studrick
asked on
WSUS - 0x8024401B Error (Proxy Authentication)
OK, I have read, and searched, and searched the other WSUS sites, and cannot get this fixed. Here's the lowdown.... I installed WSUS on one server for testing, added the GPO, and everything looked like it was working..... PC's showing up, downloads downloading, etc. Well, I decided that server wasn't appropiate for this so just decided to do a full install on a new server.
So, I got the new server up and running and now, about 2/3 of my PC's are getting this crappy 0x8024401B Error, which I have found means "Proxy Authentication Required". The thing is, there is no difference between some of these computers and the ones that are communicating just fine with WSUS. And yes, we have an ISA 2000 server as our proxy server, but the WSUS is local. I have added the WSUS server as an exception in IE with manual proxy settings in there, I have turned off IE settings all together to where I couldn't browse anything but local servers, and I have used Automatic Detect IE settings to read from our DHCP 252 WPAD push, and I cannot figure out WHY these other computers keep wanting to go out through the proxy server. This is a local WSUS server!!!
And, why did it work at one point on the old server (which happened to be the ISA Server itself), and then I totally reinstall the WSUS server elsewhere and only 1/3 of them still work. I have even checked my AU settings in the registry and they are correctly pointing to the WSUS server. I have run the client testing tool and it all passes, and still, I cannot get passed this 0x8024401B Error "Proxy Authentication Required". IT DOESN'T NEED TO GO THROUGH THE PROXY! The WSUS server is on the same subnet, and is even in the LAT on the ISA Server just in case. Any ideas PLEASE???
So, I got the new server up and running and now, about 2/3 of my PC's are getting this crappy 0x8024401B Error, which I have found means "Proxy Authentication Required". The thing is, there is no difference between some of these computers and the ones that are communicating just fine with WSUS. And yes, we have an ISA 2000 server as our proxy server, but the WSUS is local. I have added the WSUS server as an exception in IE with manual proxy settings in there, I have turned off IE settings all together to where I couldn't browse anything but local servers, and I have used Automatic Detect IE settings to read from our DHCP 252 WPAD push, and I cannot figure out WHY these other computers keep wanting to go out through the proxy server. This is a local WSUS server!!!
And, why did it work at one point on the old server (which happened to be the ISA Server itself), and then I totally reinstall the WSUS server elsewhere and only 1/3 of them still work. I have even checked my AU settings in the registry and they are correctly pointing to the WSUS server. I have run the client testing tool and it all passes, and still, I cannot get passed this 0x8024401B Error "Proxy Authentication Required". IT DOESN'T NEED TO GO THROUGH THE PROXY! The WSUS server is on the same subnet, and is even in the LAT on the ISA Server just in case. Any ideas PLEASE???
ASKER
This has all been tried a hundred times. I have checked the registry, and they are pointing to the correct server. From that same PC I can access the WSUS server's website and everything. I have deleted the keys, but I do not that the PingID key never showed back up, just the other 2. I have checked the GPO using gpresult and it is loading, and I have double-checked that by actually checking the registry and seeing where AU is pointing. It knows where the server is, just for some reason thinks it needs to go through the proxy server, even though all IE settings are correct.
It just doesn't make sense why some are going directly there, and some are not. All network settings are configured using the same DHCP, all IE settings are the same through a GPO, etc.
It just doesn't make sense why some are going directly there, and some are not. All network settings are configured using the same DHCP, all IE settings are the same through a GPO, etc.
Run TRACERT to the new WSUS server - output to log and post it here:
tracert > c:\tracert.txt
tracert > c:\tracert.txt
ASKER
One hop...... directly there. I even tried using the FQDN and that didn't work. Below is the error log from the windowsupdate.log file.
