Enable Azure Update Manager to Patch Azure Arc Connected Machine Agent – Unsupported option

by Jeff Pigott | Posted on

The Azure Arc Connected Machine agent needs to be updated to stay current with current updates. Without having Windows Servers set to pull “other” updates, the Connected Machine Agent updates will not be installed.

** This is not currently supported as it can cause a circular dependency **

Run the following commands to display the current state of the Update Services to determine if “other” updates are configured to be installed: 

# Create an instance of the Microsoft.Update.ServiceManager COM object 
$ServiceManager = New-Object -ComObject "Microsoft.Update.ServiceManager"
# List all update services and their statuses
$services = $ServiceManager.Services | Select-Object Name, IsDefaultAUService
# Display the services
$services
A black background with white text AI-generated content may be incorrect.

On this current machine the list does not contain Microsoft Update = True. This setting is what is needed to be changed to allow Azure Update Manager to show updates for the Azure Connected Machine Agent.

These PowerShell commands could be run on a single machine: 

$ServiceManager = (New-Object -com "Microsoft.Update.ServiceManager")
$ServiceManager.Services
$ServiceID = "7971f918-a847-4430-9279-4a52d1efe18d"
$ServiceManager.AddService2($ServiceId,7,"")

If you run the above commands to check the Microsoft Update value the results should show True as shown below.

A black screen with white text AI-generated content may be incorrect.

Here is an example of a machine that checked for updates after the settings have been changed above to allow Microsoft Updates = True. The second update in the list is the Connected machine agent.

Below is another option to install the PowerShell on multiple Arc enabled machines using the Run Command. This is a rough example, and I am sure could be improved. 

# Install the required module 
Install-Module Az.ConnectedMachine -Force
# Get all ARC enabled machines
$arcMachines = Get-AzConnectedMachine
foreach ($machine in $arcMachines) 
{
$script = '$ServiceManager = (New-Object -com "Microsoft.Update.ServiceManager"); $ServiceManager.Services; $ServiceID = "7971f918-a847-4430-9279-4a52d1efe18d";  $ServiceManager.AddService2($ServiceId,7,"")'
Start-Job -ScriptBlock {
New-AzConnectedMachineRunCommand -ResourceGroupName $using:machine.ResourceGroupName -SourceScript $using:script -RunCommandName "runGetInfo50" -MachineName $using:machine.Name -Location $using:machine.Location }
  }
# Wait for all jobs to complete and get the results to show the results. Check the machines to ensure it ran properly.
$jobs = Get-Job
$results = $jobs | ForEach-Object { Receive-Job -Job $_; Remove-Job -Job $_ }
Post Views: 7

About the author

Jeff Pigott is a Senior Cloud Solution Architect at Microsoft, specializing in Azure Infrastructure technologies including Azure Arc, Azure Update Manager, SQL DB, security, and storage. With over 29 years of experience in IT, development, and DevOps, Jeff has worked with a wide range of platforms, tools, and languages. Jeff is passionate about staying up-to-date with the latest Microsoft technologies and services, and holds multiple Azure certifications.

Related Posts