Jump to content


nodiaque

Bug with maintenance windows

By nodiaque, in Configuration Manager 2012

Recommended Posts

nodiaque Newbie

nodiaque

Posted
Posted

Hello everyone,

 

I found a bug with the maintenance windows and reading on the web, it seems it existed in SCCM 07 (MS says it was by design) and now, it's has flooded my company. Here's the deal:

 

Let's say you have a computer named ABC. It's a new computer, you deploy it via task sequence and it get into the "all system" collection. You then create a new collection, let's call it "MW-A". You then add ABC to MW-A.

 

Then, you add a maintenance windows to MW-A, let's say monday 2:00-3:00 am. The computer get the MW (showned in policyspy and servicewindowmanagement.log). Here, everything is fine.

 

Then you create a new collection, let's call it "MW-B". You add ABC to the this new collection. Then, you add a new maintenance windows to MW-B, let's say tuesday 2:00-3:00 am. Now, the computer have two maintenance windows. Here, still no problem.

 

Then, you remove the computer from MW-A. You woud normally thing that the computer now has only 1 maintenance windows, from MW-B which is on tuesday, but no, it has kept the maintenance windows from MW-A. If you do a policyspy check or servicewindowsmagament.log check, you'll see it's still there even after a policy refresh.

 

To remove the maintenance windows from the computer, you have to first remove the mw from the collection, wait for refresh, remove the computer from the collection then put back the mw on the collection. Microsoft says it work as design in 2007.

 

 

Now, the problem is that we didn't knew that. Because of that, I have system with like 11 maintenance windows instead of 1. Even worst, the report from SCCM to get the maintenance windows on one computer is only checking what is attributed from the collection, not what is left on the computer.

 

Since SCCM 2012 was used in prod when testing, all my computers are affected with MW that doesn't exist anymore (a check in the database shows no entry with these IDs).

 

Does anyone know a way to fix that beside going one computer at a time with policyspy and deleting them?

Share this post

Link to post
Share on other sites
GarthMJ Contributor

GarthMJ

Posted
Posted

It sound like you open a CSS support case for this. Right? This is NOT by design. Re-open the case and insist that they push this up a level or put it in writing (formal) that this is by design. If you get no where, send me you case id and I will push this from the product team end.

 

The one thing to keep in mind is that in CM12 there is now business hours, just make sure that you are not looking at them.

Share this post

Link to post
Share on other sites
nodiaque Newbie

nodiaque

Posted
Posted

Well, microsoft said on technet that it is by design in 2007:

 

http://blogs.technet.com/b/configurationmgr/archive/2011/09/26/removing-computers-from-a-collection-in-system-center-configuration-manager-2007-may-cause-an-unexpected-reboot.aspx

 

Near the middle

 

I'm having another headache relating to that (but not with ghost service window)

 

I have a computer with 12 service windows in servicewindowmanager.log.

        Service Window with ID = 7cb56688-692f-4fae-b398-0e3ff4413adb having Starttime=2038-01-01 00:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 00 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = {2F75E1C8-644B-4944-B744-327E065E936C} having Starttime=2014-05-15 03:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 01 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = 45dca355-3249-4845-b8aa-72d0e604548e having Starttime=2014-05-14 22:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 07 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = 87e4759c-2884-45e6-9261-c33ba53f596c having Starttime=2014-05-15 22:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 07 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = 36da6950-3d1e-4027-be0e-7b16a4daee7e having Starttime=2014-05-16 22:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 02 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = 028bfbc0-7120-4081-a268-0e664a92ac4a having Starttime=2014-05-17 00:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 1 days, 00 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = {84F7DA98-6A89-4D8E-A008-0C8FCC65525E} having Starttime=2014-05-19 03:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 01 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = 90a5f436-364c-48c7-8dc7-c5014abcbea8 having Starttime=2014-05-18 00:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 1 days, 05 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = {E00EF57C-D58D-4457-9AD5-70611A2C22FD} having Starttime=2014-05-20 03:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 01 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = ad27b0ca-8c74-43c7-8200-1f601880bd75 having Starttime=2014-05-19 22:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 07 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = {224E48DF-F10B-4C17-AEB5-A95530ADCC41} having Starttime=2014-05-21 03:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 01 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

        Service Window with ID = 49fd80be-ac4b-4877-974d-ecd09958926d having Starttime=2014-05-20 22:00:00	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)
            Duration is 0 days, 07 hours, 00 mins, 00 secs	ServiceWindowManager	2014-05-14 05:28:47	1380 (0x0564)

The first one is a dummy (that is there for everyone)

 

Then, we can easily sees all Business Hours maintenance windows (the IDs isn't included between {} ). There's 7 of these, and are related to business hours monday to friday 5 am to 10 pm, default settings.

