?
Solved

Missing Computer from WSUS console

Posted on 2008-10-27
20
Medium Priority
?
1,430 Views
Last Modified: 2010-04-21
Hello All,

I have a small problem. I have about 250 systems and I use a WSUS server to keep them up to date. I have 2 workstations for some reason, that just will not report to the WSUS server.

Things I've tried:

net stop wuauserv
net stop bits
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
net start bits
wuauclt /resetauthorization /detectnow

Also have completely deleted the windowsupdate section from the Registry and replaced it from a working system.

I added the update server to the local machine by going into gpedit.msc

I have a GP for this and it works on all but 2 of my systems so I'm pretty sure that's not it. I have searched the Internet extensively on this issue and have seen hints of a utility from Microsoft that fixes this problem but that Microsoft doesn't openly publish. If that's true it really 'upsets' me.

Anyway I'm kind of stuck. Anybody have any ideas what could be causing my problem.

Thanks
Eric
0
Comment
Question by:bwask
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 8
  • 3
  • +1
20 Comments
 
LVL 12

Expert Comment

by:nsx106052
ID: 22816373
I would also check to make sure those 2 computers are in the correct OU that points to your WSUS service.  Also be sure to restart the Windows firewall service.  
0
 

Author Comment

by:bwask
ID: 22816676
Thanks for the response,

Yep, done that, and they are. I have a GP that turns off the Firewall on all my workstation and it is off on these systems as well.
0
 
LVL 12

Expert Comment

by:nsx106052
ID: 22816951
Did you also try removing the two computers from the WSUS console and then adding them back in?  The registry might be messed up.  

I found this web page which has a utility that may help:
http://www.espinola.net/wiki/So_you_want_to_fix_all_your_WSUS_clients
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 

Author Comment

by:bwask
ID: 22817225
I guess I should have made it more clear, they aren't showing up under computers on the WSUS server, so I can't remove them.

When you say "the registry might be messed up" do you mean the server or the workstation? I've already removed all registry info as per my above post from the problem workstation.

I have however removed a few workstations from the console that are listed, and they repopulate just fine.

Thanks
Eric
0
 
LVL 12

Expert Comment

by:nsx106052
ID: 22817469
I think the server is fine.  I meant the workstation.  
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22818997
I have been working with another post where only a couple clients showed up. When running a WSUS client diagnostic tool, they came up with the 503 error on the client (overloaded NIC). The WSUS client diag tool will show a line in the text that says something like:

VerifyWUServerURL() failed with hr=0x801901f7

The proposed fix to this is:
"Check your registry (on the client machine) for a Binary value in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet
Settings\Connections that is called WinHttpSettings. If it exists,
delete it."

and I found that fix on this site:
http://www.wsus.info/forums/index.php?showtopic=5308


The fact that the majority of your clienst means the clients are seeing the server.
____________________________________________________________________________
Another thing could be the client's software firewall blocking you from accessing the server.
____________________________________________________________________________
Yet, another problem is imaged/cloned computers. You can't have the same SID as another computer. Otherwise this computer will not show up.
http://www.wsus.info/forums/index.php?showtopic=9312&pid=34802&mode=threaded&start=

0
 

Author Comment

by:bwask
ID: 22821676
Thanks for the reply,

OK, I checked the registry for "WiinHttpSettings", none exists.

Here's the screen dump from running clientdiag.exe

========================================


WSUS Client Diagnostics Tool

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is running. . . PASS
        Wuaueng.dll version 7.0.6000.381. . . . . . . . . . . . PASS
                This version is WSUS 2.0

Checking AU Settings
        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . .  NONE
                Winhttp local machine ProxyBypass. . . . . . .  NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy
                x.x.x.x:xxxx
                User IE ProxyByPass
                172.17.137.7;*.paccar.com;*.pactools.net;*.pactools.net;172.17.1
37.13;http://buckeye;http://gopher;172.17.137.8;172.24.27.17;http://myano;172.17
.139.7;172.17.139.16;172.24.27.81;172.24.27.5;;<local>
                User IE AutoConfig URL Proxy . . . . . . . . .  NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
                WUServer = http://buckeye
                WUStatusServer = http://buckeye
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
        Connection to server. . . . . . . . . . . . . . . . . . PASS
        SelfUpdate folder is present. . . . . . . . . . . . . . PASS

Press Enter to Complete
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22824287
What the heck is this?

http://buckeye;http://gopher;172.17.137.8;172.24.27.17;http://myano;172.17
.139.7;172.17.139.16;172.24.27.81;172.24.27.5;;<local>

It looks like a browser hijack.

Please run Hijack this and post it on this site for analization:
http://www.hijackthis.de/index.php?langselect=english#anl
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22824308
another thing to lookout for:

http://buckeye

Are you using port 8530? If so, you GP may be correct, but the client isn't.
0
 

Author Comment

by:bwask
ID: 22824647
ChiefIT,

Ya, I was afraid that might confuse somebody. That's my exception list in IE. Notice on the screen dump it says "User IE ProxyByPass", that's exactly what it is. You'll notice that there are ";" separating the http entries. These are all different servers that reside internally that the workstations have to access directly and not through the proxy.

As far as port 8530 is concerned, all my machine use http://buckeye and that's it. This runs on the Default Web Site on port 80 on the buckeye server.

Thanks
Eric
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22824796
Oh, I see. Well, in that case I don't see any issues in client diag.

Is this an imaged or cloned machine? WSUS has issues with those.
http://www.wsus.info/forums/index.php?showtopic=9312&pid=34802&mode=threaded&start=
and
http://support.microsoft.com/kb/903262/en-us
0
 

Author Comment

by:bwask
ID: 22825017
This is a RIS (Remote Installation Services) image, (Microsoft's version of Ghost). These loads are all syspreped as part of the image process.

At any rate I've deleted the entries in the registry (as stated above) that have to do with this particular problem:

reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f

Thanks
Eric
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22825150
I think by default, It can take up to 22 hours to show up. Want to see if this works for you?
0
 

Author Comment

by:bwask
ID: 22826031
If I don't do anything, then yes, however if I run the command:

wuauclt /resetauthorization /detectnow

It forces it to list immediately. I have done this on working systems and if I remove them from the console run the command they will instantly pop back into the console.

Eric
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22826502
that's true, what was I thinking??

did a reset auth come up with good results?
0
 

Author Comment

by:bwask
ID: 22826537
It runs fine but the system never shows up in the WSUS server console.
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 22848892
Wow, I guess I am as stumped as you are. Usually imaged machines, or firewall, or group policy, or something that pops up in WSUS points us in the right direction. This is an odd case.
0
 
LVL 39

Accepted Solution

by:
ChiefIT earned 1000 total points
ID: 22848899
There is one other case that I found odd. It appeared that cookies were the culprite. The cookies needed to be flushed out. Now, I don't know why cookies were an issue.

I also had one that we needed to flush the DNS cache on the client. But, you have a clear connection to the server because everything works fine.
0
 

Author Closing Comment

by:bwask
ID: 31510499
Well this appears to have fixed it, weirdest damn thing. Anyway thanks.
0
 

Expert Comment

by:fno
ID: 25342530
I would say that clearing cookies or flushing the DNS client cache will not help this problem. The WSUS Client Diagnostics Tool would not give its "PASS" if any of those were the problem. I'm currently having the same issue, and have had for 6 months now. The Automatic Update Client do its patching part, so communication with the server do work, it's the reporting that doesn't.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question