• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1431
  • Last Modified:

Missing Computer from WSUS console

Hello All,

I have a small problem. I have about 250 systems and I use a WSUS server to keep them up to date. I have 2 workstations for some reason, that just will not report to the WSUS server.

Things I've tried:

net stop wuauserv
net stop bits
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
net start bits
wuauclt /resetauthorization /detectnow

Also have completely deleted the windowsupdate section from the Registry and replaced it from a working system.

I added the update server to the local machine by going into gpedit.msc

I have a GP for this and it works on all but 2 of my systems so I'm pretty sure that's not it. I have searched the Internet extensively on this issue and have seen hints of a utility from Microsoft that fixes this problem but that Microsoft doesn't openly publish. If that's true it really 'upsets' me.

Anyway I'm kind of stuck. Anybody have any ideas what could be causing my problem.

Thanks
Eric
0
bwask
Asked:
bwask
  • 8
  • 8
  • 3
  • +1
1 Solution
 
nsx106052Commented:
I would also check to make sure those 2 computers are in the correct OU that points to your WSUS service.  Also be sure to restart the Windows firewall service.  
0
 
bwaskAuthor Commented:
Thanks for the response,

Yep, done that, and they are. I have a GP that turns off the Firewall on all my workstation and it is off on these systems as well.
0
 
nsx106052Commented:
Did you also try removing the two computers from the WSUS console and then adding them back in?  The registry might be messed up.  

I found this web page which has a utility that may help:
http://www.espinola.net/wiki/So_you_want_to_fix_all_your_WSUS_clients
0
2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

 
bwaskAuthor Commented:
I guess I should have made it more clear, they aren't showing up under computers on the WSUS server, so I can't remove them.

When you say "the registry might be messed up" do you mean the server or the workstation? I've already removed all registry info as per my above post from the problem workstation.

I have however removed a few workstations from the console that are listed, and they repopulate just fine.

Thanks
Eric
0
 
nsx106052Commented:
I think the server is fine.  I meant the workstation.  
0
 
ChiefITCommented:
I have been working with another post where only a couple clients showed up. When running a WSUS client diagnostic tool, they came up with the 503 error on the client (overloaded NIC). The WSUS client diag tool will show a line in the text that says something like:

VerifyWUServerURL() failed with hr=0x801901f7

The proposed fix to this is:
"Check your registry (on the client machine) for a Binary value in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet
Settings\Connections that is called WinHttpSettings. If it exists,
delete it."

and I found that fix on this site:
http://www.wsus.info/forums/index.php?showtopic=5308


The fact that the majority of your clienst means the clients are seeing the server.
____________________________________________________________________________
Another thing could be the client's software firewall blocking you from accessing the server.
____________________________________________________________________________
Yet, another problem is imaged/cloned computers. You can't have the same SID as another computer. Otherwise this computer will not show up.
http://www.wsus.info/forums/index.php?showtopic=9312&pid=34802&mode=threaded&start=

0
 
bwaskAuthor Commented:
Thanks for the reply,

OK, I checked the registry for "WiinHttpSettings", none exists.

Here's the screen dump from running clientdiag.exe

========================================


WSUS Client Diagnostics Tool

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is running. . . PASS
        Wuaueng.dll version 7.0.6000.381. . . . . . . . . . . . PASS
                This version is WSUS 2.0

Checking AU Settings
        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . .  NONE
                Winhttp local machine ProxyBypass. . . . . . .  NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy
                x.x.x.x:xxxx
                User IE ProxyByPass
                172.17.137.7;*.paccar.com;*.pactools.net;*.pactools.net;172.17.1
37.13;http://buckeye;http://gopher;172.17.137.8;172.24.27.17;http://myano;172.17
.139.7;172.17.139.16;172.24.27.81;172.24.27.5;;<local>
                User IE AutoConfig URL Proxy . . . . . . . . .  NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
                WUServer = http://buckeye
                WUStatusServer = http://buckeye
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
        Connection to server. . . . . . . . . . . . . . . . . . PASS
        SelfUpdate folder is present. . . . . . . . . . . . . . PASS

Press Enter to Complete
0
 
ChiefITCommented:
What the heck is this?

http://buckeye;http://gopher;172.17.137.8;172.24.27.17;http://myano;172.17
.139.7;172.17.139.16;172.24.27.81;172.24.27.5;;<local>

It looks like a browser hijack.

Please run Hijack this and post it on this site for analization:
http://www.hijackthis.de/index.php?langselect=english#anl
0
 
ChiefITCommented:
another thing to lookout for:

http://buckeye

Are you using port 8530? If so, you GP may be correct, but the client isn't.
0
 
bwaskAuthor Commented:
ChiefIT,

Ya, I was afraid that might confuse somebody. That's my exception list in IE. Notice on the screen dump it says "User IE ProxyByPass", that's exactly what it is. You'll notice that there are ";" separating the http entries. These are all different servers that reside internally that the workstations have to access directly and not through the proxy.

As far as port 8530 is concerned, all my machine use http://buckeye and that's it. This runs on the Default Web Site on port 80 on the buckeye server.

Thanks
Eric
0
 
ChiefITCommented:
Oh, I see. Well, in that case I don't see any issues in client diag.

Is this an imaged or cloned machine? WSUS has issues with those.
http://www.wsus.info/forums/index.php?showtopic=9312&pid=34802&mode=threaded&start=
and
http://support.microsoft.com/kb/903262/en-us
0
 
bwaskAuthor Commented:
This is a RIS (Remote Installation Services) image, (Microsoft's version of Ghost). These loads are all syspreped as part of the image process.

At any rate I've deleted the entries in the registry (as stated above) that have to do with this particular problem:

reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f

Thanks
Eric
0
 
ChiefITCommented:
I think by default, It can take up to 22 hours to show up. Want to see if this works for you?
0
 
bwaskAuthor Commented:
If I don't do anything, then yes, however if I run the command:

wuauclt /resetauthorization /detectnow

It forces it to list immediately. I have done this on working systems and if I remove them from the console run the command they will instantly pop back into the console.

Eric
0
 
ChiefITCommented:
that's true, what was I thinking??

did a reset auth come up with good results?
0
 
bwaskAuthor Commented:
It runs fine but the system never shows up in the WSUS server console.
0
 
ChiefITCommented:
Wow, I guess I am as stumped as you are. Usually imaged machines, or firewall, or group policy, or something that pops up in WSUS points us in the right direction. This is an odd case.
0
 
ChiefITCommented:
There is one other case that I found odd. It appeared that cookies were the culprite. The cookies needed to be flushed out. Now, I don't know why cookies were an issue.

I also had one that we needed to flush the DNS cache on the client. But, you have a clear connection to the server because everything works fine.
0
 
bwaskAuthor Commented:
Well this appears to have fixed it, weirdest damn thing. Anyway thanks.
0
 
fnoCommented:
I would say that clearing cookies or flushing the DNS client cache will not help this problem. The WSUS Client Diagnostics Tool would not give its "PASS" if any of those were the problem. I'm currently having the same issue, and have had for 6 months now. The Automatic Update Client do its patching part, so communication with the server do work, it's the reporting that doesn't.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 8
  • 8
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now