 

Then, I have my maintenance windows, where IDs are between {}.

 

There is 4 maintenance windows on my collection, from 3 am to 4 am on monday, tuesday, wednesday and thursday.

 

This is cleared showed there.

 

Now, if my understanding is correct, and by the blog here: http://blogs.technet.com/b/server-cloud/archive/2012/03/28/business-hours-vs-maintenance-windows-with-system-center-2012-configuration-manager.aspx

 

When you deploy required something with a deadline on a computer with no maintenance window, it will be enforced at the deadline and install. If there's business hours, it will install outside of business hours or at deadline, the first occurence. If there's a maintenance window, it will wait for the maintenance windows even if it's after the deadline.

 

Now, since business hours are also maintenance window, my understanding on how the agent determine the difference is with the {} in the IDs.

 

Regardless of all that, here is what's happening with the computer with the maintenance windows stated up.

 

If I check the WUAHandler.log, I get this:

Going to search using WSUS update source.	WUAHandler	2014-05-14 06:00:30	3488 (0x0DA0)
Synchronous searching of all updates started...	WUAHandler	2014-05-14 06:00:30	3488 (0x0DA0)
Successfully completed synchronous searching of updates.	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
1. Update: 0d9343d5-ff78-41d0-bd18-a5015660955e, 202   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: b435bfc6-5ba8-43a1-8b7e-d7cc33c8c981, 202   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
2. Update: 2c8a94fa-4412-4ac7-b4b7-69ecc74019cb, 203   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: 094b52b7-9deb-4dda-bd7a-84fb03387037, 201   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
3. Update: 8c7053f7-3db5-4a84-895e-8768930e3f2b, 201   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: f4f2574d-ea00-4780-8175-06f8ee5f045b, 201   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
4. Update: 8ef4b78f-599e-4b8a-88d6-69ca408339d8, 201   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: 283292ff-52ea-42a3-b47f-cfe404d3b558, 201   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
5. Update: c6bf131f-be90-438c-ba58-a732368d8a96, 201   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: 5cb57cd5-b3c6-4659-9fc2-76968a465999, 201   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
6. Update: f4971089-6267-4e29-8c7b-2515659dfec7, 201   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: 38fd9300-89a7-4baf-b207-3f3800fcd6f1, 201   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
7. Update: fe81ecb6-6b64-450b-a2a6-f3bf4b124556, 201   BundledUpdates: 1	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
       Update: e0bbbb82-b620-4494-b2f7-6ed7891eae45, 201   BundledUpdates: 0	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
1. Update (Missing): Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB2936068) (0d9343d5-ff78-41d0-bd18-a5015660955e, 202)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
2. Update (Missing): Mise à jour de sécurité pour Windows XP (KB2922229) (2c8a94fa-4412-4ac7-b4b7-69ecc74019cb, 203)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
3. Update (Missing): Mise à jour de sécurité pour Word 2003 (KB2878303) (8c7053f7-3db5-4a84-895e-8768930e3f2b, 201)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
4. Update (Missing): Mise à jour de sécurité pour Internet Explorer 7 pour Windows XP (KB2964358) (8ef4b78f-599e-4b8a-88d6-69ca408339d8, 201)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
5. Update (Missing): Mise à jour de sécurité pour Microsoft Silverlight (KB2932677) (c6bf131f-be90-438c-ba58-a732368d8a96, 201)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
6. Update (Missing): Mise à jour de sécurité pour Windows XP (KB2930275) (f4971089-6267-4e29-8c7b-2515659dfec7, 201)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