2006-04-07 14:37:07 1144 8f4 Service *********
2006-04-07 14:37:07 1144 8f4 Service ** END ** Service: Service exit [Exit code = 0x240001]
2006-04-07 14:37:07 1144 8f4 Service *************
2006-04-07 14:37:09 1144 3b0 Misc =========== Logging initialized (build: 5.8.0.2469, tz: -0500) ===========
2006-04-07 14:37:09 1144 3b0 Misc = Process: C:\WINDOWS\System32\svchos t.exe
2006-04-07 14:37:09 1144 3b0 Misc = Module: C:\WINDOWS\system32\wuauen g.dll
2006-04-07 14:37:09 1144 3b0 Service *************
2006-04-07 14:37:09 1144 3b0 Service ** START ** Service: Service startup
2006-04-07 14:37:09 1144 3b0 Service *********
2006-04-07 14:37:09 1144 3b0 Agent * WU client version 5.8.0.2469
2006-04-07 14:37:09 1144 3b0 Agent * WARNING: Failed to obtain SusClientId
2006-04-07 14:37:09 1144 3b0 Agent * Base directory: C:\WINDOWS\SoftwareDistrib ution
2006-04-07 14:37:09 1144 3b0 Agent * Access type: No proxy
2006-04-07 14:37:09 1144 3b0 Agent * Network state: Connected
2006-04-07 14:37:12 1144 d38 Agent *********** Agent: Initializing Windows Update Agent ***********
2006-04-07 14:37:12 1144 d38 Agent *********** Agent: Initializing global settings cache ***********
2006-04-07 14:37:12 1144 d38 Agent * WSUS server: http://wsus.domain.com:8530
2006-04-07 14:37:12 1144 d38 Agent * WSUS status server: http://wsus.domain.com:8530
2006-04-07 14:37:12 1144 d38 Agent * Target group: Domain Computers
2006-04-07 14:37:12 1144 d38 Agent * Windows Update access disabled: No
2006-04-07 14:37:12 1144 d38 DnldMgr Download manager restoring 0 downloads
2006-04-07 14:37:12 1144 d38 AU ########### AU: Initializing Automatic Updates ###########
2006-04-07 14:37:12 1144 d38 AU AU setting next detection timeout to 2006-04-07 19:37:12
2006-04-07 14:37:12 1144 d38 AU # WSUS server: http://wsus.domain.com:8530
2006-04-07 14:37:12 1144 d38 AU # Detection frequency: 22
2006-04-07 14:37:12 1144 d38 AU # Target group: Domain Computers
2006-04-07 14:37:12 1144 d38 AU # Approval type: Scheduled (Policy)
2006-04-07 14:37:12 1144 d38 AU # Scheduled install day/time: Every day at 12:00
2006-04-07 14:37:12 1144 d38 AU # Auto-install minor updates: Yes (Policy)
2006-04-07 14:37:12 1144 d38 AU # Will interact with non-admins (Non-admins are elevated)
2006-04-07 14:37:12 1144 3b0 AU #############
2006-04-07 14:37:12 1144 3b0 AU ## START ## AU: Search for updates
2006-04-07 14:37:12 1144 3b0 AU #########
2006-04-07 14:37:12 1144 3b0 AU <<## SUBMITTED ## AU: Search for updates [CallId = {7826AEBD-E0D2-477A-85F8-F 163302F436 5}]
2006-04-07 14:37:12 1144 d38 AU Triggering AU detection through DetectNow API
2006-04-07 14:37:12 1144 3b0 AU Another AU detection is already in progress, using it
2006-04-07 14:37:12 1144 818 PT WARNING: GetConfig failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:12 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:12 1144 818 Agent *************
2006-04-07 14:37:12 1144 818 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 14:37:12 1144 818 Agent *********
2006-04-07 14:37:12 1144 818 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n failed with 0x80190197
2006-04-07 14:37:12 1144 818 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80190197
2006-04-07 14:37:12 1144 818 Misc WARNING: DownloadFileInternal failed for http://wsus.domain.com:8530/selfupdate/wuident.cab: error 0x80190197
2006-04-07 14:37:12 1144 818 Setup FATAL: IsUpdateRequired failed with error 0x8024401b
2006-04-07 14:37:12 1144 818 Report *********** Report: Initializing static reporting data ***********
2006-04-07 14:37:12 1144 818 Report * OS Version = 5.1.2600.2.0.65792
2006-04-07 14:37:13 1144 818 Report * Computer Brand = Dell Computer Corporation
2006-04-07 14:37:13 1144 818 Report * Computer Model = Latitude D400
2006-04-07 14:37:13 1144 818 Report * Bios Revision = A08
2006-04-07 14:37:13 1144 818 Report * Bios Name = Phoenix ROM BIOS PLUS Version 1.10 A08
2006-04-07 14:37:13 1144 818 Report * Bios Release Date = 2005-06-28T00:00:00
2006-04-07 14:37:13 1144 818 Report * Locale ID = 1033
