Azure Update Manager for VM and ARC

Andres Bohren
Azure Update Manager for VM and ARC

Hi All,

For my Exchange Server Lab i have some Machines running in Azure. Recently i have added some OnPrem Servers with Azure Arc. Now these Machines need updates and i figured out i should test Azure Update Manager for that.

Check for updates

I have opened Azure Update Manager in the Azure Portal and selected “Check for updates”

Now i can select the Machines i want to examine

Update Shedule

While the Update Check is running i create an Update Shedule

I use a Shedule every Week on Wednsday Evening (Microsoft Patchday is every Month on the second Thuesday of the Month)

You can filter by several diffrent Options. In a Production Environement it would make sense to add some Patching Tags and filter by them with diffrent Shedules. I do a simple Shedule and don’t filter to include all Machines.

This changes the Patch orchestration on the Virtual Machines

I don’t add any additional Resources

Review

Create Shedule

One-time update

To install the Updates without waiting for the Shedule i can use the “One-time update” Option and select “Install now”

Select all the Azure VM’s and the ARC Connected Machines

Didn’t change anything here

Set the Reeboot and Maintenance Window

Review

One-time Updates are submitted

Machines

The Machines can be filtered in this view

Azure ARC Issue

I had an issue with one of my Azure Arc connected Servers - it showed no Update status

So i had a closer look at this Machine - there is a big error with a Logfile

So i checked the Log

C:\ProgramData\GuestConfig\extension_logs\Microsoft.SoftwareUpdateManagement.WindowsOsUpdateExtension