7. Update (Missing): Mise à jour de sécurité pour Windows XP (KB2929961) (fe81ecb6-6b64-450b-a2a6-f3bf4b124556, 201)	WUAHandler	2014-05-14 06:01:43	3488 (0x0DA0)
Async installation of updates started.	WUAHandler	2014-05-14 06:01:48	3488 (0x0DA0)
Update 1 (0d9343d5-ff78-41d0-bd18-a5015660955e) finished installing (0x00000000), Reboot Required? Yes	WUAHandler	2014-05-14 06:02:33	2360 (0x0938)
Update 2 (2c8a94fa-4412-4ac7-b4b7-69ecc74019cb) finished installing (0x00000000), Reboot Required? Yes	WUAHandler	2014-05-14 06:02:36	3540 (0x0DD4)
Update 3 (8c7053f7-3db5-4a84-895e-8768930e3f2b) finished installing (0x00000000), Reboot Required? Yes	WUAHandler	2014-05-14 06:03:02	2504 (0x09C8)
Update 4 (8ef4b78f-599e-4b8a-88d6-69ca408339d8) finished installing (0x00000000), Reboot Required? Yes	WUAHandler	2014-05-14 06:03:05	484 (0x01E4)
Update 5 (c6bf131f-be90-438c-ba58-a732368d8a96) finished installing (0x00000000), Reboot Required? No	WUAHandler	2014-05-14 06:03:50	1852 (0x073C)
Update 6 (f4971089-6267-4e29-8c7b-2515659dfec7) finished installing (0x00000000), Reboot Required? Yes	WUAHandler	2014-05-14 06:03:56	3760 (0x0EB0)
Update 7 (fe81ecb6-6b64-450b-a2a6-f3bf4b124556) finished installing (0x00000000), Reboot Required? No	WUAHandler	2014-05-14 06:03:59	3992 (0x0F98)
Async install completed.	WUAHandler	2014-05-14 06:03:59	2108 (0x083C)
Installation of updates completed.	WUAHandler	2014-05-14 06:03:59	2612 (0x0A34)
Scan results will include all superseded updates.	WUAHandler	2014-05-14 06:03:59	2196 (0x0894)
Search Criteria is ((DeploymentAction=* AND Type='Software' AND CategoryIDs contains '0FA1201D-4330-4FA8-8AE9-B877473B6441') OR (DeploymentAction=* AND Type='Software' AND CategoryIDs contains '1403F223-A63F-F572-82BA-C92391218055'))	WUAHandler	2014-05-14 06:03:59	2196 (0x0894)
Async searching of updates using WUAgent started.	WUAHandler	2014-05-14 06:03:59	2196 (0x0894)
Async searching completed.	WUAHandler	2014-05-14 06:04:49	1204 (0x04B4)
Successfully completed scan.	WUAHandler	2014-05-14 06:04:51	3864 (0x0F18)
Its a WSUS Update Source type ({5E1E7D40-2D08-43CA-A97F-997750FC54C2}), adding it.	WUAHandler	2014-05-14 07:18:17	2516 (0x09D4)

As we can see, it installed update at 6 am this morning, from a deployment I made where the deadline is in 5 days. Why would he do that? It's right into the business hours, outside maintenance windows and outside deadline.

 

The only thing I could think that the update installed is if the user clicked on "install now", but I can't find where this would be logged.

Share this post

Link to post
Share on other sites
nodiaque Newbie

nodiaque

Posted
Posted

Ok, I just tested with the maintenance window by removing the computer from a collection and it did lost the maintenance. What I think is happening is that it came from SCCM 2007 maintenance window that were migrated to 2012, a bit like this guy: http://blog.tyang.org/2011/08/16/orphaned-maintenance-windows-for-sccm-clients/

 

I'm currently investigating to see if there's other computer in that boat.

 

Still, I'm still struggling to understand why the other computer (previous post) have installed updates at 6 am this morning.

Share this post

Link to post
Share on other sites
Israr Raja Newbie

Israr Raja

Posted
Posted

Hi, it sounds like a bug with migrated objects because i have a problem with migrated collections too. Any collections i migrated from cm07 to cm12r2 will automatically update their membership according to their old full update schedule even if i untick the box to not schedule an update at all. so changes are not being applied correctly in the background even though it looks like they are. newly created collections are ok. so you could try creating a new collection as a workaround and see if it updates changes to the clients mw's correctly? if it does, just ditch the old collections.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.