vmrulz
Hot Shot
Hot Shot

Force remediation?

Jump to solution

We have a 3.5.u3 host that we remediated the other day and it hung during the remediation process for over an hour so we killed the process. It came back up showing fully compliant to our baseline. However it is not starting key services on boot so we're suspecting that patches didn't get appled properly.

Is there any way we can force VUM to re-apply all the patches in the baseline again?

Thanks!

Mother's don't let your children do production support for a living!

0 Kudos
1 Solution

Accepted Solutions
jguidroz
Hot Shot
Hot Shot

Here is what I would do. Copy all 69 patches plus the contents.xml and contents.xml.sig files to a directory on the ESX host itself or to a VMFS datastore on the SAN. Log into the server via SSH. Change directories to the directory with the patches and run esxupdate -f --test update. This should tell you which patches in the depot will be applied, and with the -f option, all patches in the directory should get applied. Then run esxupdate -f update.

Were you applying a specific update, such as Update 3 or Update 4?

View solution in original post

0 Kudos
4 Replies
petkom
VMware Employee
VMware Employee

Hi Ron,

try to copy the specific patch that you want to apply to the host manually. Then use 'esxupdate' command to apply it. Not sur, but this could help - with this command you can try to remove it also

thanks,

petko

vmrulz
Hot Shot
Hot Shot

Our baseline has 69 patches in it.. I don't know which ones didn't apply properly.. it would seem to be an easy setting to add in VUM to force re-application of patches.

Mother's don't let your children do production support for a living!

0 Kudos
jguidroz
Hot Shot
Hot Shot

Here is what I would do. Copy all 69 patches plus the contents.xml and contents.xml.sig files to a directory on the ESX host itself or to a VMFS datastore on the SAN. Log into the server via SSH. Change directories to the directory with the patches and run esxupdate -f --test update. This should tell you which patches in the depot will be applied, and with the -f option, all patches in the directory should get applied. Then run esxupdate -f update.

Were you applying a specific update, such as Update 3 or Update 4?

View solution in original post

0 Kudos
vmrulz
Hot Shot
Hot Shot

Thanks that looks like a good alternative.. we found that the issue was some old software that hung during boot and was affecting key services.

Thanks for the reply!

Mother's don't let your children do production support for a living!

0 Kudos