2006-04-07 14:37:13 1144 818 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed: 0x8024401b
2006-04-07 14:37:13 1144 818 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed, error = 0x8024401B
2006-04-07 14:37:13 1144 818 Agent * WARNING: Skipping scan, self-update check returned 0x8024401B
2006-04-07 14:37:13 1144 818 Agent * WARNING: Exit code = 0x8024401B
2006-04-07 14:37:13 1144 818 Agent *********
2006-04-07 14:37:13 1144 818 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 14:37:13 1144 818 Agent *************
2006-04-07 14:37:13 1144 818 Agent WARNING: WU client failed Searching for update with error 0x8024401b
2006-04-07 14:37:13 1144 210 AU >>## RESUMED ## AU: Search for updates [CallId = {7826AEBD-E0D2-477A-85F8-F 163302F436 5}]
2006-04-07 14:37:13 1144 210 AU # WARNING: Search callback failed, result = 0x8024401B
2006-04-07 14:37:13 1144 210 AU #########
2006-04-07 14:37:13 1144 210 AU ## END ## AU: Search for updates [CallId = {7826AEBD-E0D2-477A-85F8-F 163302F436 5}]
2006-04-07 14:37:13 1144 210 AU #############
2006-04-07 14:37:13 1144 210 AU AU setting next detection timeout to 2006-04-08 00:37:13
2006-04-07 14:37:15 1144 818 Report Uploading 3 events using cached cookie, reporting URL = http://stats.update.microsoft.com/ReportingWebService/ReportingWebService.asmx
2006-04-07 14:37:15 1144 818 Report WARNING: Failed to upload events to the server with hr = c00ce509.
2006-04-07 14:37:15 1144 818 PT WARNING: ReportEventBatch failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:15 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:15 1144 818 PT WARNING: GetConfig failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:15 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:15 1144 818 Report Uploading 3 events using cached cookie, reporting URL = http://stats.update.microsoft.com/ReportingWebService/ReportingWebService.asmx
2006-04-07 14:37:15 1144 818 Report WARNING: Failed to upload events to the server with hr = c00ce509.
2006-04-07 14:37:15 1144 818 PT WARNING: ReportEventBatch failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:15 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:18 1144 818 Report REPORT EVENT: {0EFF58CF-26BA-4BE3-994D-9 DAEE159222 1} 2006-04-07 14:37:12-0500 1 148 101 {D67661EB-2423-451D-BF5D-1 3199E37DF2 8} 0 8024401b SelfUpdate Failure Software Synchronization Error: Agent failed detecting with reason: 0x8024401b
Now here's the log file of one of the PC's that is setup the same, Windows XP Pro SP2, same network settings and all. And, so you know, we don't clone our machines around here so the SSID should be different on all.
2006-04-07 08:57:21 1108 b0 AU #############
2006-04-07 08:57:21 1108 b0 AU ## START ## AU: Search for updates
2006-04-07 08:57:21 1108 b0 AU #########
2006-04-07 08:57:21 1108 b0 AU <<## SUBMITTED ## AU: Search for updates [CallId = {2E9DE34F-E5A0-4196-9105-1 01E779C634 5}]
2006-04-07 08:57:21 1108 1f8 Agent *************
2006-04-07 08:57:21 1108 1f8 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 08:57:21 1108 1f8 Agent *********
2006-04-07 08:57:22 1108 1f8 Setup *********** Setup: Checking whether self-update is required ***********
2006-04-07 08:57:22 1108 1f8 Setup * Inf file: C:\WINDOWS\SoftwareDistrib ution\Self Update\Def ault\wuset up.inf
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\cdm.dl l: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\iuengi ne.dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuapi. dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuaucl t.exe: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuaucl t1.exe: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuaucp l.cpl: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuauen g.dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuauen g1.dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wucltu i.dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wups.d ll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wups2. dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuweb. dll: target version = 5.8.0.2469, required version = 5.8.0.2469
