Merge pull request #259864 from SnehaSudhirG/29Nov-AUMDocUpdates

Updated the TSG

Author: JamesJBarnett

articles/update-manager/assessment-options.md

@@ -2,7 +2,7 @@
 title: Assessment options in Update Manager.
 description: The article describes the assessment options available in Update Manager.
 ms.service: azure-update-manager
-ms.date: 11/16/2023
+ms.date: 11/29/2023
 ms.topic: conceptual
 author: snehasudhirG
 ms.author: sudhirsneha
@@ -14,25 +14,28 @@ ms.author: sudhirsneha
 
 This article provides an overview of the assessment options available by Update Manager. 
 
-Update Manager provides you the flexibility to assess the status of available updates and manage the process of installing required updates for your machines.
+Update Manager provides you with the flexibility to assess the status of available updates and manage the process of installing required updates for your machines.
 
 ## Periodic assessment
 
  Periodic assessment is an update setting on a machine that allows you to enable automatic periodic checking of updates by Update Manager. We recommend that you enable this property on your machines as it allows Update Manager to fetch latest updates for your machines every 24 hours and enables you to view the latest compliance status of your machines. You can enable this setting using update settings flow as detailed [here](manage-update-settings.md#configure-settings-on-a-single-vm) or enable it at scale by using [Policy](periodic-assessment-at-scale.md). 
 
 :::image type="content" source="media/updates-maintenance/periodic-assessment-inline.png" alt-text="Screenshot showing periodic assessment option." lightbox="media/updates-maintenance/periodic-assessment-expanded.png":::
 
+> [!NOTE]
+> For Arc-enabled servers, ensure that the subscription in which the Arc-server is onboarded is registered to Microsoft.Compute resource provider. For more information on how to register to the resource provider, see [Azure resource providers and types](../azure-resource-manager/management/resource-providers-and-types.md).
+
 ## Check for updates now/On-demand assessment
 
 Update Manager allows you to check for latest updates on your machines at any time, on-demand. You can view the latest update status and act accordingly. Go to **Updates** blade on any VM and select **Check for updates** or select multiple machines from Update Manager and check for updates for all machines at once. For more information, see [check and install on-demand updates](view-updates.md).
 
 ## Update assessment scan
  You can initiate a software updates compliance scan on a machine to get a current list of operating system updates available. 
 
- - **On Windows** - the software update scan is actually performed by the Windows Update Agent. 
+ - **On Windows** - the software update scan is performed by the Windows Update Agent. 
  - **On Linux** -  The software update scan is performed using the package manager that returns the missing updates as per the configured repositories.
 
- In the **Updates** page, after you initiate an assessment, a notification is generated to inform you the activity has started and another is displayed when it is finished.
+ In the **Updates** page, after you initiate an assessment, a notification is generated to inform you the activity has started and another is displayed when it's finished.
 
  :::image type="content" source="media/assessment-options/updates-preview-page.png" alt-text="Screenshot of the Updates page.":::
 

articles/update-manager/troubleshoot.md

@@ -2,7 +2,7 @@
 title: Troubleshoot known issues with Azure Update Manager
 description: This article provides details on known issues and how to troubleshoot any problems with Azure Update Manager.
 ms.service: azure-update-manager
-ms.date: 09/18/2023
+ms.date: 01/13/2024
 ms.topic: conceptual
 ms.author: sudhirsneha
 author: SnehaSudhirG
@@ -36,34 +36,60 @@ To review the logs related to all actions performed by the extension, check for
 * `WindowsUpdateExtension.log`: Contains information related to the patch actions. This information includes patches assessed and installed on the machine and any problems encountered in the process.
 * `CommandExecution.log`: There's a wrapper above the patch action, which is used to manage the extension and invoke specific patch operation. This log contains information about the wrapper. For autopatching, the log has information on whether the specific patch operation was invoked.
 
-## Unable to change the patch orchestration option to manual updates from automatic updates
+### Azure Arc-enabled servers
+
+For Azure Arc-enabled servers, see [Troubleshoot VM extensions](../azure-arc/servers/troubleshoot-vm-extensions.md) for general troubleshooting steps.
+
+To review the logs related to all actions performed by the extension, on Windows, check for more information in `C:\ProgramData\GuestConfig\extension_Logs\Microsoft.SoftwareUpdateManagement\WindowsOsUpdateExtension`. It includes the following two log files of interest:
+
+* `WindowsUpdateExtension.log`: Contains information related to the patch actions. This information includes the patches assessed and installed on the machine and any problems encountered in the process.
+* `cmd_execution_<numeric>_stdout.txt`: There's a wrapper above the patch action. It's used to manage the extension and invoke specific patch operation. This log contains information about the wrapper. For autopatching, the log has information on whether the specific patch operation was invoked.
+* `cmd_excution_<numeric>_stderr.txt`
+
+
+### Unable to generate periodic assessment for Arc-enabled servers
+
+#### Issue
+
+The subscriptions in which the Arc-enabled servers are onboarded aren't producing assessment data.
+
+#### Resolution
+Ensure that the Arc servers subscriptions are registered to Microsoft.Compute resource provider so that the periodic assessment data is generated periodically as expected. [Learn more](../azure-resource-manager/management/resource-providers-and-types.md#register-resource-provider)
+
+### Maintenance configuration isn't applied when VM is moved to a different subscription
+
+#### Issue
+
+When a VM is moved to another subscription, the scheduled maintenance configuration associated to the VM isn't running.
+
+#### Resolution
+
+If you move a VM to a different resource group or subscription, the scheduled patching for the VM stops working as this scenario is currently unsupported by the system. You can delete the older association of the moved VM and create the new association to include the moved VMs in a maintenance configuration.
 
