ITSM Device Management - Not Updating 4 x Windows Server 2012 R2 systems

Hello all. First off, love C1, it’s a great tool, and one for free which can’t be beat!

That being said, I’ve got 4 x Server 2012 R2 systems (all hosted in ESXi), all installed with the latest version of the comodo client that I enrolled them with from my portal, and none of them seem to correctly update the ITSM console. Now, upon initial install or reinstall of the comodo client, the system I’m doing that on will connect up and report information correctly. About 24 hours later, it’s connected, and the tray icon says it’s connected, and the console seems to be able to talk with it, can be remote controlled, etc. but patches won’t install. If I manually install patches and try to refresh the device info from the console, wait a while or even restart the server or services manually, it still doesn’t report correctly. I’m not seeing anything in event logs, etc. that would indicate any communication issues. I also have 3 Win 10 clients that run perfectly fine. Any help on this would be greatly appreciated :slight_smile:

This is a common problem, it was supposed to be addressed in the last update, however as you are seeing there are still a few problems.

Hopefully the next update will finally put this problem to bed.!!!

you will see the endpoints come and go (online offline), most of the time they are reporting into ITSM but are not remotable/manageable. There is a script/procedure to restart the ITSMService on then endpoints sometimes this helps bring them “online”


I actually just tried that service restart json script. Doesn’t do anything unfortunately. Hope it does get fixed soon :slight_smile:

Would be nice if there were some more updates for linux endpoints too.

Hello @erichdweihrauch,

Our patch management pulls the patches list from the windows update service of every individual computer. This means that every device has its own updates list. If an update is needed on more than one device, Patch Management will install it on all of the devices where is needed. If the device is on at the moment it will install it right away, otherwise it will install it when the device will communicate with the console. Patch Management via ITSM is dependent on the local Windows Update service.

Patch inventory collector collects the info about installed/missing patch(s) once per 24/hours. It is by design. So if you installed patch(s) not through ITSM, the list of patches will be updated on ITSM not immediately but in 24 hours time period. The information about installed/missing patch(s) isn’t stored on the device but on special server, so if you refreshes the page on ITSM you get data from the server, not from endpoint. The new data will appear on the server after patch collector will collect new data, or after you trigger some updates from portal.

Patch collector starts his work with delay 1 hour after PMservice is started. So if you want to update the list of patches asap you have to restart COMODO services or just restart the endpoint, and after few hours (1 hour delay + collector work time) the list of patches for this endpoint will be updated on ITSM.

When you choose to ‘refresh’ information on a client does it not recheck for the patches?

Hello @Joners

The answer is No.


What does it check then???

Can this be changed?

I understand that you dont want to be running this stuff constantly as it can be taxing on any system. Could you change the wording to reflect exactly what the Refresh Device Information actually does? Maybe Refresh inventory data or similar to indicate that this isn’t checking for updates?

Hello @dittoit and @Joners

I think it actually reflects the “Refresh Device Information” name but you also have a good point since it checks the following:

Name ; LoggedOnUser ; Domain ; Network, Detailed network information ; AdServer
SystemModel ; SystemManufacturer ; SerialNumber ; Os ; UpTime ; RebootPending
CCS info ; ITSM agent info ; Cpus ; Memory ; LogicalDisks ; Last RebootTime
and RebootReason

Kind Regards,