2006-04-07 08:57:22 1108 1f8 Setup * IsUpdateRequired = No
2006-04-07 08:57:23 1108 1f8 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2006-04-07 08:57:23 1108 1f8 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B 43877BCB1B 7}, Server URL = http://wsus.domain.com/ClientWebService/client.asmx
2006-04-07 08:57:24 1108 1f8 PT Initializing simple targeting cookie, clientId = 8c1793c1-34b1-4cd4-92be-96 3a868f49fa , target group = Domain Computers, DNS name = eric-dupre.pateeng.com
2006-04-07 08:57:24 1108 1f8 PT Server URL = http://wsus.domain.com/SimpleAuthWebService/SimpleAuth.asmx
2006-04-07 08:57:35 1108 1f8 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2006-04-07 08:57:35 1108 1f8 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B 43877BCB1B 7}, Server URL = http://wsus.domain.com/ClientWebService/client.asmx
2006-04-07 08:57:35 1108 1f8 Agent * Found 0 updates and 8 categories in search
2006-04-07 08:57:35 1108 1f8 Agent *********
2006-04-07 08:57:35 1108 1f8 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 08:57:35 1108 1f8 Agent *************
2006-04-07 08:57:35 1108 1f8 AU >>## RESUMED ## AU: Search for updates [CallId = {2E9DE34F-E5A0-4196-9105-1 01E779C634 5}]
2006-04-07 08:57:35 1108 1f8 AU # 0 updates detected
2006-04-07 08:57:35 1108 1f8 AU #########
2006-04-07 08:57:35 1108 1f8 AU ## END ## AU: Search for updates [CallId = {2E9DE34F-E5A0-4196-9105-1 01E779C634 5}]
2006-04-07 08:57:35 1108 1f8 AU #############
2006-04-07 08:57:35 1108 1f8 AU AU setting next detection timeout to 2006-04-08 07:41:11
2006-04-07 08:57:40 1108 558 Report REPORT EVENT: {55415B00-94C8-4426-B07C-C 029EC88F1E 2} 2006-04-07 08:57:35-0500 1 147 101 {00000000-0000-0000-0000-0 0000000000 0} 0 0 AutomaticUpdates Success Software Synchronization Agent has finished detecting items.
2006-04-07 08:57:40 1108 558 Report REPORT EVENT: {B05346F0-E546-400D-ACF0-2 416339686B 1} 2006-04-07 08:57:35-0500 1 153 101 {00000000-0000-0000-0000-0 0000000000 0} 0 0 AutomaticUpdates Success Pre-Deployment Check Reporting client status.
2006-04-07 09:00:55 1108 5cc Report Uploading 2 events using cached cookie, reporting URL = http://wsus.domain.com/ReportingWebService/ReportingWebService.asmx
2006-04-07 09:00:59 1108 5cc Report Reporter successfully uploaded 2 events.
2006-04-07 12:00:10 1108 b0 AU Forced install timer expired for scheduled install
Everything points to this "Required Authentication" error, which in turn points me to this thing trying to go the wrong way, which points me to some type of network related configuration. But they are the same!!!
2006-04-07 14:37:07 1144 8f4 Service *********
2006-04-07 14:37:07 1144 8f4 Service ** END ** Service: Service exit [Exit code = 0x240001]
2006-04-07 14:37:07 1144 8f4 Service *************
2006-04-07 14:37:09 1144 3b0 Misc =========== Logging initialized (build: 5.8.0.2469, tz: -0500) ===========
2006-04-07 14:37:09 1144 3b0 Misc = Process: C:\WINDOWS\System32\svchos
2006-04-07 14:37:09 1144 3b0 Misc = Module: C:\WINDOWS\system32\wuauen
2006-04-07 14:37:09 1144 3b0 Service *************
2006-04-07 14:37:09 1144 3b0 Service ** START ** Service: Service startup
2006-04-07 14:37:09 1144 3b0 Service *********
2006-04-07 14:37:09 1144 3b0 Agent * WU client version 5.8.0.2469
2006-04-07 14:37:09 1144 3b0 Agent * WARNING: Failed to obtain SusClientId
2006-04-07 14:37:09 1144 3b0 Agent * Base directory: C:\WINDOWS\SoftwareDistrib
2006-04-07 14:37:09 1144 3b0 Agent * Access type: No proxy
2006-04-07 14:37:09 1144 3b0 Agent * Network state: Connected
2006-04-07 14:37:12 1144 d38 Agent *********** Agent: Initializing Windows Update Agent ***********
2006-04-07 14:37:12 1144 d38 Agent *********** Agent: Initializing global settings cache ***********
2006-04-07 14:37:12 1144 d38 Agent * WSUS server: http://wsus.domain.com:8530
2006-04-07 14:37:12 1144 d38 Agent * WSUS status server: http://wsus.domain.com:8530