-Here's the scenario.
+### Unable to change the patch orchestration option to manual updates from automatic updates
 
-### Issue
+#### Issue
 
 The Azure machine has the patch orchestration option as `AutomaticByOS/Windows` automatic updates and you're unable to change the patch orchestration to Manual Updates by using **Change update settings**.
 
-### Resolution
+#### Resolution
 
 If you don't want any patch installation to be orchestrated by Azure or aren't using custom patching solutions, you can change the patch orchestration option to **Customer Managed Schedules (Preview)** or `AutomaticByPlatform` and `ByPassPlatformSafetyChecksOnUserSchedule` and not associate a schedule/maintenance configuration to the machine. This setting ensures that no patching is performed on the machine until you change it explicitly. For more information, see **Scenario 2** in [User scenarios](prerequsite-for-schedule-patching.md#user-scenarios).
 
 :::image type="content" source="./media/troubleshoot/known-issue-update-settings-failed.png" alt-text="Screenshot that shows a notification of failed update settings.":::
 
-## Machine shows as "Not assessed" and shows an HRESULT exception
-
-Here's the scenario.
+### Machine shows as "Not assessed" and shows an HRESULT exception
 
-### Issue
+#### Issue
 
 * You have machines that show as `Not assessed` under **Compliance**, and you see an exception message below them.
 * You see an `HRESULT` error code in the portal.
 
-### Cause
+#### Cause
 
 The Update Agent (Windows Update Agent on Windows and the package manager for a Linux distribution) isn't configured correctly. Update Manager relies on the machine's Update Agent to provide the updates that are needed, the status of the patch, and the results of deployed patches. Without this information, Update Manager can't properly report on the patches that are needed or installed.
 
-### Resolution
+#### Resolution
 
 Try to perform updates locally on the machine. If this operation fails, it typically means that there's an Update Agent configuration error.
 
@@ -96,25 +122,24 @@ You can also download and run the [Windows Update troubleshooter](https://suppor
 > [!NOTE]
 > The [Windows Update troubleshooter](https://support.microsoft.com/help/4027322/windows-update-troubleshooter) documentation indicates that it's for use on Windows clients, but it also works on Windows Server.
 
-### Azure Arc-enabled servers
-
-For Azure Arc-enabled servers, see [Troubleshoot VM extensions](../azure-arc/servers/troubleshoot-vm-extensions.md) for general troubleshooting steps.
-
-To review the logs related to all actions performed by the extension, on Windows, check for more information in `C:\ProgramData\GuestConfig\extension_Logs\Microsoft.SoftwareUpdateManagement\WindowsOsUpdateExtension`. It includes the following two log files of interest:
-
-* `WindowsUpdateExtension.log`: Contains information related to the patch actions. This information includes the patches assessed and installed on the machine and any problems encountered in the process.
-* `cmd_execution_<numeric>_stdout.txt`: There's a wrapper above the patch action. It's used to manage the extension and invoke specific patch operation. This log contains information about the wrapper. For autopatching, the log has information on whether the specific patch operation was invoked.
-* `cmd_excution_<numeric>_stderr.txt`
 
 ## Known issues in schedule patching
 
 - For a concurrent or conflicting schedule, only one schedule is triggered. The other schedule is triggered after a schedule is finished.
 - If a machine is newly created, the schedule might have 15 minutes of schedule trigger delay in the case of Azure VMs.
 - Policy definition **Schedule recurring updates using Azure Update Manager** with version 1.0.0-preview successfully remediates resources. However, it always shows them as noncompliant. The current value of the existence condition is a placeholder that always evaluates to false.
 
-### Unable to apply patches for the shutdown machines
 
-Here's the scenario.
+### Schedule patching fails with error 'ShutdownOrUnresponsive'
+
+#### Issue
+
+Schedule patching hasn't installed the patches on the VMs and gives an error as 'ShutdownOrUnresponsive'.
+
+#### Resolution
+Schedules triggered on machines deleted and recreated with the same resource ID within 8 hours may fail with ShutdownOrUnresponsive error due to a known limitation.
+
+### Unable to apply patches for the shutdown machines
 
 #### Issue
 
@@ -124,14 +149,12 @@ Patches aren't getting applied for the machines that are in shutdown state. You
 
 The machines are in a shutdown state.
 
-### Resolution
+#### Resolution
 
 Keep your machines turned on at least 15 minutes before the scheduled update. For more information, see [Shut down machines](../virtual-machines/maintenance-configurations.md#shut-down-machines).
 
 ### Patch run failed with Maintenance window exceeded property showing true even if time remained
 
-Here's the scenario.
-
 #### Issue
 
 When you view an update deployment in **Update History**, the property **Failed with Maintenance window exceeded** shows **true** even though enough time was left for execution. In this case, one of the following problems is possible: