	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

6.2

WSUS Clients Not Reporting

Asked by impacttg in Windows Server 2008, Windows Network Security

Tags: WSUS 3.0, Windows Server 2008 x64, Group Policy

We are an IT company that manages multiple customer networks. We have WSUS 3.0 installed on a new Dell server with Windows Server 2008 Standard x64 edition, plenty of memory, plenty of disk space, etc. We want to be able to monitor and update our clients' computers across the internet back to our 1 single WSUS server so that we can manage their Windows Updates and patch accordingly. These customers are not on a VPN with us and we have no plans to do so. We also do not want to implement a separate WSUS server at each customer site. We have been told that it is possible by our RMM platform vendor. We have also read many posts across the internet stating it isn't possible and sometimes their seems to be a glimmer of hope that it is possible.

All of our internal computers on our network are reporting correctly to this same WSUS server on our domain. Therefore, I know we have the WSUS server setup correctly. We have implemented a separate Group Policy on our network, as well as our customers' networks with an almost identical separate Group Policy (FQDN vs. Internal). The path to our WSUS server is a FQDN without the /selfupdate and it is using the normal 8530 port. Yes, the firewall port is open and port forwarding correctly to our internal WSUS server (8530-8531 TCP, no UDP). The server also has its firewall opened correctly on port 8530, not 8531. We have turned the Windows firewall on and off to troubleshoot.

WSUS 3.0 with SP1
Client Targeting is Enabled with Group Names

We have installed and ran the WSUS Client Diagnostic Tool on two different customer networks and we are getting mixed results. Client A comes back with 100% clean and connectivity, yet, it will not show up in our WSUS server. See the output from the WSUS Client Diagnostic Tool below:

Client A comes back with:
-----------------------------------------------------------------------
WSUS Client Diagnostics Tool

Checking Machine State
Checking for admin rights to run tool . . . . . . . . . PASS
Automatic Updates Service is running. . . . . . . . . . PASS
Background Intelligent Transfer Service is running. . . PASS
Wuaueng.dll version 7.2.6001.788. . . . . . . . . . . . PASS
This version is WSUS 2.0

Checking AU Settings
AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
Option is from Policy settings

Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use

Checking Connection to WSUS/SUS Server
WUServer = http://updates.<domain>.net:8530
WUStatusServer = http://updates.<domain>.net:8530
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Client is pointed to SUS 1.0 Server
Connection to server. . . . . . . . . . . . . . . . . . PASS
SelfUpdate folder is present. . . . . . . . . . . . . . PASS

Press Enter to Complete
-----------------------------------------------------------------------

Client B comes back with:
-----------------------------------------------------------------------
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use

Checking Connection to WSUS/SUS Server
WUServer = http://updates.<domain>.net:8530
WUStatusServer = http://updates.<domain>.net:8530
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Client is pointed to SUS 1.0 Server

WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL, &downloadBuffe
r) failed with hr=0x80190193

No Error description could be found

Press Enter to Complete
-----------------------------------------------------------------------

For client B, we considered that it may be an issue with authentication in IIS on various folders within the WSUS site by turning Unauthenticated or Integrated Windows Authentication in different combinations with no success. This may be true for Client A too. Regardless, neither show up on our WSUS server.

Any ideas? We don't care how it works (unauthenticated or authenticated, or Non-SSL or SSL). We just want it to work. Any thoughts, additional troubleshooting, or strategy assistance would be greatly appreciated.

Thanks in advance!

View the Solution FREE for 30 Days

20091111-EE-VQP-92 - Hierarchy / EE_QW_EXPERT_20070906

Hall of Fame

1. tigermatt595,953
2. dariusg562,705
3. Mestha268,125
4. demazter243,186
5. Chris-Dent208,330
6. henjoh09197,579
7. mkline71168,254
8. oBdA164,719
9. leew148,281
10. MPECSInc108,175
11. Paranorm...91,175
12. dstewartjr82,211
13. bluntTony66,305
14. tsmvp63,196
15. plimpias58,314
16. mutahir57,943
17. zelron2256,211
18. KCTS55,336
19. bhanukir753,868
20. suppsaws53,780
21. chuku53,708
22. gtworek53,056
23. MCSA20...51,150
24. RobWill51,086
25. rrjegan1741,664

1. tigermatt1,151,195
2. dariusg686,753
3. henjoh09285,889
4. Mestha268,125
5. Chris-Dent247,948
6. demazter243,186
7. leew177,352
8. oBdA174,719
9. mkline71168,854
10. MPECSInc125,775
11. bhanukir7112,922
12. KCTS111,502
13. plimpias107,211
14. Paranorm...103,350
15. dstewartjr86,211
16. tsmvp69,664
17. Netman6669,601
18. andrew_...69,251
19. bluntTony66,305
20. McKnife66,094
21. dfxdeimos62,907
22. Rajith_En...60,715
23. RobWill60,686
24. mutahir57,943
25. mkbean57,035

WSUS Clients Not Reporting

Asked by impacttg in Windows Server 2008, Windows Network Security

Tags: WSUS 3.0, Windows Server 2008 x64, Group Policy

About this solution