2006-04-07 14:37:12 1144 d38 Agent * Target group: Domain Computers
2006-04-07 14:37:12 1144 d38 Agent * Windows Update access disabled: No
2006-04-07 14:37:12 1144 d38 DnldMgr Download manager restoring 0 downloads
2006-04-07 14:37:12 1144 d38 AU ########### AU: Initializing Automatic Updates ###########
2006-04-07 14:37:12 1144 d38 AU AU setting next detection timeout to 2006-04-07 19:37:12
2006-04-07 14:37:12 1144 d38 AU # WSUS server: http://wsus.domain.com:8530
2006-04-07 14:37:12 1144 d38 AU # Detection frequency: 22
2006-04-07 14:37:12 1144 d38 AU # Target group: Domain Computers
2006-04-07 14:37:12 1144 d38 AU # Approval type: Scheduled (Policy)
2006-04-07 14:37:12 1144 d38 AU # Scheduled install day/time: Every day at 12:00
2006-04-07 14:37:12 1144 d38 AU # Auto-install minor updates: Yes (Policy)
2006-04-07 14:37:12 1144 d38 AU # Will interact with non-admins (Non-admins are elevated)
2006-04-07 14:37:12 1144 3b0 AU #############
2006-04-07 14:37:12 1144 3b0 AU ## START ## AU: Search for updates
2006-04-07 14:37:12 1144 3b0 AU #########
2006-04-07 14:37:12 1144 3b0 AU <<## SUBMITTED ## AU: Search for updates [CallId = {7826AEBD-E0D2-477A-85F8-F
2006-04-07 14:37:12 1144 d38 AU Triggering AU detection through DetectNow API
2006-04-07 14:37:12 1144 3b0 AU Another AU detection is already in progress, using it
2006-04-07 14:37:12 1144 818 PT WARNING: GetConfig failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:12 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:12 1144 818 Agent *************
2006-04-07 14:37:12 1144 818 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 14:37:12 1144 818 Agent *********
2006-04-07 14:37:12 1144 818 Misc WARNING: WinHttp: SendRequestToServerForFile
2006-04-07 14:37:12 1144 818 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80190197
2006-04-07 14:37:12 1144 818 Misc WARNING: DownloadFileInternal failed for http://wsus.domain.com:8530/selfupdate/wuident.cab: error 0x80190197
2006-04-07 14:37:12 1144 818 Setup FATAL: IsUpdateRequired failed with error 0x8024401b
2006-04-07 14:37:12 1144 818 Report *********** Report: Initializing static reporting data ***********
2006-04-07 14:37:12 1144 818 Report * OS Version = 5.1.2600.2.0.65792
2006-04-07 14:37:13 1144 818 Report * Computer Brand = Dell Computer Corporation
2006-04-07 14:37:13 1144 818 Report * Computer Model = Latitude D400
2006-04-07 14:37:13 1144 818 Report * Bios Revision = A08
2006-04-07 14:37:13 1144 818 Report * Bios Name = Phoenix ROM BIOS PLUS Version 1.10 A08
2006-04-07 14:37:13 1144 818 Report * Bios Release Date = 2005-06-28T00:00:00
2006-04-07 14:37:13 1144 818 Report * Locale ID = 1033
2006-04-07 14:37:13 1144 818 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed: 0x8024401b
2006-04-07 14:37:13 1144 818 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed, error = 0x8024401B
2006-04-07 14:37:13 1144 818 Agent * WARNING: Skipping scan, self-update check returned 0x8024401B
2006-04-07 14:37:13 1144 818 Agent * WARNING: Exit code = 0x8024401B
2006-04-07 14:37:13 1144 818 Agent *********
2006-04-07 14:37:13 1144 818 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 14:37:13 1144 818 Agent *************
2006-04-07 14:37:13 1144 818 Agent WARNING: WU client failed Searching for update with error 0x8024401b
2006-04-07 14:37:13 1144 210 AU >>## RESUMED ## AU: Search for updates [CallId = {7826AEBD-E0D2-477A-85F8-F
2006-04-07 14:37:13 1144 210 AU # WARNING: Search callback failed, result = 0x8024401B
2006-04-07 14:37:13 1144 210 AU #########
2006-04-07 14:37:13 1144 210 AU ## END ## AU: Search for updates [CallId = {7826AEBD-E0D2-477A-85F8-F
2006-04-07 14:37:13 1144 210 AU #############
2006-04-07 14:37:13 1144 210 AU AU setting next detection timeout to 2006-04-08 00:37:13
2006-04-07 14:37:15 1144 818 Report Uploading 3 events using cached cookie, reporting URL = http://stats.update.microsoft.com/ReportingWebService/ReportingWebService.asmx
2006-04-07 14:37:15 1144 818 Report WARNING: Failed to upload events to the server with hr = c00ce509.
