Hi.
When patching the latest Adobe Flash the 12.0.0.70 gets installed correctly on clients. But when rescanning Shavlik states that
version 12.0.0.44 is missing and wants to install that. This fails as a never version (12.0.0.70) already is installed on the client.
Can this scan error be fixed somehow?
Kind regards
Erling
I just installed Protect version 9 (build 1182) onto a Win2012 server. I was able to successfully scan a machine, and deployed all needed patches. When I pulled up the deployment tracker, however, all I see is that the patches are scheduled. It never moves beyond that point, and it has been 40 minutes. When I look at the machine, the hard drive light is flashing like crazy, so it's definitely working on something. I have the remote registry service started on that machine (Win7x64). The deployment parameters indicate that patches should install immediately. What should I be looking for that might provide a clue as to what might be happening and how to correct? Should I just reboot the machine or rescan to see if anything looks different?
Hello,
We have just stood up our vCenter Protect server and begun using it to deploy patches to machines in our environment.
One of our constant struggles is to keep our VMware tools up-to-date. Is there a way to to this using vCenter Protect? The tool seems very VMware aware (as it should be). I almost expected to find a checkbox item that would do this. I don't know if there is a way to add the tools install as a patch.
I've tried searching the VMware communities, KB and elsewhere on the Internet. To my surprise I haven't turned up anything. It would be very useful for us to roll that into our regular patch cycle. (one less thing to forget)
Has anyone else done this or run into a definitive no? I know there is an option to have the VMs auto-update on reboot/power up. In my environment the issues with that are:
If anyone has run into a better solution, I am all ears...
Thanks!
I have searched but can't find this information. Documentation refers to http://www.shavlik.com/support/protect-history.aspx, but this link is not valid. Can someone point me to a resource that describes what's new?
Thanks,
Sandra
How do you configure Shavlik to exclude the recommended files and folders in Windows environments? Specifically, I need to know about SQL and IIS:
IIS 7
<drive>:\inetpub\logs\.
SQL Server 2008 R2
%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.<Instance Name>\MSSQL\Binn\SQLServr.exe
%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.<Instance Name>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe
%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.<Instance Name>\OLAP\Bin\MSMDSrv.exe
SQL Server 2008
%ProgramFiles%\Microsoft SQL Server\MSSQL10.<Instance Name>\MSSQL\Binn\SQLServr.exe
%ProgramFiles%\Microsoft SQL Server\MSSQL10.<Instance Name>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe
%ProgramFiles%\Microsoft SQL Server\MSSQL10.<Instance Name>\OLAP\Bin\MSMDSrv.exe
Regards,
Matthew
I had an issue while upgrading from Vcenter Protect 8.X to 9.0:
When the installation program called the database setup tool I selected to use an existing database. After pressing next nothing happened and the Database Setup Tool Window got frozen. It behaved strange in that it was unable to receive the focus, could not be activated, moved or resized. It seemed to me as if it had opened a modal dialog which had to be ackowledged. But there was no dialog. The only way out of this was to kill the process with task manager. Afterwards the installation program performed a rollback with the effect that even my 8.0 Installation got lost.
Any idea appeciated !
Hi all;
I'm trying to run a report by machine group and for it to come out similar to the "Machine Status Summary" where it gives you a pie chart of the status of the machine.
Is this possible and if so, how? And, is there any other way to run a report that's based on the machine group that I've created? Or is this something I need to customize the report?
Thanks....
Recently, we have noticed our main development IIS virtual server is taking 20+ minutes to boot. The following Events are seen during the boot window:
____________
Event ID 1 - STThreatService - The description for Event ID 1 from source STThreatService cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
An error has caused the program to exit
____________
Event ID 6006 - Winlogon - The winlogon notification subscriber <GPClient> took 1243 second(s) to handle the notification event (CreateSession).
____________
Event ID 6005 - Winlogon - The winlogon notification subscriber <GPClient> is taking long time to handle the notification event (CreateSession).
____________
Uninstalling Shavlik results in a one minute boot time and the above errors are no longer recorded. Any ideas?
Hi
We have an ESXi environment which has been upgraded recently using VMware update manager to a more uptodate version. .
We also use Shalvik for patch management and we have the license which allows us to do ESXi hypervisor patching.
However we have an issue with VMware tools. If this updated using VMware, it works fine until the Virtual machine is rebooted and then it goes out of date.
We believe this is happening because Shalvik product is upgrading the VMware tools also. When I check what updates Shalvik is updating to the machine I can see in the patches list there is VMware tools 9.4 x64 which is also being rolled out.
How would I go about ensuring that this update is not effective on any future patches?
We are running ESXi 5.0.0 update 3 but it seems that some virtual machines managed via Shalvik are installing a much newer version of the VMware tools (for v5.5) which is causing this out of date message confusion. When it installs this version it also doesnt allow you to edit any of the VMware tools which it should allow if the installation is correct.
Thanks
Hi,
I am planning to buy one more licese of Shavlik Protect, before that I would like to understand more about
i) differences between Shavlik Protect Standard Workstation and Shavlik Protect Standar server?
ii) the concept of seat licnesing
iii) the maximum number of machines that Shavlik Protect can scan.
Can anybody throw some light on the above topics?
Thanks
Srikanth Badireddy
So I was doing a Software Deployment of Powershell 2.0 to some Windows 2003 servers. I selected the Powershell 2.0 patch and pushed the deployment. The deployment succeeded but the patch wasn't installed because .NET 2.0 SP1 was not installed which is required. I didn't figure this out until I downloaded the patch manually to the target machine and attempted to manually install it. Once I did, then I was prompted with the pop-up stating that I needed .NET 2.0 SP1. Why didn't vCenter Protect pick up on this when watching the deployment? It only noted that the deployment was scheduled? Why didn't the service (non-agent install) send this information back to the console that the server was missing a pre-requisite or note this in the event log? Why didn't the console pick up that there was a pre-requisite for the update that was being applied that wasn't on the server? Are these things that I need to feature request? If so, VMWare does not have a feature request option in its drop down menu for vCenter Protect, what option should I use?
