Computer not being added to WSUS

I installed a fresh copy of windows 2003 server and setup WSUS with SQL 2005 Standard and no computers are being added to WSUS. I changed the group policy to http://192.168.1.2 which is the IP address for the computer. Actually-there is one computer that got added which was itself.

I also ran the WSUS client diagnostics and everything passes. What else can I do?
supanatralAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lnkevinCommented:
You have to create an OU in AD and move the server/pc that you want to update with WSUS in it. Create a template in GPO for deploying WSUS with GPO. Apply the new rule (template) to the OU. Check the following procedure from MS for more hint:
http://technet2.microsoft.com/windowsserver/en/library/51c8a814-6665-4d50-a0d8-2ae27e69ca7c1033.mspx?mfr=true

K
0
lnkevinCommented:
More detail procedure that is exactly what you need:
http://www.cites.uiuc.edu/wsus/clientinstall.html

K
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

supanatralAuthor Commented:
Does it matter if the server that has WSUS on it is a backup domain controller?
0
lnkevinCommented:
No, it does not. In windows 2003 environment, there is no such backup DC. Every DC is the same.

K
0
supanatralAuthor Commented:
Also, I don't know how much this helps but the one computer that has connected to WSUS (which is itself) hasn't gotten a report yet and its been 24 hours now. does that mean anythign?
0
lnkevinCommented:
You have to configure WSUS with GPO. That is how the software design for. Here is more detail with screenshot of how to completely implement WSUS in case you have never set it up before:
http://win2k.ucsd.edu/UCSD-WSUS-Howto/

K
0
supanatralAuthor Commented:
I think I already set it up correctly but I'm going to paste my GPO configuration.

Do not display 'Install Updates and shut Down' option in Shut Down Windows dialog box - Enabled

Do not Adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box - Enabled

Configure Automatic Updates - Enabled - Auto Download and schedule the install everyday at 3:00

Specify intranet Microsoft update service location - Enabled - http://192.168.1.2 and http://192.168.1.2

Enable client-side targeting - Enabled - ATD

Reschedule Automatic Updates scheduled installations - Enabled - startup = 1 minute

No auto-restart for scheduled Automatic Updates installations - Enabled

Automatic Updates detection frequency : enabled - 1 hour

Allow Automatic updates immediate installation - Enabled

Delay Restart for scheduled installations - Enabled - Restart after 5 minutes

re-prompt for restart with scheduled installations - Disabled

Allow non-administrators to recieve update notifications - Enabled

Enable recommended updates via Automatic Update - Enabled

Enabling Windows Update Power Management to automatically wake up the system to install scheduled updates - Enabled

Allow Signed Content from intranet Microsoft update service location - Enabled

-
Does that look right? I only set it to look for updates every hour just so It would be nice and quick if the WSUS server and clients are working correctly. also, like i said before, I ran the WSUS client diagnostics on another client computer, and it seems to be getting the group policy pushed down to it because one of the tests it looks for 192.168.1.2. Any ideas?
0
lnkevinCommented:
GPO looks good to me. What happen if you type 192.168.1.2 on the browser? Does it go to the update site?

K
0
supanatralAuthor Commented:
It asks me for the username and password, then when i type in administrators username and password, it tells me that the site is under construction. When I turned off Integrated Windows Authentication, I then got a page that told me that I'm not authorized to access the page. I turned it back on and I'm back to where I was before. This is interesting....What's going on here?
0
supanatralAuthor Commented:
OK, Now I'm confused. I decided to install it on another computer and change the group policy so as to reflect the new IP. I'm excited because the clients are connecting to it, however if I run client diagnostics, I still get an error that says:

WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL, &downloadBuffer) failed with hr=0x80190194

Should I be worried or just happy that it works?
0
lnkevinCommented:
still get an error that says.....

Did you have IIS installed on the server? IIS took port 80 so you want to make sure there is no other web server such as: Apache, TomCat, Jboss... is running or sharing port 80. Also, do not install WSUS on your Exchange server because it will share port 80 with Exchange.

K
0
lnkevinCommented:
0
supanatralAuthor Commented:
I changed it to make it easier already, Its now 8530, which is the default port if you decide to use a new website during install. I also changed the GPO to reflect these changes. Heres the latest diagnostics and config.

Once again, theres only one computer thats been added to WSUS and that's itself
ClientDiag.JPG
GetConfiguration.log
0
supanatralAuthor Commented:
One of those websites gave me the idea to check the windows update log on one of the clients. I am getting an error though. Here it is:

2008-01-18      10:30:26:296      1184      1178      PT      WARNING: Cached cookie has expired or new PID is available
2008-01-18      10:30:26:296      1184      1178      PT      Initializing simple targeting cookie, clientId = ab466de4-112a-456c-93cb-901ad259b1c8, target group = , DNS name = seiko.atd.autotriminc.com
2008-01-18      10:30:26:296      1184      1178      PT        Server URL = http://192.168.1.2/SimpleAuthWebService/SimpleAuth.asmx
2008-01-18      10:30:26:312      1184      1178      PT      WARNING: GetAuthorizationCookie failure, error = 0x80244017, soap client error = 10, soap error code = 0, HTTP status code = 401
2008-01-18      10:30:26:312      1184      1178      PT      WARNING: Failed to initialize Simple Targeting Cookie: 0x80244017
2008-01-18      10:30:26:312      1184      1178      PT      WARNING: PopulateAuthCookies failed: 0x80244017
2008-01-18      10:30:26:312      1184      1178      PT      WARNING: RefreshCookie failed: 0x80244017
2008-01-18      10:30:26:312      1184      1178      PT      WARNING: RefreshPTState failed: 0x80244017
2008-01-18      10:30:26:312      1184      1178      PT      WARNING: PTError: 0x80244017
2008-01-18      10:30:26:312      1184      1178      Report      WARNING: Reporter failed to upload events with hr = 80244017.
0
lnkevinCommented:
Did you create an OU and set a computer policy for update (not user)? Move you server to that OU. You need to link WSUS to the OU containing your server or other computer that to be update with WSUS.

K



0
supanatralAuthor Commented:
No I didn't. How would I go about doing that? All I did for policies is right click on the domain,go to properties, go to the group policy tab then click the default one and finally click edit. Sorry, I don't fully understand. Is there a how to on a website somewhere?
0
supanatralAuthor Commented:
Wait, is this what you mean? http://win2k.ucsd.edu/UCSD-WSUS-Howto/

I really don't understand this one. I've only installed it and tried going from there. heres a screenshot. Keep in mind that this is only a backup domain controller.
untitled.JPG
0
lnkevinCommented:
How would I go about doing that?
You have to create an OU in Active Directory User and computer. Here is the instruction:
http://technet2.microsoft.com/windowsserver/en/library/f66c6142-c87a-457a-9595-d89fb5ce96c71033.mspx?mfr=true

After created OU, move your computers, servers to the OU so when you apply the policy to that OU all the computers will be affected. Here is how you link your WSUS policy to the OU:
http://win2k.ucsd.edu/UCSD-WSUS-Howto/


K
0
ChiefITCommented:
You moved the server to an alternative port. Port security applications, like a firewall, will now have to be unblocked. So, what type of software firewall are you using?

Your GPO should now go to the site of Http://yourservername:8530

Once you have your firewall in order and the GPO with the correct port number, it should work. If not there are plenty of other reasons that could be the reason your server is not populating the list of clients and servers in WSUS.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.