2006-04-07 14:37:15 1144 818 PT WARNING: ReportEventBatch failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:15 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:15 1144 818 PT WARNING: GetConfig failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:15 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:15 1144 818 Report Uploading 3 events using cached cookie, reporting URL = http://stats.update.microsoft.com/ReportingWebService/ReportingWebService.asmx
2006-04-07 14:37:15 1144 818 Report WARNING: Failed to upload events to the server with hr = c00ce509.
2006-04-07 14:37:15 1144 818 PT WARNING: ReportEventBatch failure, error = 0x8024401B, soap client error = 10, soap error code = 0, HTTP status code = 407
2006-04-07 14:37:15 1144 818 Report WARNING: Reporter failed to upload events with hr = 8024401b.
2006-04-07 14:37:18 1144 818 Report REPORT EVENT: {0EFF58CF-26BA-4BE3-994D-9
Now here's the log file of one of the PC's that is setup the same, Windows XP Pro SP2, same network settings and all. And, so you know, we don't clone our machines around here so the SSID should be different on all.
2006-04-07 08:57:21 1108 b0 AU #############
2006-04-07 08:57:21 1108 b0 AU ## START ## AU: Search for updates
2006-04-07 08:57:21 1108 b0 AU #########
2006-04-07 08:57:21 1108 b0 AU <<## SUBMITTED ## AU: Search for updates [CallId = {2E9DE34F-E5A0-4196-9105-1
2006-04-07 08:57:21 1108 1f8 Agent *************
2006-04-07 08:57:21 1108 1f8 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 08:57:21 1108 1f8 Agent *********
2006-04-07 08:57:22 1108 1f8 Setup *********** Setup: Checking whether self-update is required ***********
2006-04-07 08:57:22 1108 1f8 Setup * Inf file: C:\WINDOWS\SoftwareDistrib
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\cdm.dl
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\iuengi
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuapi.
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuaucl
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuaucl
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuaucp
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuauen
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuauen
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wucltu
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wups.d
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wups2.
2006-04-07 08:57:22 1108 1f8 Setup Update NOT required for C:\WINDOWS\system32\wuweb.
2006-04-07 08:57:22 1108 1f8 Setup * IsUpdateRequired = No
2006-04-07 08:57:23 1108 1f8 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2006-04-07 08:57:23 1108 1f8 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B
2006-04-07 08:57:24 1108 1f8 PT Initializing simple targeting cookie, clientId = 8c1793c1-34b1-4cd4-92be-96
2006-04-07 08:57:24 1108 1f8 PT Server URL = http://wsus.domain.com/SimpleAuthWebService/SimpleAuth.asmx
2006-04-07 08:57:35 1108 1f8 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2006-04-07 08:57:35 1108 1f8 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B
2006-04-07 08:57:35 1108 1f8 Agent * Found 0 updates and 8 categories in search
2006-04-07 08:57:35 1108 1f8 Agent *********
2006-04-07 08:57:35 1108 1f8 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2006-04-07 08:57:35 1108 1f8 Agent *************
2006-04-07 08:57:35 1108 1f8 AU >>## RESUMED ## AU: Search for updates [CallId = {2E9DE34F-E5A0-4196-9105-1
2006-04-07 08:57:35 1108 1f8 AU # 0 updates detected
2006-04-07 08:57:35 1108 1f8 AU #########
2006-04-07 08:57:35 1108 1f8 AU ## END ## AU: Search for updates [CallId = {2E9DE34F-E5A0-4196-9105-1
2006-04-07 08:57:35 1108 1f8 AU #############
2006-04-07 08:57:35 1108 1f8 AU AU setting next detection timeout to 2006-04-08 07:41:11
2006-04-07 08:57:40 1108 558 Report REPORT EVENT: {55415B00-94C8-4426-B07C-C
2006-04-07 08:57:40 1108 558 Report REPORT EVENT: {B05346F0-E546-400D-ACF0-2
2006-04-07 09:00:55 1108 5cc Report Uploading 2 events using cached cookie, reporting URL = http://wsus.domain.com/ReportingWebService/ReportingWebService.asmx
2006-04-07 09:00:59 1108 5cc Report Reporter successfully uploaded 2 events.
