Simeon_Hemus
Copper Contributor
Joined 5 years ago
User Profile
User Widgets
Recent Discussions
Update Compliance not getting updated info from clients
I have an issue with Update Compliance, After a month or so since i deployed the Update Compliance Script on several computers, which configures several Registry Settings of which one of them is the CommecialId of my Log Analytics Workspace in registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection\CommercialId I am now finding that some of the computers have lost this Commercial ID Registry setting and i have to redeploy the Update Compliance Script. Does anyone know what is going on here? Also after i have redeployed it, there may be some other issues because now it doesn't seem to be updating the Log Analytic WorkSpace with the latest information of the update status, as an example i've updated my computer and it is fully up-to-date, but in the Update Compliance Dashboard it is showing the computer as not-up-to-date. I tried Regenerating the Commerical ID and redeploying the Update Compliacen Script updating the CommecialID with the new one, but for some reason the clients are not updating their update status. I also tried creating a Configuration Profile in Intune to push out theOMA-URI Settings that the article talks about: Manually configuring devices for Update Compliancebut this still doesn't fix the issue. I've tried following the troubleshooting steps in the Microsoft Articles, but can't seem to get anywhere. Any Troubleshootingsteps or articles that people have would be helpful. Thank you,1.5KViews0likes1CommentUpdate Compliance - Query on Specific Security Updates
I'm just trialling out Update Compliance and i can't seem to find any specific queries that i can put into the Log Analytics to return what security updates are actually installed on the computers that are reporting to "Update Compliance". Microsoft send us emails about all of the Critical updates we need to have installed on our desktop fleet but how do you know if these updates are actually installed if it doesn't actually tell you what KB Updates are installed or not. It appears that Update Compliance only reports on whether the computer is up-to-date according to what the update ring is configured, so this is taking into account the Service Channel & the Quality update deferral period, so if there is a new Critical Microsoft Update, it doesn't get installed until the deferral date expires on that update ring. So am i missing something? Is there a way to actually verify whether a particular update has been installed using Update Compliance?Solved3.4KViews2likes4Comments
Groups
Recent Blog Articles
No content to show