edmund Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted December 16, 2019 ESET Staff Share Posted December 16, 2019 Could you please provide list of updates that are actually missing? Microsoft introduced in last years updates that require user confirmation and for some reason cannot be installed using standard API. If such updates are present, task won't be able to install them. It is currently being investigated whether there is something we can do to install feature updates but so far there are no results. Link to comment Share on other sites More sharing options...
Most Valued Members ewong 8 Posted December 18, 2019 Author Most Valued Members Share Posted December 18, 2019 Hi MartinK, It's not that the updates are missing and I do apologize for not explaining properly. I meant that you send an update operating system task to the client, and it would ignore it and would say it succeeded. That said, I've been playing around with this task on some systems and have noticed that it isn't even obvious that the system is updating until it reboots itself. Not even in the Control Panel -> Windows Update does it show it is updating. It just shows that there are x amount of updates not yet installed. Which sparked my confusion. What is seemingly happening is it's updating behind the scenes without even notifying the Windows Update dialog. I'm still wondering if that's a good thing or a bad thing. But just as long as they're updating.. I should be a happy camper. Sorry for the false report. Edmund Link to comment Share on other sites More sharing options...
Recommended Posts