2006-04-07 12:00:10 1108 b0 AU Forced install timer expired for scheduled install
Everything points to this "Required Authentication" error, which in turn points me to this thing trying to go the wrong way, which points me to some type of network related configuration. But they are the same!!!
ASKER
UPDATE: OK, I added the WSUS server to the proxycfg bypass list with this "proxycfg -p PROXY_SERVER "http://wsus_server"" so that it now lists that I am using a proxy server and the WSUS server is on the bypass list. NOW EVERYTHING WORKS on this PC.
So, my next question is, why do I need this, when the other computer that works is set to "direct connection"???? I would rather not have to add another step in here when "direct connection" should work for all computers. Hell, the PC that works doesn't even have the registry key (HKLM\SOFTWARE\Microsoft\W indows\Cur rentVersio n\Internet Settings\Connections) which is where the proxycfg saves its info. So, why do some PC's need it and some don't??? There seems to be no other differences between these PC's.
So, if this is going to be the only way to make this work, is there some easy way through GPO's that I can push this setting out to everyone? I would rather not have to set this though, because it shouldn't have to be. And, if we ever change proxy servers I got to go back and make these changes again.
So, my next question is, why do I need this, when the other computer that works is set to "direct connection"???? I would rather not have to add another step in here when "direct connection" should work for all computers. Hell, the PC that works doesn't even have the registry key (HKLM\SOFTWARE\Microsoft\W
So, if this is going to be the only way to make this work, is there some easy way through GPO's that I can push this setting out to everyone? I would rather not have to set this though, because it shouldn't have to be. And, if we ever change proxy servers I got to go back and make these changes again.
Is the selfupdate really running on port 8530? I see that you set the WSUS prot to 8530, but normally the selfupdate tree is port 80.
Suggest you have a look at both selfupdate and the content to determine if authentication is the same on both.
Proxy bypass will affect port 80 traffic and not 8530 - if the AU clients are in need of update they will be looking to selfupdate on port 80 and thus use your proxy unless you exclude it. The other clients that may already have the new AU client will just go out to 8530 direct and not be affected by your proxy.
Suggest you have a look at both selfupdate and the content to determine if authentication is the same on both.
Proxy bypass will affect port 80 traffic and not 8530 - if the AU clients are in need of update they will be looking to selfupdate on port 80 and thus use your proxy unless you exclude it. The other clients that may already have the new AU client will just go out to 8530 direct and not be affected by your proxy.
ASKER
When I installed WSUS on the server, it gave me the option to install WSUS to a different website on port 8530. So I did that. So, not only did it install the WSUS server on port 8530 on its own website (which included Selfupdate), but it also installed virtual directories Selfupdate and ClientWebService on the Default Website on port 80. So, there are 2 Selfupdates. I just selected the options, I didn't change anything.
The original WSUS server was setup the same, or did you use port 80 all along?
I think the clients are confused as to where to look for these updates. According to your logs it has WSUS settings for port 8530, but deeper into them it is looking to port 80 - and port 80 would be attempting to use the proxy unless this site is excluded. You can put the WSUS server into the exclusion list or bypass proxy for local sites, but that's about all unless you remove WSUS and start over using port 80. If you are not running any other websites, it might be cleaner to remove and reinstall using the default website and port.
I think the clients are confused as to where to look for these updates. According to your logs it has WSUS settings for port 8530, but deeper into them it is looking to port 80 - and port 80 would be attempting to use the proxy unless this site is excluded. You can put the WSUS server into the exclusion list or bypass proxy for local sites, but that's about all unless you remove WSUS and start over using port 80. If you are not running any other websites, it might be cleaner to remove and reinstall using the default website and port.
ASKER
OK, I totally uninstalled the WSUS server and then reinstalled using the default port 80 setup. So, the server is located on the WSUS Default Website at port 80. I've gone in and changed the GPO to point to this new site, removed the exception from the bypass list, and now my PC still tries to go through the PROXY server to access this "internal" WSUS server. Why does this only happen on some computers???? If there is no way around adding the WSUS server to the proxycfg bypass list, is there somewhere I can add it centrally that will make this change for all PC's? What about in a GPO somewhere? I have it added to IE exception list, but I guess that is not the same thing.
ASKER
Is there a way to set an exception in the bypass list of the proxycfg without setting a proxy server?
There must be a Group Policy somewhere that is setting this. It should go directly to the WSUS server - as you already expect.
To have an exception, you have to have a proxy to use otherwise it wouldn't use a proxy at all.
