When deploying patches, the deployment tracker shows 'Scheduled' or 'Executed' but never updates with a new status.
These are some of the most common causes for this issue:
- Port 3121 is blocked and Track traffic is not making to the Protect Console.
- The Hostname, FQDN or IP address of the console cannot be resolved on the target machine.
- TLS 1.0 is disabled.
- The deployment failed to start.
1. Verify that communication from the Target to the Console is open on port 3121.
2. Use Tools > Console Alias Editor to verify the Hostname, FQDN and IP address of the console are in the list.
3. Ensure that TLS 1.0 is enabled. The deployment tracker in Protect requires TLS 1.0.
4. Once changed/verified test with another scan and deployment.
Additional information about the deployment process:
- When initiating a deployment, the patches and deployment files are copied to the target then a job is created in the scheduler. This sets the the Deployment status to 'Scheduled'. Once the deployment is running, it will send status updates to the console over port 3121 and cycle through the various status like Executing, Pending Reboot, Failed etc. If that port is blocked, the status will stay at 'Scheduled' but the deployment itself may complete without issue.
- If you have verified port 3121 is not being blocked and the the deployment is not installing patches, it's possible the something outside of Protect is causing the issue. This can be caused by Anti Virus or locked down security features on a machine. A common issue is the System Account being locked down.
- The hard drive space may be full on the target machine and clearing out the old files in C:\Windows\ProPatches to free up space for the deployment job.