- Apply LATEST ROLLUP unless you are on using the version included with ManagementSuite 8.8.http://community.landesk.com/support/docs/DOC-3425 If you are using LANDesk ManagementSuite 8.8 then apply SP3.
This document assumes you can login to the Process Designer. If you cannot get logged into the console at all, then chances are your Active Directory connections are not configured correctly. I would highly suggest reading This Doc
If you have not yet watched the tutorial that comes with the product, I would highly suggest doing so as it shows you exactly how to do all of the steps to get this to work. You can access this tutorial by going into LDMS and into the Security & Patch Manager tool, and then press the Download Updates button (first button on toolbar) and then press the tutorial button about 3/4 of the way down.
Does workflow validate (Press the Green Circle with check mark button in LPM console on the Validation Results tab, and once the box below it stays blank, everything is setup properly. If items remain in the box below then they require your attention as some of the settings on them still need to be configured. Just double click an item in the list and it will take you to that action.)
Make sure workflow is saved
Run the test on the listener config screen (Configure -- Event Listeners -- Edit Button -- Test button at bottom left.)
Retype the listener password (On the same screen this is the password field labeled "User Password:" -- this needs to be the password for the above listed user to the LDMS database)
Does the Patch Integration checkbox in LDMS enable? (Or does an error come up and then the checkbox not stay clicked?) If the box does not stay clicked then make sure your workflow validates and then manually start the listener. You can do this by going to the listener (Configure Menu -- Event Listeners -- Edit Button -- Details Tab, Start listener button.) If the button is grayed out then the test is failing. Make sure the Test button on the Settings tab will pass and then press OK to save the listener and then go back in and you should then be able to press the Start Listener button. If the test fails try re-typing the password there.
Check the LPM Web Application (From LPM Designer go to Tools-- Web Application), go to the Calendar view and click on today. Are there any workflows for today?
If you do see something but it seems to have ended without doing anything then click the Audit history tab, and then click the plus sign or triangle to expand the view, you should see the exact status of the workflow. Usually it gets hung up on the Decision that checks to see if any vulnerabilities were actually downloaded last time VAMiner ran.
If you didn't see anything (Or want to force the whole process to run through again) Reset the Revision on some patches in the
LDMS database
NOT The LPM Database.
UPDATE Vulnerability SET Revision = 0 WHERE Vul_ID LIKE 'MS08-%' UPDATE PatchAuditTrail SET Workflow = 1 GO
(This will force VAMiner to re-download all MS08-* Vulnerabilities)
DO NOT continually run this command as it will make Patch Manager process all of these vulnerabilities every single time. It is OK to run it as many times as you want during TESTING, just not PRODUCTION
You should see a message similar to this if it
Worked:: (Although the row counts may differ, that is ok)
(59 row(s) affected) (81 row(s) affected)
If you see any of these
Errors:Invalid object name 'Vulnerability'.
or
Invalid object name 'PatchAuditTrail'.
Then you are running the commands against the
LPM Workflow Database.You need to run these commands against the
LDMS database.Also make sure your SQL commands are copied exactly as above.
Run a vulnerability update (VAMiner)
Remember that LPM will process only the vulnerabilities that were downloaded on the last vulnerability definition update, so if your defs are already up to date, and you re-run the definition update, it will not download any new vulnerability defs, and thus the LPM process will not run all the way through as it will detect that there were no new vulnerabilities downloaded last pass. This is why we reset the revision column on some of the vulnerabilities -- that will force VAMiner to redownload them, and thus force LPM to process the same vulnerabilities aslo.
Re-Check the LPM web console on the calendar view to see if anything has ran for today.
Have a look in the Task Engine log file for exceptions or other information (C:\Program Files\LANDesk\Process Manager\TaskEngine\LANDesk.Workflow.TaskEngine.log)
You should also see the custom group created in the LDMS console (under Security & Patch Manager) and also a job created in the scheduler.