Environment
Novell ZENworks Patch Management 11
Novell ZENworks Patch Management 2017
Situation
How to get verbose debug logging from LM.Detection.exe
Note: Note: It may be necessary to first delete HKEY_LOCAL_MACHINE\SOFTWARE\Patchlink.com\cache SYSTEM_HASH entry so that the logging is bypassing the cache.
Resolution
- Rename registry value HKEY_LOCAL_MACHINE\SOFTWARE\Patchlink.com\cache entry to bypass cache and rescan fully.
- Run lm.detection_x64 /r /l 4 /d 0 /e "tmpScan" and collect lm.detection.log
In addition to above sometimes it helps to run analyze -d and collect analyze_results.txt and debug*.log.
Also collect \windows\logs\cbs and \windows\logs\dism *.log files for Microsoft Windows patch scan information.
For individual patch verbose log (this is not as verbose as above steps):
- Look in registry HKEY_LOCAL_MACHINE\SOFTWARE\Patchlink.com\Discovery Agent\NativeScan search below for the name of the patch to test. Example: 2018-02 Security Only Quality Update for Windows 7 x64 (KB 4074587) is found under HKEY_LOCAL_MACHINE\SOFTWARE\Patchlink.com\Discovery Agent\NativeScan\038b7343-567a-489c-9a7b-99359061b585
- Or do a database query to get the guid from patch signature table.
Example: select type from patchsignature where name = '2018-02 Security Only Quality Update for Windows 7 x64 (KB 4074587)' gives this: 038B7343-567A-489C-9A7B-99359061B585 (remove the brackets) - Rename the registry key above so that it will force re-scan.
- Run the following command from %ZENWORKS_HOME%\zpm directory:
LM.Detection_x64.exe or LM.Detection.exe /ErrorStdOut /registry /loglevel 4 /e /g 038B7343-567A-489C-9A7B-99359061B585
"/g" is guid of the patch. - Once the patch has run on the device
there will be a corresponding log file at the root of
"%ZENWORKS_HOME%\zpm".
Example: "lm.detection-038B7343-567A-489C-9A7B-99359061B585.log
Note: The guids are consistent across different zones, so the same patch will have the same guid for everyone.
Cause
At times the need to troubleshoot LM.Detection.exe is needed to isolate why a patch will not install.
Tips for reading the log:
Look for failure to match values in HKLM
Look for entries querying cbc, example:
_WindowsCbsPackage: RuleType='isinstalled'
_WindowsCbsPackage: Applicability: '7' CurrentState: '6'
_WindowsCbsPackage:
Result: False
for more information about CBS servicing states see https://blogs.technet.microsoft.com/tip_of_the_day/2015/10/12/tip-of-the-day-cbs-servicing-states-chart-refresher/
Additional Information
Other things to help with lm.detection. Disable PD cache in case files in workdir are corrupt. Ensure latest ospx files are present. Sometimes corruption in system %temp% files also can contribute.
In standard agent patch scanning (running DAU or zac ps), analyze.exe launches lm.detection. lm.detection writes to HKEY_LOCAL_MACHINE\SOFTWARE\Patchlink.com\Discovery Agent\NativeScan registry. analyze reads from that registry and writes to the .state file.