Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 289
  • Last Modified:

How to verify if the sus updates are updating or not the clients in the network.

Hello experts
How to verify if the sus updates are updating or not the clients in the network.
pls and thanks
0
ashjuv
Asked:
ashjuv
  • 7
  • 5
1 Solution
 
Donald StewartNetwork AdministratorCommented:
from here
http://www.winserverkb.com/Uwe/Forum.aspx/wsus/1463/How-verify-clients-connect-to-WSUS-after-setup-Group-Policy

The place to determine whether your clients are responding properly, or not,
is the %windir%\WindowsUpdate.log.

However, if the client has not yet appeared in the WSUS console, then the
most likely cause is that the clients have not successfully selfupdated.
This condition will occur if any of the following conditions exists:
    (1) The operating system is Windows XP RTM or earlier and the computer
has /never/ been updated from Windows Update.
    (2) The operating system is Windows XP SP1 or later, or the system has
been previously updated from Windows Update, and
            (a) the Group Policy has not been properly configured or applied
            (b) the permissions to the virtual server or virtual directory
of the WSUS server are incorrect
            (c) the permissions to the relevant folders of the filesystem of
the WSUS server are incorrect
            (d) the Automatic Updates service on the client is not Started
and/or configured to use the Local System account for Log On.

To verify that the group policy has been properly applied,
    inspect the registry values at
           HKLM\Software\Policies\Windows\WindowsUpdate
    and HKLM\Software\Policies\Windows\WindowsUpdate\AU
or run RSOP.MSC on the client to inspect the effective policies applied.

To verify the IIS and NTFS permissions on the WSUS server,
check http://wsusinfo.onsitechsolutions.com/articles/016.htm
and compare to your own server's configuration.

To verify other aspects of your client-side configuration, download and run
the Client Diagnostics tool from:
http://download.microsoft.com/download/9/7/6/976d1084-d2fd-45a1-8c27-a467c768d8e
f/WSUS%20Client%20Diagnostic%20Tool.EXE
0
 
ashjuvAuthor Commented:
HI

yes the wsus console does not show any clients listed. Can i not just add all the computers to the console and like push the updates onto them.
 
Do i check the windows update log file on every workstation or the wsus server//
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
Donald StewartNetwork AdministratorCommented:
Did you make the appropriate settings in group policy ?

Configuring the WSUS Client by Group Policy
0
 
ashjuvAuthor Commented:
thanks for your help, but this is getting way more confusing

the whole wsus update stuff was setup by someone else on this clients network.

Hi

thanks for your help, this is what i did as per your posts, but now I am totally lost .

Checked the windows update log on the server and it seems the updates are running every day. Cuz i see entries in for today date itself.

I ran client diag tool on a worsktation and it came with "passs" for all wsus related actions.

I checked the group policies that have been applied to a client workstation and it looks like it has a bunch of group policies in place that related to windows update.

also checked the registry values on the workstation and tehy look good as well..

So now , how do i proceed??
0
 
Donald StewartNetwork AdministratorCommented:
WSUS: Force Registration of Clients That Are Not Showing Up


modified version below (save as fixwsus.cmd)

%Windir%\system32\net.exe stop bits 
%Windir%\system32\net.exe stop wuauserv
 
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
 
 
 
if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll  
if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll 
if exist %Windir%\system32\softpub.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll  
if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll 
if exist %Windir%\system32\wuaueng.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll  
if exist %Windir%\system32\wuaueng1.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll  
if exist %Windir%\system32\wucltui.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll  
if exist %Windir%\system32\wups.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll  
if exist %Windir%\system32\wups2.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll  
if exist %Windir%\system32\wuweb.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll  
if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll
if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll
if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll
if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll
if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll
if exist %windir%\system32\msxml.dll  %windir%\system32\regsvr32.exe /s msxml.dll
if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll
if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll
if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll
if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll
if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll
if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
 
 
rd /s /q %windir%\softwareDistribution
sleep 5
%Windir%\system32\net.exe start bits 
%Windir%\system32\net.exe start wuauserv 
 
 
sc sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
 
sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
wuauclt /detectnow /resetauthorization
 
 
exit /B 0 

Open in new window

0
 
Donald StewartNetwork AdministratorCommented:
0
 
ashjuvAuthor Commented:
Hi

thanks, you are truly resourcefull. Reading all your posts it kind of makes sense now, but I havent' tried the script part. Do I run it on the server or the client. Could you please let me know.

thanks a buch
0
 
Donald StewartNetwork AdministratorCommented:
client
0
 
ashjuvAuthor Commented:
I have one last question, if the clients that are showing up in wsus are 98 percent etc, then that means they will be eventually be updated or they got stuck at that update level..

Could you please answer it. Please and thanks
0
 
Donald StewartNetwork AdministratorCommented:
it means that  either there are pending updates, failed updates or even updates that havent been approved. You can double click on them to get a report.
0
 
ashjuvAuthor Commented:
thanks, if the clients dont show as 100 percent sooner then I am going to come back and ask another question,

thanks for all your help
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now