SOLVED
Home

OMS Update Management Solution - Not Configured Message

%3CLINGO-SUB%20id%3D%22lingo-sub-189838%22%20slang%3D%22en-US%22%3EOMS%20Update%20Management%20Solution%20-%20Not%20Configured%20Message%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-189838%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20configured%20the%20Update%20Management%20solution%20in%20my%20OMS%20workspace.%20Everything%20seems%20to%20be%20working%20fine%20for%20most%2C%20but%20not%20all%20VMs%20I%20manage.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20I%20navigate%20to%20the%20Automation%20Account%20%26gt%3B%20Update%20Management%20pane%20in%20the%20Azure%20portal%2C%20the%20VMs%20with%20issues%20show%20the%20following%20(seemingly%20conflicted)%20parameters%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECompliance%3A%20Compliant%20(with%20green%20checkmark)%3C%2FP%3E%3CP%3EUpdate%20Agent%20Readiness%3A%20Not%20configured%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20checked%20the%20%3CSTRONG%3EApplication%20and%20Services%20Logs%5COperations%20Manager%26nbsp%3B%3C%2FSTRONG%3EEvent%20Logs%20on%20the%20VM%2C%20and%20found%204502%20errors%20but%20not%20referencing%20'HybridAgent'%20as%20the%20Microsoft%20technical%20documentation%20instructs.%20No%20Windows%20or%20network%20based%20firewalls%20are%20blocking%20the%20path%20outbound%20over%20port%20443%2C%20and%20we%20receive%20consistent%20heartbeats%20in%20OMS%20from%20the%20machine.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETwo%20questions%3C%2FP%3E%3COL%3E%3CLI%3EHow%20is%20it%20possible%20that%20the%20solution%20assesses%20that%20the%20VM%20is%20compliant%2C%20but%20also%20says%20the%20%22Update%20Agent%20Readiness%22%20is%20not%20configured%3F%20Does%20this%20mean%20Update%20Management%20is%20getting%20the%20proper%20update%20status%20from%20the%20VM%2C%20but%20it%20cannot%20perform%20any%20updates%20if%20it%20finds%20needed%20updates%3F%3C%2FLI%3E%3CLI%3EWhat%20other%20troubleshooting%20steps%20should%20I%20take%20to%20address%20the%20%22Not%20configured%22%20message%3F%3C%2FLI%3E%3C%2FOL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20in%20advance!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-189838%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Log%20Analytics%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESolutions%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-189891%22%20slang%3D%22en-US%22%3ERe%3A%20OMS%20Update%20Management%20Solution%20-%20Not%20Configured%20Message%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-189891%22%20slang%3D%22en-US%22%3EHi%2C%20Azure%20Update%20Managament%20is%20using%20the%20OMS%20agent%20to%20do%20the%20assessnent%20of%20the%20server.%20The%20actual%20patching%20happens%20via%20a%20feature%20called%20Hybrid%20Worker.%20The%20OMS%20Agent%20distributes%20the%20bits%20for%20Hybrid%20Worker%20and%20the%20server%20is%20automatically%20configured%20for%20Hybrid%20Worker%20by%20Update%20Management.%20In%20this%20case%20seems%20that%20your%20server%20cannot%20be%20configured%20as%20Hybrid%20Worker.%20This%20Hybrid%20Worker%20is%20also%20reffered%20as%20Update%20Worker%20when%20it%20is%20configured%20by%20Update%20Management.%20In%20case%20the%20same%20computer%20was%20previously%20connected%20to%20another%20workspace%20there%20is%20the%20possibility%20that%20some%20old%20configuration%20was%20left%20on%20the%20computer%20and%20blocking%20the%20new%20registration.%20This%20is%20because%20only%20one%20Update%20Worker%20is%20allowed.%20The%20article%20is%20located%20here%3A%20%3CA%20href%3D%22https%3A%2F%2Fcloudadministrator.wordpress.com%2F2017%2F05%2F24%2Fmoving-update-worker-server-between-oms-workspaces%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcloudadministrator.wordpress.com%2F2017%2F05%2F24%2Fmoving-update-worker-server-between-oms-workspaces%2F%3C%2FA%3E%20Registered%20Update%20workers%20can%20be%20seen%20in%20Azure%20Automation%20-%26gt%3B%20Hybrid%20Worker%20Groups%20-%26gt%3B%20System%20Hybrid%20Worker%20Groups.%20There%20you%20should%20all%20the%20servers%20that%20are%20onboarded%20to%20Update%20Management%20and%20they%20should%20report%20every%2030%20minutes.%20Keep%20in%20mind%20that%20you%20cannot%20reigster%20Update%20Worker%20manually.%20If%20you%20perform%20the%20manual%20operation%20you%20are%20registering%20Hybrid%20Worker%20that%20is%20used%20to%20run%20your%20own%20custom%20runbooks%20on%20a%20server.%20Let%20us%20know%20if%20you%20see%20any%20other%20errors.%20Also%20sometimes%20the%20server%20might%20be%20assessed%20before%20it%20is%20registered%20as%20Update%20Worker.%3C%2FLINGO-BODY%3E
Deleted
Not applicable

I have configured the Update Management solution in my OMS workspace. Everything seems to be working fine for most, but not all VMs I manage.

 

When I navigate to the Automation Account > Update Management pane in the Azure portal, the VMs with issues show the following (seemingly conflicted) parameters:

 

Compliance: Compliant (with green checkmark)

Update Agent Readiness: Not configured

 

I have checked the Application and Services Logs\Operations Manager Event Logs on the VM, and found 4502 errors but not referencing 'HybridAgent' as the Microsoft technical documentation instructs. No Windows or network based firewalls are blocking the path outbound over port 443, and we receive consistent heartbeats in OMS from the machine.

 

Two questions

  1. How is it possible that the solution assesses that the VM is compliant, but also says the "Update Agent Readiness" is not configured? Does this mean Update Management is getting the proper update status from the VM, but it cannot perform any updates if it finds needed updates?
  2. What other troubleshooting steps should I take to address the "Not configured" message?

 

Thank you in advance!

1 Reply
Solution
Hi, Azure Update Managament is using the OMS agent to do the assessnent of the server. The actual patching happens via a feature called Hybrid Worker. The OMS Agent distributes the bits for Hybrid Worker and the server is automatically configured for Hybrid Worker by Update Management. In this case seems that your server cannot be configured as Hybrid Worker. This Hybrid Worker is also reffered as Update Worker when it is configured by Update Management. In case the same computer was previously connected to another workspace there is the possibility that some old configuration was left on the computer and blocking the new registration. This is because only one Update Worker is allowed. The article is located here: https://cloudadministrator.wordpress.com/2017/05/24/moving-update-worker-server-between-oms-workspac... Registered Update workers can be seen in Azure Automation -> Hybrid Worker Groups -> System Hybrid Worker Groups. There you should all the servers that are onboarded to Update Management and they should report every 30 minutes. Keep in mind that you cannot reigster Update Worker manually. If you perform the manual operation you are registering Hybrid Worker that is used to run your own custom runbooks on a server. Let us know if you see any other errors. Also sometimes the server might be assessed before it is registered as Update Worker.