Patch Mangement Security Updates are stuck in Pending State on the client computers. When looking at the log files, I see the message "Failed to obtain vendor config policy."
When viewing the default software update configuration collection, it indicates that it has no members in the collection.
Patch Management Solution 6.2 SP1
Notification Server 6.0.6074 SP3 R6
The SQL used for this collection joins an event table that may or may not contain the proper events.
To get the resources to be added to the collection you have two options:
- Open NS Configurator (if installed).
- Search for LogClientConfig Events.
- If the value is set to 0 change it to 1.
- Open the Configuration tab and navigate to Solution Settings > Software Management > Patch Management > Windows > Software Update Agent Configuration.
- Export a backup of the Default Software Update Agent Configuration Policy.
- Import New Default Software Update Agent Configuration Policy into Solution Settings > Software Management > Patch Management > Windows, right-click on the Software Update Agent Configuration folder and choose Import.
- Ensure the Software Update Agent Install/Upgrade 6.1 & 6.2 are enabled.
- Ensure the Default Software Update Agent Configuration Policy is targeting the Collection for the Machines to be included in this membership.
KB46144 "Combined fixes for known Patch Report Discrepencies, Dashboard issues etc" also includes this fix and several more.