Re: Vulnerability is Office XP Work Perfect
Shaun Pond
if you click on the error message in the deployment it should take you
to another page with a more detailed explanation
--
Shaun Pond
Shaun Pond
then you click on the last run status...
--
Shaun Pond
Shaun Pond
looks like a problem with the package content - select the
vulnerability and choose "update cache" and try again when it's done...
--
Shaun Pond
Shaun Pond
usually a few minutes: if you go to "vulnerabilities" then click on
"packages", you can see when packages are actually cached...
--
Shaun Pond
Shaun Pond
take a look at the logs...
--
Shaun Pond
Shaun Pond
well they have moved around somewhat with different versions/SPs, but
it's currently in c:\program files\novell\replication services - it's
the plfw.log and default.log that are the most useful
--
Shaun Pond
shandi
Would that be on the computers that cannot get the patch?
--
shandi
------------------------------------------------------------------------
shandi's Profile: http://forums.novell.com/member.php?userid=58195
View this thread: http://forums.novell.com/showthread.php?t=379323
Shaun Pond
that's on the server
--
Shaun Pond
Shaun Pond
what version are you running?
--
Shaun Pond
Shaun Pond
odd - they should be there. What about under patchlink?
--
Shaun Pond
Shaun Pond
I meant, logs under the patchlink directory - do a search for plfw.log
--
Shaun Pond
Shaun Pond
plfw.log
--
Shaun Pond
Shaun Pond
how about default.log? They have to be there somewhere...
--
Shaun Pond
Shaun Pond
the server has to write to those files - I'm scratching my head as you
can imagine.
HKLM\Software\Patchlink\Update Server - should have the install path
inthere at least?
--
Shaun Pond
Shaun Pond
well that's fine for a managed device, but not for the ZPM server...
--
Shaun Pond
Shaun Pond
I still need those logs
--
Shaun Pond
Shaun Pond
on the Windows 2003 Server that's acting as the ZPM server, believe me,
they're there somewhere... did it get installed on a different disk
than C:?
--
Shaun Pond
Shaun Pond
yes, that's where the updates write their install logs. I'm still
baffled by the lack of logs on your server...
--
Shaun Pond
Shaun Pond
those just show that those old patches installed OK. Right let's go to
the heart of the matter: on the server, look in
HKEY_LOCAL_MACHINE\SOFTWARE\PatchLink.com\DistributionService
the key "LogLocation" will tell us where to go look for plfw.log and
defailt.log
--
Shaun Pond
Shaun Pond
on the ZPM 6.4 server?
--
Shaun Pond
Shaun Pond
yes please, and I look forward to hearing where they were all this
time! :)
--
Shaun Pond
Shaun Pond
that's definitely showing that your server cannot communicate to the central server. "ERROR SSLCONNECT: CONNECT FAILED".
Do you have any restrictions on how your server can get through the firewall?
You can try this: see the addresses in here
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3653112
and add an entry to hosts for one of the server that's different to the one you get from DNS
novell.patchlinksecure.net x.x.x.x
stop the replication service
do ipconfig /flushdns
and restart the replication service
--
Shaun Pond
Shaun Pond
umm... this thread was back in August... has the problem never
resolved, or has it started again?
--
Shaun Pond
Shaun Pond
so you have no new patches since August? OK, so how far back do you
want me to go? Do you know what the HOSTS file is used for in Windows?
--
Shaun Pond
Shaun Pond
the last thing we were talking about in this thread before it was left
was you not getting new vulnerabilities downloaded, so I am confused
now
--
Shaun Pond
Shaun Pond
I'm concerned that your lack of some basic knowledge, such as the
purpose of the HOSTS file, is making your job more difficult for you
than it needs to be: I wonder if it would be worth speaking to your
employer about some extra Windows training to plug the gaps?
See http://en.wikipedia.org/wiki/Hosts_file for the HOSTS file.
--
Shaun Pond
Shaun Pond
that was most of this thread, but we can move on - you're still saying
that this vulnerability gives a 190C error? Have you re-cached it?
--
Shaun Pond
Shaun Pond
let's try to look at this when we do the webex
--
Shaun Pond
Shaun Pond
OK, is this the only deployment that fails to these machines?
--
Shaun Pond
Shaun Pond
could you rephrase that?
--
Shaun Pond
Shaun Pond
OK, so the 190C error - what's the detailed error description on these
machines?
--
Shaun Pond
Shaun Pond
for this one, it's checking for the existence of wpft532.cnv in the
path \Microsoft Shared\TextConv under the directory shown in
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion,CommonFilesDir
--
Shaun Pond
Shaun Pond
can you send me the detection log from one of those two please?
--
Shaun Pond
Shaun Pond
I only got it once :) I did a double-check, and the log bears me out -
wpft532.cnv should have a modification date >= January 23 2004, and
yours is '07/15/2003' - what happens if you manually apply the update,
and specify /n:v on the command-line? It should install over any
version then. I am wondering if, for some reason, your Wordperfect
converter was overwritten by an older version...
--
Shaun Pond
Shaun Pond
yeah, or download it from MS, or, and here's the clever thing... you
can just deliver it to the machine by specifying -pldo in the
deployment flags, and it will just drop it to windows\temp then it can
be manually run
--
Shaun Pond
Shaun Pond
OK, ticket 091208-000000 raised for this
--
Shaun Pond
Shaun Pond
they're working on this now
--
Shaun Pond
Shaun Pond
no, but I doubt if it comes top of the list, and there's been the
Christmas break...
--
Shaun Pond
Shaun Pond
asking...
--
Shaun Pond
Shaun Pond
they tell me "Yes we do have an update. Please Install MS09-010 960477 933399 (English/MUI) Security Update for Microsoft Word 2002 on systems needing this package as it supersedes MS04-027- which will be changed to a Critical 05."
--
Shaun Pond
Shaun Pond
yes, and critical-05 means it's superseded. Generally, you can disable
critical-05 patches. They remain in the list, for example because some
companies (say banks) like to be 100% in control over which patches are
deployed in their environment, and new patches need to be "approved"
before roll-out, and the old patch may be the approved one.
--
Shaun Pond
Shaun Pond
> Okay, So i'm supposed to deploy the MS09-010 960477 933399 patch to the
> devices that aren't working?
>
yes please, and then I can go back and say "ya boo sucks, that didn't
work"
--
Shaun Pond
Shaun Pond
define "worked"? It would be useful to have details of what you did,
and what did, or did not, happen
--
Shaun Pond
Shaun Pond
not deploying, or deploying and still saying it's vulnerable?
--
Shaun Pond
Shaun Pond
since this thread has been gong on for some months now, could you
remind me please of the exact name of the vulnerability with which
you're still having an issue?
--
Shaun Pond