Windows updates found but not installed

astrakid · February 22, 2020, 2:38pm

hi,
i tried to update some sql-servers with ansible (awx).
overall it worked fine, but some updates (latest sql-server 2016 sp2 and .bnet-framework) werde detected referring to windows updsate logfile but not installed.
whe installing those updates manually on some servers ifound further updates for office that have not been installed.

how can i install those updates by windows update module in ansible? i tried different categories for the update, but it didn’t change anything.
any help would be appreciated.

kind regards,
andre

dan_linder · February 23, 2020, 8:15pm

Can you include a simplified playbook showing the steps you’re performing?

Were the systems pending a reboot from a previous update?

astrakid · February 24, 2020, 4:13am

hi,
there should not be a pending reboot, because i rebooted the servers before and tested lots of things.
this is the playbook:

`

name: Install Windows Updates
hosts: all
tasks:
name: Install all security, critical, and rollup updates without a scheduled task
win_updates:
category_names:
SecurityUpdates
CriticalUpdates
ServicePacks
UpdateRollups
server_selection:
windows_update
reboot: yes
reboot_timeout: 3600
become: yes
become_method: runas
become_user: SYSTEM

`

astrakid · February 25, 2020, 1:00pm

hi, i had a look into the issue again.
it seems that some updates were filtered because of the categories. that is ok (.net is featurepack). but i don’t know why the sql server sp2 gdr wasn’t found (https://support.microsoft.com/en-us/help/4532097/description-of-the-security-update-for-sql-server-2016-sp2-gdr-feb)

any idea? manually i was able to install it on the server, it was found immediately when searching for updates.

dan_linder · February 29, 2020, 8:50pm

I’d suggest removing the category_names and server_selection fields and see if the missing patches are applied. I don’t do Windows patching, but it might be that the “sql server sp2 gdr” is in a different category or server selection.

The “category_names” looks like it is a dynamic list that is dependent on the Windows system being patched. The documentation for the “win_updates” module states that the possible category names can be produced by running the module in “state=searched” - possibly that would help you find a missing category name?

astrakid · March 1, 2020, 5:02pm

When the category is not set the default is used, which is [“CriticalUpdates”, “SecurityUpdates”, “UpdateRollups”].
will try with state=searched and test if the update is installed with the category set what state=searched gives me.

thanks for your support,
regards,
andre

Topic		Replies	Views
Unable to install Windows Updates using Ansible 'win_update' Module Ansible Project windows	3	2	June 28, 2018
Ansible.windows.win_updates not installing every update Get Help windows	1	105	December 2, 2024
Can we selectively install Windows Updates with Ansible Ansible Project windows	2	3	January 3, 2023
Searching / Installing Existing Updates Ansible Project windows	0	0	June 5, 2018
Using Ansible to update Windows servers Ansible Project windows	4	1	March 30, 2015

Windows updates found but not installed

Related topics