PDQ package Deployments to newly domain joined Windows machines fail

Comments

6 comments

  • Mike Kercher

    Depending on your group policies, could this be the Windows Firewall blocking the connections?

    0
    Comment actions Permalink
  • Nathan Guest

    I have the same issue you are seeing, on newly imaged computers PDQ deploy is stuck on Initializing,
    The day before this started everything was working fine, the difference between the two days is overnight Windows Updates installed.

    I have found to get PDQ Deploy to get past Initializing I first scan the newly image PC using PDQ Inventory (My Inventory scan is from a different Windows 10 PC) as soon as Inventory get to Running, PDQ Deploy will start and finish successfully.

    Since no one else is having issues at my work place I believe it is Windows 11 (I am the only one running window 11 right now) update from this past patch Tuesday, but have not had time to figure out anything more than the above. I figured I post my current findings since I came here for the same reason.

    0
    Comment actions Permalink
  • Kiefer Easton

    We experienced this issue today as well. These links were helpful in developing a workaround:

    https://www.reddit.com/r/pdq/comments/s3uxv9/manually_made_deployments_getting_stuck_on/

    https://www.reddit.com/r/sysadmin/comments/s1jcue/patch_tuesday_megathread_20220112/hsjgvyi/

    It would appear that a Windows update has broken the ability for accounts to automatically grant the "Log on as a service" right to themselves. For existing workstations, the account likely persists but on new workstations it cannot be added and results in the perpetual 'Initializing' scan status. We added the account we use for PDQ manually and the scans and deploys now fly through.

    Hope this is helpful for those who do not want to roll the patch back.

    2
    Comment actions Permalink
  • Nick Empson

    Kiefer Easton

    Yep that was it. I found those exact threads too! :D

    Windows patch KB5009557 was installed on our PDQ Server last Tuesday. I uninstalled it to test, and now the packages are deploying without issue. I believe Microsoft has released a patch to fix that patch, but I haven't dug too deep yet. Just needed to get PDQ back up and running today!

    Thank you all!

    1
    Comment actions Permalink
  • Erin

    this could suck when trying to target non domain machines  - no gpo to fix it. im thinking DMZ servers.

    0
    Comment actions Permalink

Please sign in to leave a comment.