If you open GPEDIT.MSC on one of these clients that are misbehaving there should be IE settings under both Computer and User portions of the policy. You can see the local and effective settings of anything set. If anything related to IE and proxy is showing under Effective Settings then it's coming from a policy somewhere. Was a policy set at some point and then deleted without reversing the settings?
To have an exception, you have to have a proxy to use otherwise it wouldn't use a proxy at all.
If you open GPEDIT.MSC on one of these clients that are misbehaving there should be IE settings under both Computer and User portions of the policy. You can see the local and effective settings of anything set. If anything related to IE and proxy is showing under Effective Settings then it's coming from a policy somewhere. Was a policy set at some point and then deleted without reversing the settings?
ASKER
How do yyou "reverse" the settings for a policy?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK, I solved it!!!! On our ISA 2000 (Proxy) Server, since we use WPAD for Automatic Detection through DNS and DHCP, I had to go into the Client Configuration > Web Browser settings and turn on the Bypass Proxy for Local Servers under the Direct Access tab. I never thought about this cause, I didn't actually realize those particular settings are what actually "write" the wpad.dat file that Automatic IE clients get.
And, I found this by finally finding an article that states that WinHTTP clients, which Automatic Updates is if you are not actually manually going out to the Windows Update website, do not use IE settings inlcuding the IE exceptions list to access the Windows Update site. So, if you manually open IE and go to the Windows Update site, you are using all IE settings. BUT, if you use any kind of automatic scheduling for Windows Updates, to where you are not manually going out to the website, it uses the WinHTTP (which is the proxycfg tool) which either goes directly out there or through the automatically detect settings, or the wpad.dat or proxy script if you are using that.
After figuring that out and doing some narrowing down, I found (as others had said in the past, just didn't make total sense) that since our client PC's use the Automatically Detect config of the wpad.dat through DNS and/or DHCP, then I needed to focus there. After making some changes, and testing, I have all my client PC's now popping up in there. YES!!!!! Case closed.
I am going to award the points to Netman66 because 1) He tried hard to help me and narrow things down and 2) he taught me something else about GPO's that I didn't quite know, in that you should disable the settings first and not "not configure" them in order to reverse the settings. Thanks for everything.
And, I found this by finally finding an article that states that WinHTTP clients, which Automatic Updates is if you are not actually manually going out to the Windows Update website, do not use IE settings inlcuding the IE exceptions list to access the Windows Update site. So, if you manually open IE and go to the Windows Update site, you are using all IE settings. BUT, if you use any kind of automatic scheduling for Windows Updates, to where you are not manually going out to the website, it uses the WinHTTP (which is the proxycfg tool) which either goes directly out there or through the automatically detect settings, or the wpad.dat or proxy script if you are using that.
After figuring that out and doing some narrowing down, I found (as others had said in the past, just didn't make total sense) that since our client PC's use the Automatically Detect config of the wpad.dat through DNS and/or DHCP, then I needed to focus there. After making some changes, and testing, I have all my client PC's now popping up in there. YES!!!!! Case closed.
I am going to award the points to Netman66 because 1) He tried hard to help me and narrow things down and 2) he taught me something else about GPO's that I didn't quite know, in that you should disable the settings first and not "not configure" them in order to reverse the settings. Thanks for everything.
Nice work. You mentioned WPAD in the question and it went right by me. This would definitely be the problem since the PAC file will dictate what the client does.
I learned from this also - not many people use WPAD entries so I didn't even give it a second thought.
Thanks!
NM
I learned from this also - not many people use WPAD entries so I didn't even give it a second thought.
Thanks!
NM
ok, once we "ENABLE" something on the GPO we must DISABLE it right ?
rather than NOT CONFIGURED ?
rather than NOT CONFIGURED ?
When you removed WSUS from the original server, did you also disable the Windows Update GPO?
I think you're going to have to reset the clients.
Make sure (using gpresult) that the WSUS policy is applying.
Check the registry on this PC to make sure the new server is in there and not still pointing to the old one.
Make sure in IE that "Bypass proxy for local addresses" is checked.
Reset the client like so:
a. Run regedit and go to HKEY_LOCAL_MACHINE\SOFTWAR
b. Delete the PingID, SUSClientID and the AccountDomainSID keys (or do they just delete values or is it the same thing)
c. Stop and start the Wuauserv Service
d. From the command prompt run: wuauclt /resetauthorization /detectnow
Try this on one PC to see if it connects and shows up in the console.