Using Azure Update Management with Windows Server 2008 R2

Following on from my Patching with Azure article a few weeks ago where I started to use Azure Update Management to patch my home lab I've stumbled across an issue when trying to use it with my Windows Server 2008 R2 SP1 virtual machine (VM). This article will explain the problem and the fix that I've come across.

Background

So I've been building up my home lab and I'd built some Windows Server 2012 servers and a Ubuntu one. The last one on my list to tackle was a Windows Server 2008 R2 to give a variety of systems that might replicate environments I would encounter in the wild during my day job. So after getting my Windows Server 2008 R2 VM built up and functioning. I wanted to start getting it onboarded to the Azure Update Management solution so that the patches that it needed could be applied automatically.

I installed the Dependency Agent and installed the Microsoft Monitoring Agent

However within the Update Management Console was telling me that the update agent wasn't configured:

I saw this error message previously on some of my Server 2012 servers, which I blogged about Update Agent Not Configured, so I went about troubleshooting the issue the same way. Unfortunately, that didn't fix my problem here.

The Problem

Again as the Microsoft Monitoring Agent is the same one used within a System Center Operations Manager (SCOM), which I spent many hours troubleshooting on premises years ago. So in order to troubleshoot this problem, I resorted to old faithful, Event Viewer.

The log file I was looking for was located under Applications and Services Logs > Operations Manager

After filtering out some of the noise and focussing just on Errors and Warnings I found the event that helped me understand what was going on and how to fix it.

On closer inspection a pre-requisite is missing:

A module of type "Microsoft.EnterpriseManagement.HealthService.AzureAutomation.HybridAgent" reported an exception Microsoft.EnterpriseManagement.HealthService.ModuleException: Unable to Register Machine for Patch Management, Registration Failed with Exception System.InvalidOperationException: Missing Prerequisite(s): PowerShell Windows Management Framework Version 4.0 or later is missing.
. Troublshoot link https://aka.ms/troubleshootupdatedeployment
at AgentService.OmsHybridRegistration.PowerShell.Commandlets.OmsHybridRunbookWorker.CheckPrerequisites()
at AgentService.OmsHybridRegistration.PowerShell.Commandlets.OmsHybridRunbookWorker.Register() which was running as part of rule "Microsoft.IntelligencePacks.AzureAutomation.HybridAgent.Init" running for instance "" with id:"{6CF07FFF-8550-E6B9-00B4-6E09D7C2F2E4}" in management group "AOI-17f7810f-8e42-4755-9dcd-3a723dfe9d61".

The Fix

Thankfully the event log was quite clear about what it wanted/needed in order to work successfully. Out of the box Windows Server 2008 R2 came with Windows Management Framework (WMF) 2.0. WMF 4.0 started shipping with Windows Server 2012 R2 and the latest version 5.1 is shipping with Windows Server 2016.

As I've just built my VM from an ISO and not applied any patches to it my WMF version is very out of date. In production environment this might not be the case but in my previous experience there is always one server lurking in the background that hasn't been touched or upgraded for some reason.

I downloaded WMF 4.0 and installed it on my server. After a reboot (which triggered a bunch of update installs!) and some waiting I am now seeing the server in my Update Management console waiting to be patched.

Conclusion

I really like the Update Management solution and have found it great fun to solve some of the problems that are popping up trying to use it on my Home Lab. It's great to use my "old" knowledge and experience again and apply it to the Azure world!

As always if you’d like to reach out and speak to me about any of the above please get in touch via Twitter @TechieLass