Clients not finding SUS Server

I setup SUS sp1 on a win2k3 secondary domain controller. when I connect to http://suserver/susadmin, it prompts with AD login details and admin page loads fine when I login as domain administrator. But I can't login as a normal user. Can I not have the prompt? I checked anynomous login in IIS and it's enabled.

When I enter http://suserver, I receive 'site is under construction'. Is this normal? Do I see a list of updates available at this point?
how do I know the setup is correct and then I can setup clients to get update from this sus server? I have AD domain but not used by most of my users. I am using registry settings to implement client update.
Please advise.
thanks,
Bhupal
bhupalkAsked:
Who is Participating?
 
John Gates, CISSPConnect With a Mentor Security ProfessionalCommented:
Yes it is functioning correctly that last error is a normal occurrance.

D
0
 
John Gates, CISSPSecurity ProfessionalCommented:
Is the server a member of your active directory domain?

0
 
bhupalkAuthor Commented:
yes it is. This is the backup domain controller.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
John Gates, CISSPSecurity ProfessionalCommented:
well the best thing to do is to have all the machines as domain members.
0
 
John Gates, CISSPSecurity ProfessionalCommented:
THe under construction page is normal for the sus installation http://servername/susadmin is where you go to admisiter the server.


D
0
 
bhupalkAuthor Commented:
thanks Dimante.
however, why do I get the login prompt though when I go to http://servername/susadmin? I have to login using domain administrator account.
also I am testing client update using my PC but it does not go to the sus server although I have registry settings applied.
thanks,
Bhupal
0
 
John Gates, CISSPSecurity ProfessionalCommented:
Have you looked at your %systemroot%\Windows Update.log to prove that?

You should see entries like the following:

2004-08-15 13:23:23  18:23:23   Success   IUENGINE       Determining machine configuration
2004-08-15 13:23:24  18:23:24   Success   IUENGINE       Querying software update catalog from https://v4.windowsupdate.microsoft.com/autoupdate/getmanifest.asp
2004-08-15 13:23:24  18:23:24   Success   IUENGINE       Determining machine configuration
2004-08-15 13:23:24  18:23:24   Success   IUENGINE       Querying software update catalog from https://v4.windowsupdate.microsoft.com/autoupdate/getmanifest.asp

Instead of v4.windowsupdate.micrsoft....etc your server ip should be listed.  If not please refer to this site:

http://www.susserver.com/FAQs/FAQ-IsYourSUSServerWorking.asp

It is a great resource and should help also.

Let me know if I can assist further!

D
0
 
John Gates, CISSPSecurity ProfessionalCommented:
I forgot to add it may show your server name instead of IP also depending on how you set up the template on the clients.

D
0
 
SembeeCommented:
You aren't using SUS correctly. It is not an internal Windows Update server - but an internal server for the clients to use for Automatic updates.
Clients do not log in to the SUS web site - only administrators login to the web site to approve updates.

What you need to do is configure the clients to point at the SUS web site for automatic updates. There are a couple of ways to do this, Group Policy or manual registry edits. There are also a couple of utilities around that can make the machines look to a certain server - you will find these on the susserver.com web site.

SUS will allow any machine to connect to it - the machines do not have to be members of the same domain. They just need to be able to find the SUS server in DNS and the registry enties made.
I have an SUS server in the workshop. When I rebuild client's machines I will point them to my own SUS server to get updates using the "nwsusutil.exe". This utility resets the automatic updates registry entries to the default after a reboot.

Simon.
0
 
John Gates, CISSPSecurity ProfessionalCommented:
Actually that is not entirely correct.....   Also WUS is what the new version is going to be called when it comes out and it can be an internal windows update server.

D
0
 
SembeeCommented:
WUS is a product currently undevelopment and most people will not see it before its release next year. As well as being a internal Windows Update server it should also be able to update Office and other MS applications - not before time.

Other than that, "dimante", what else is "not entirely correct" about what I have written above?

Simon.
0
 
bhupalkAuthor Commented:
Thanks to both of you. I am using the tool mentioned by Sembee and I am getting some logs on the windows update.log file.
so if I used windows update option from windows, it seems to go to microsoft.com update site. I will do more testing using this tool and see what happens. Now I am getting this. I am assuming there nothing to download. I will check on another PC.
Does this mean it's working?
also do I need to run the tool on all PCs?
I made the registry changes manually but that was not working until I ran this tool.
-------------------------------------------------------------------------------------------------
2004-10-04 10:20:03  00:20:03   Success   IUENGINE       Starting
2004-10-04 10:20:03  00:20:03   Success   IUENGINE       Determining machine configuration
2004-10-04 10:20:04  00:20:04   Success   IUENGINE       Querying software update catalog from http://10.3.0.80/autoupdate/getmanifest.asp
2004-10-04 10:20:04  00:20:04   Success   IUENGINE       Determining machine configuration
2004-10-04 10:20:04  00:20:04   Success   IUENGINE       Querying software update catalog from http://10.3.0.80/autoupdate/getmanifest.asp
2004-10-04 10:20:04  00:20:04   Success   IUENGINE       Determining machine configuration
2004-10-04 10:20:04  00:20:04   Success   IUENGINE       Querying software update catalog from http://10.3.0.80/autoupdate/getmanifest.asp
2004-10-04 10:20:05  00:20:05   Success   IUENGINE       Determining machine configuration
2004-10-04 10:20:05  00:20:05   Error     IUENGINE       Querying software update catalog from http://10.3.0.80/autoupdatedrivers/getmanifest.asp (Error 0x80190194)
2004-10-04 10:20:05  00:20:05   Success   IUENGINE       Shutting down
------------------------------------------------------------------------------------------------------
0
 
bhupalkAuthor Commented:
OK. Thanks D.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.