My consultant had setup dozens of groups and applied various credentials to all of them. When I look at the groups, the credentials show as "No".
He claims to have setup the credentials as shared and that I should see them in Credentials Manager, but I don't. When I added them as shared on my profile, it warned me that I was overwriting his shared credentials. For him, he can still see them applied to the machines but I still do not.
One of three shared credentials is a domain account and when I edit/change it to shared, I get no prompt as with the other two but then the consultant sees it as not shared.
When other admins login to the console with their AD creds, Credential Manager shows nothing and machine groups show nothing. The plan was to rotate through as many as 19 admins but this appears to not be a workable method.
The past few times when performing a security patch scan I recieve this SQL error.
"A database operation failed. Please verify you can connect to the configured database."
"A SQL Server query operation timed out. Consider increasing the command timeout in the configuration file."
Since I was not the person who installed/setup Shavlik, I'm not to sure where to begin looking to resolve this issue. All scans I have done (about 6-7 since this error popped up) have turned out OK, all machines that are normally scanned are sucessfully scanned, and I have been able to push patches just fine, however I don't want this error to bite me in the long run. If someone could point me in the right direction I would appreciate it. I have linked an attachment of the error message below.
Thanks in advance
I currently am unable use Shavlik Protect 9.0 online. I need to update the scan data so that I can scan my network for the most recent patches. Is there a way to downalod the latest information outside of Shavlik and manually import it to an offline workstation?
Recently upgraded from version 8 to version 9, all went very smoothly, except I can no longer scan or patch my VMWare Offline Templates.
I get error code 802, Unable to open virtual disk
The credentials have not changed, and I've tested that all three templates successfully convert to VM's and boot up.
Anyone else come across this problem or got any ideas ?
Hello,
We've been using Shavlik / Vcenter Protect in our infrastructure for a while now.
Until the past monts the patching was done using the agentless process. Due to changing in organization we are now facing patching servers all over the world.
The agentless scans are taking over 3 hours per server (on high latency line).
I've been trying to get agents installed and see if we can see any improvement in scan times.
Couldn't find any specific answers in the documentation so here are my questions(maybe anyone ):
1. At the moment ports 139 and 445 are opened from console to targer servers - Do I need any additional port openings to be able to scan / patch the servers using agents (maybe 3121) ?
2. None of the servers have internet access so I need the agents to download patches / xml from the console (not able at the moment) - Again ports or
I would prefer avoiding a distribution server so no additional ports need to be opened to a new server
3. If I must use a distribution server can a DFS share be used?
4. When using agents will I be able to patch the servers at will - not allow them to download and install automatically the patches
This is due to the fact that the servers must be patched in specific dates, order and special restart procedure is in place for most of them.
Hope someone has some answers.
Thank you!
Hi all;
I'm trying to run a report by machine group and for it to come out similar to the "Machine Status Summary" where it gives you a pie chart of the status of the machine.
Is this possible and if so, how? And, is there any other way to run a report that's based on the machine group that I've created? Or is this something I need to customize the report?
Thanks....
I had an issue while upgrading from Vcenter Protect 8.X to 9.0:
When the installation program called the database setup tool I selected to use an existing database. After pressing next nothing happened and the Database Setup Tool Window got frozen. It behaved strange in that it was unable to receive the focus, could not be activated, moved or resized. It seemed to me as if it had opened a modal dialog which had to be ackowledged. But there was no dialog. The only way out of this was to kill the process with task manager. Afterwards the installation program performed a rollback with the effect that even my 8.0 Installation got lost.
Any idea appeciated !
I have about 600 pcs i've been deploying the vcenter protect agent to. Most existing ones were done through the console, and new pcs being deployed we use the stplatformupdater.exe on to deploy it. On probably 30 machines, I have been unable to get the agent to register itself no matter what I do. I try through the console, and using the exe and always get one of two errors
2013-04-04T15:19:33.9851166Z 07e8 I STAgentManagement.cpp:536 'C:Program Files (x86)VMwarevCenter Protect AgentSTAgentManagement.exe' is starting, version: 8.0.3965.1.
2013-04-04T15:19:35.6855275Z 07e8 E STAgentManagement.cpp:695 class STServiceModel::Wws::CWebServiceException at RegistrationServiceClient.cpp:496: Unable to register the agent with the provided registration cookie.
Error detail:
The body of the received message contained a fault.
The fault reason was: 'Internal error'.
or
2013-05-01T02:54:46.0497283Z 0c14 I STAgentManagement.cpp:536 'C:Program Files (x86)VMwarevCenter Protect AgentSTAgentManagement.exe' is starting, version: 8.0.3965.1. 2013-05-01T02:55:20.4330099Z 0c14 E STAgentManagement.cpp:695 class STWin32::CWin32Exception at PrivateKeyInfo.cpp:164: Error 5: Access is denied.
I use shared passphrase when doing the stplatformudpater.exe and I know it works because it allows me to fetch the policy list. It just never is able to register. Any idea what could be wrong on these machines? It happens on both windows 7 and xp.
I see in the Help that I can have an external file with virtual machines listed that I can "Link to a Machine Group". Is the format of this file similar to a "regular" machine file (simple txt file with each machine on a single line)? The example in the Help lists the files with a ".vmx" extension - are these the actual vmx files used by VMware to run the machines?