Something went haywire in our approval policies in Automate. I noticed that there weren’t any definition updates to approve this morning.
Looking into it further, I found that several hundred patches had been set to ‘Ignore’ by the approval policies. After disabling the offending ignore rule, I needed to undo the damage and manually approve those patches.
To find them, I ran this query:
SELECT Title, SetTime, SetBy, approval FROM patchapprovalsettings JOIN hotfixdata ON patchapprovalsettings.hotfixid = hotfixdata.hotfixid WHERE SetBy = 'Auto' AND approval = 1 ORDER BY SetTime DESC
Then I went into patch manager and fixed the ones that had been incorrectly set to ‘Ignore’.