[2464+00000001] 20.03.2024 23:17:23 [Info] [ActivityId=00000000-0000-0000-0000-000000000000][MachineName=ICESRV04] The extension is being called with valid argument, loggers are initialized. [Argument=Enable][ExtensionVersion=1.0.18.0][HandlerEnvironment=LogFolder: "C:\ProgramData\GuestConfig\extension_logs\Microsoft.SoftwareUpdateManagement.WindowsOsUpdateExtension", ConfigFolder: "C:\Packages\Plugins\Microsoft.SoftwareUpdateManagement.WindowsOsUpdateExtension\1.0.18.0\RuntimeSettings", StatusFolder: "C:\Packages\Plugins\Microsoft.SoftwareUpdateManagement.WindowsOsUpdateExtension\1.0.18.0\status", HeartbeatFile: "C:\Packages\Plugins\Microsoft.SoftwareUpdateManagement.WindowsOsUpdateExtension\1.0.18.0\status\HeartBeat.Json"][SequenceNumber=3]
[2464+00000001] 20.03.2024 23:17:23 [Info] [ActivityId=00000000-0000-0000-0000-000000000000][MachineName=ICESRV04] The extension has read the input settings. [Argument=Enable][ExtensionVersion=1.0.18.0][SequenceNumber=3][InputSettings={
  "activityId": "5d62f342-497b-465b-8335-7df9e2073164",
  "startTime": "2024-03-20T23:17:09.3397066Z",
  "action": "Assessment"
}]
[2464+00000001] 20.03.2024 23:17:23 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Enabling Handler: [SequenceNumber=3]
[2464+00000001] 20.03.2024 23:17:23 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Checking if sequence number has changed. [SequenceNumber=3][HasSequenceNumberChanged=True]
[2464+00000001] 20.03.2024 23:17:23 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Checking if previous job is running when the extension is enabled. [SequenceNumber=3][IsJobRunning=False]
[2464+00000001] 20.03.2024 23:17:24 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Handler started new process to perform [Operation=Assessment][ProcessId=[6568]
[6568+00000001] 20.03.2024 23:17:25 [Error] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Operation invoked on the extension. [OperationType=Assessment]
[6568+00000001] 20.03.2024 23:17:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Checking if machine is managed by SCCM.[AssignedSiteCodeRegValue=][ProductVersionRegValue=][SoftwareUpdatesRegPathPresent=False]
[6568+00000001] 20.03.2024 23:17:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] RegistryManager updated registry key [IsJobRunning] with value [True].
[6568+00000001] 20.03.2024 23:17:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Beginning Assessment: GetAvailableUpdates. [Operation=Assessment]
[6568+00000001] 20.03.2024 23:17:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Assessment operation started. [Operation=Assessing][OSVersion=10.0.14393.0][ApprovalSource=WU_WSUS]
[6568+00000001] 20.03.2024 23:17:25 [Verbose] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Cancellation request is checked and Cancellation is not requested. [Operation=Installing]
[6568+00000001] 20.03.2024 23:17:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] In MaintenanceWindowManager, calculating remaining time [TimeLeft=59.7226533783333][CutOffTime=15][IsEnoughTimeToContinue=True]
[6568+00000001] 20.03.2024 23:17:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Search for updates completed.[ActivityId=Assessing][TimeElapsedSoFarInMs=5d62f342-497b-465b-8335-7df9e2073164]
[6568+00000001] 20.03.2024 23:17:55 [Verbose] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Cancellation request is checked and Cancellation is not requested. [Operation=Installing]
[6568+00000001] 20.03.2024 23:17:55 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] In MaintenanceWindowManager, calculating remaining time [TimeLeft=59.2225081666667][CutOffTime=15][IsEnoughTimeToContinue=True]
[6568+00000001] 20.03.2024 23:17:55 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Search for updates completed.[ActivityId=Assessing][TimeElapsedSoFarInMs=5d62f342-497b-465b-8335-7df9e2073164]
[6568+00000001] 20.03.2024 23:18:25 [Verbose] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Cancellation request is checked and Cancellation is not requested. [Operation=Installing]
[6568+00000001] 20.03.2024 23:18:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] In MaintenanceWindowManager, calculating remaining time [TimeLeft=58.7224339016667][CutOffTime=15][IsEnoughTimeToContinue=True]
[6568+00000001] 20.03.2024 23:18:25 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Search for updates completed.[ActivityId=Assessing][TimeElapsedSoFarInMs=5d62f342-497b-465b-8335-7df9e2073164]
[6568+00000003] 20.03.2024 23:18:34 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Search for updates completed.[Operation=Assessing][ActivityId=5d62f342-497b-465b-8335-7df9e2073164][TimeElapsedSoFarInMs=69006]
[6568+00000001] 20.03.2024 23:18:34 [Verbose] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Cancellation request is checked and Cancellation is not requested. [Operation=Installing]
[6568+00000001] 20.03.2024 23:18:34 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] In MaintenanceWindowManager, calculating remaining time [TimeLeft=58.57529915][CutOffTime=15][IsEnoughTimeToContinue=True]
[6568+00000001] 20.03.2024 23:18:34 [Verbose] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Cancellation request is checked and Cancellation is not requested. [Operation=Installing]
[6568+00000001] 20.03.2024 23:18:34 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] In MaintenanceWindowManager, calculating remaining time [TimeLeft=58.57529915][CutOffTime=15][IsEnoughTimeToContinue=True]
[6568+00000001] 20.03.2024 23:18:34 [Error] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Windows update API threw a COM exception. [Operation=Assessing][HResult=0][Exception=System.Runtime.InteropServices.COMException (0x80240438): Exception from HRESULT: 0x80240438
   at WUApiLib.IUpdateSearcher.EndSearch(ISearchJob searchJob)
   at Microsoft.Azure.Extensions.UpdateExtension.UpdateExtensionCore.UpdateAssessment.BeginSearch(IUpdateSearcher searcher, String searchCriteria, ICancellationRequestManager cancellationRequestManager, IMaintenanceWindowManager maintenanceWindowManager, ManualResetEvent mre)
   at Microsoft.Azure.Extensions.UpdateExtension.UpdateExtensionCore.UpdateAssessment.WindowsUpdateSearch(IUpdateSearcher searcher, String searchCriteria, ICancellationRequestManager cancellationRequestManager, IMaintenanceWindowManager maintenanceWindowManager, String logEventName)]
[6568+00000001] 20.03.2024 23:18:34 [Error] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Assessment failed: [Operation=Assessing][TotalTimeInMilliSeconds=69078][Exception=Microsoft.Azure.Extensions.UpdateExtension.Common.UpdateManagementException: Windows update API threw an exception while assessing the machine for available updates. HResult: 0x0.. For information on diagnosing this error, see: https://aka.ms/TroubleshootVMGuestPatching.
   at Microsoft.Azure.Extensions.UpdateExtension.UpdateExtensionCore.UpdateAssessment.WindowsUpdateSearch(IUpdateSearcher searcher, String searchCriteria, ICancellationRequestManager cancellationRequestManager, IMaintenanceWindowManager maintenanceWindowManager, String logEventName)
   at Microsoft.Azure.Extensions.UpdateExtension.UpdateExtensionCore.UpdateAssessment.GetAvailableUpdates(ICancellationRequestManager cancellationRequestManager, IMaintenanceWindowManager maintenanceWindowManager)]
[6568+00000001] 20.03.2024 23:18:34 [Error] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Update core caught exception.[Exception=Microsoft.Azure.Extensions.UpdateExtension.Common.UpdateManagementException: Failed to assess the machine for available updates: ActivityId = [5d62f342-497b-465b-8335-7df9e2073164], Operation=[Assessment], Reason:[Windows update API threw an exception while assessing the machine for available updates. HResult: 0x0.. For information on diagnosing this error, see: https://aka.ms/TroubleshootVMGuestPatching.].
   at Microsoft.Azure.Extensions.UpdateExtension.UpdateExtensionCore.UpdateAssessment.GetAvailableUpdates(ICancellationRequestManager cancellationRequestManager, IMaintenanceWindowManager maintenanceWindowManager)
   at Microsoft.Azure.Extensions.UpdateExtension.UpdateManagementActionExec.Program.Enable(InputUpdateParameters parameters, ExtensionResult extensionResult)]
[6568+00000001] 20.03.2024 23:18:34 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] Final status of the operation. [Operation=Assessment][Status=error][ErrorCount=1]
[6568+00000001] 20.03.2024 23:18:34 [Info] [ActivityId=5d62f342-497b-465b-8335-7df9e2073164][MachineName=ICESRV04] RegistryManager updated registry key [IsJobRunning] with value [False].

Turned out, there where still some Settings in Windows Update. Checked the GPO but there was nothing for Windows Updates defined

I then checked the Registry and found some old Values. Deleted everything here and in the AU Folder except the Default Value

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

Summary

After that i was able to install the Updates. All Machines are green and up to date

Machines don’t have pending updates

All the Actions can be found in the “History”

Now you know how to use Azure Update Manager and use the Cloud to even Update your Azure Arc connected OnPrem Servers.

Happy updating 😁

Regards
Andres Bohren

Azure Logo