1 of 1 people found this helpful
It all depends on the type of scan that you have in your Ageng Policy. Here is a link explaining why you get different scan results from Windows Updates and Protect Scans.
"It appears you're not allowed to view what you requested. You might contact your administrator if you think this is a mistake."
A Windows Update scan has the ability to show missing Security Patches, Non-Security Patches, Security Tools, driver updates, and sometimes patches that aren't publicly downloadable.
Depending on what Scan Template you are using in Protect, the results will vary. The built-in security patch scan will only show missing security patches. The built-in WU scan will show missing security patches and non-security patches. And please note - we don't always include all non-security patches in our XML data right away either, as security patches take precedence.
You can always create a Custom Scan Template, and check security patches, non-security patches, and security tools for the most robust scan.
If you still are seeing unexplainable differences, please send list the KB article numbers of the patches that Windows Update shows as missing (but Protect doesn't), and I can research them and find out why Protect isn't supporting them.
Here they are:
I run a custom scan which incluses Security and Non-Security patches
Windows Update is patched
Agent reports these are missing:
I ran a local Update Patch Data through the agent, rescanned locally and the new results show in the console.
Could I be missing a firewall port opening?
No danh2010, This should not be the case. I run into this quite a bit myself. Typically what happens is that Shavlik doesn't have their xml file coded correctly so those patches are missing But Shavlik does not realize it. Very hard process to convience shavlik also
Steps to send Shavlik.
1st. Clear out your logs on your server. Being 2008, it should be "c:\programdata\LANDesk\Shavlik Protect\Logs\" You will also have to stop your agent services, Stagent.exe, and stdispatch and stop the stagentui.exe Processes. Then you can delete out all logs in the log folder, then start back your stagent service will will start the dispatch also Then find in yoru start menu the shavlik agent and reopen it.
2nd. Verify that your Agents are up to date with patch definitions and run your full scan.
3rd. Providing they are still missing, take your logs and attach those to a new case to shavlik. Tell them that Windows update see's these as missing and you guys don't. Then they will investigate and find there faults in the XML file and fix the problem in the next update.
I typically have the opposite problem, Patches are usually already installed but the XML file says they are not and keeps trying to install them. I generally go throught his process at least 3 times a month so i know this process very very well. Once you do this just sit back and wait for them to fix it. It's mind blowing what you have to do to prove you are correct in your findings but these steps work everytime and they dont question you up one side and down the other when you do these steps.
I am having the same problem with agent reporting as missing certain patches that are applied.