Symptoms

Your Shavlik Protect/Ivanti Patch for Windows Servers agent performs a scan and finds a service pack missing, but does not attempt to deploy it.  Your logging will show entries like the following:

2018-07-20T17:25:32.1993466Z 3a84 I PatchWorkflowEngine.cpp:717 Found 1 missing service pack and 0 missing patch.

2018-07-20T17:25:32.1993466Z 3a84 I PatchWorkflowEngine.cpp:834 The scan did not find any missing patches or service packs to deploy.

Cause

There are a couple of reasons you may see this:

1. The patch task within your Agent Policy does not allow for the deployment of the missing service pack

A. The patch task does not have "Deploy service packs" checked

B. The patch task has "Deploy service packs" checked, but points to an SP group that does not include the missing service pack

2. The patch task is set up to deploy service packs (including the service pack in question), but the scan finds no missing patches

Resolution

1A - The patch task does not have "Deploy service packs" checked

• Set your patch task to deploy service packs by checking the "Deploy service packs" option

1B - The patch task has "Deploy service packs" checked, but points to an SP group that does not include the missing service pack

• Set your patch task to use either the "All SPs detected as missing" option or a Service Pack Group that contains the missing service pack

2 - The patch task is set up to deploy service packs (including the service pack in question), but the scan finds no missing patches

• As noted above, this is a known defect, but you can work around it by providing the scan with a consistently missing patch by editing the Patch Scan template the patch task uses to include the "Custom Actions" patch property:

Additional Information

How To: Automate Service Pack Deployment with Agents

Affected Product(s)

Shavlik Protect 9.x

Ivanti Patch for Windows Servers 9.3