Documentation forPatch Manager

Troubleshoot your Patch Manager deployment

If you are having problems, look here for guidance in troubleshooting and resolving an issue in your Patch Manager deployment.

See the following sections for more information:



Error messages


Downstream WSUS server issues

The following issues may occur due to downstream WSUS server configurations:

  • Systems cannot be moved from an unassigned group
  • Systems will not change groups
  • Options to change groups or settings are disabled in WSUS
  • Patch Manager reports only display upstream server information
  • The downstream WSUS does not display added systems

When a WSUS server is in Replica Mode, it inherits the update approvals and computer groups from the parent WSUS server. Most options and settings are disabled (including moving computers and group) because the downstream WSUS server mirrors the parent WSUS server. As a result, a generated report will only show the upstream WSUS server to prevent duplicate information.

The following table lists the differences between autonomous and replica downstream WSUS server configurations.

Autonomous Downstream Replica / Downstream
Uses another WSUS server as the master repository. Any updates downloaded by the master server are available to the downstream server. Uses another WSUS server as the master repository. Any updates downloaded by the master server are available to the downstream server.
Not required to be in the same Active Directory forest as the master to provide full reporting. Must be in the same Active Directory forest as the master to provide full reporting.
Allows individual approvals for updates different from the master. Updates must be approved on the upstream (master) server. Mirrors update approvals, settings, computers, and groups from its parent.
Downstream WSUS servers must be administered separately. Downstream WSUS servers are administered by the upstream server.
Allows flexibility in creating computer groups. Reports on status of its clients available to the master server.
Reduces overall bandwidth off-campus as the updates are downloaded from Microsoft once and then distributed to other servers. Does not upload reports to the master server.

To resolve downstream WSUS server issues, adjust the settings using the WSUS Administrator Console.

  1. Log in to the server hosting WSUS Server.
  2. Open the WSUS Administrator Console.
  3. Expand the server name and click Options.
  4. In the Options pane, click Update Source and Proxy Server.
  5. On the Update Source page, select Synchronize from another Windows Server Update Service server.
  6. In the Server name field, type the name of the local upstream WSUS server.
  7. In the Port number field, type the port number that this WSUS server will use to communicate with the upstream WSUS server. The default port number is 80 (port 8530 on Windows Server 2012).
  8. Deselect the This is a replica of the upstream server option, and then click OK.

Deploying Patch Manager agents on duplicate VMs

A server looping issue can occur if you duplicate a virtual machine (VM) running a Patch Manager agent.

For example, if you create a VM with a Patch Manager agent, connect the VM to the Patch Manager server, and duplicate the VM, your CPU and network traffic will increase when you run both VMs at the same time.

To correct this issue, uninstall the Patch Manager agent on one VM and then reinstall the agent.

Uninstall the Patch Manager agent

  1. Select one of the client machines hosting the agent.

  2. Log in to the targeted client machine.

  3. Right-click the Start menu and select control Panel.

  4. In the Adjust your computer's settings window, click Programs and Features.

  5. Right-click SolarWinds Client Components - x64 and select Uninstall.

  6. Follow the prompts to complete the uninstall.

  7. Close the Control Panel window.

Reinstall the Patch Manager agent

  1. Log in to the Patch Manager Console.
  2. In the navigation menu, maximize Administration and Reporting.

  3. Select Software Publishing, and then right-click and select Client Publishing Setup Wizard.

  4. Complete the Client Certificate Management window.
    1. Select Distribute and install Update Services Signing Certificate.

    2. Choose Select certificate from WSUS server. This option may be selected for you.

    3. Click the drop-down menu and select your WSUS server.

    4. Select Distribute and install Update Services Server SSL Certificate.

    5. Click Distribute.

  5. In the window, select Browse computers.

  6. In the navigation pane, expand Enterprise > Update Services.
  7. Maximize your WSUS server > Computers and Groups > All Computers and select Unassigned Computers.

  8. In the top center panel, locate the targeted computer.

  9. Click Add selected.

    The client machine displays in the bottom center panel.

  10. Click OK.

  11. Click Next > Next > Finish.
  12. Click Yes, and then click Cancel.
  13. In the navigation pane, expand Administration and Reporting and select Task History.

  14. In the Task History window check the task status in the bottom center panel. If the task was successful, Success displays in the Status column.

Complete the installation

See Patch Manager agents for instructions on how to deploy, approve, and configure the agent in your deployment.