Solved

WSUS 3.1 clients not updating

Posted on 2009-04-08
16
648 Views
Last Modified: 2012-05-06
I have recently setup a new wsus 3.1 server. I created all the GPO's which seems to work fine. I have the server email me the summary every morning. It lists all the computer groups with all the computers. The management console on the WSUS server lists all the groups with the appropriate computers in each group. The server does not install any updates on the clients. It lists all the critical updates approved but when I go to one of the test machines (in the specific grouped named "TEST") no updates have beed installed.

I have noticied the following error in the event log on the WSUS server:
Content file download failed. Reason: The requested URL does not exist on the server.
 Source File: /msdownload/update/v3-19990518/cabpool/wss2003sp1-kb841876-fullfile-eng-(sfxcab)_a7e23a4aa5b5d0430d275c53b571e04365ce5eb4.exe Destination File: d:\WSUS\WsusContent\B4\A7E23A4AA5B5D0430D275C53B571E04365CE5EB4.exe

The Wsus server is a server 2003 SP1 but is not the DC, our DC is also a server 2003 SP1
Any suggestions?.

In the GPO management console I have enabled the following:

Do not adjust default option to "Install updates and shut down"
Configure automatic updates
Specify intranet microsoft update service location
Enable client side targeting
No auto-restart with logged on users for scheduled automatic updates
Automatic update frequency
allow automatic updates immediate installtion
0
Comment
Question by:Randy_K
  • 6
  • 5
  • 5
16 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 24097287
To what URL did you set the GPO that points to the intranet update server
http://someserver/ or is it https://someserver or http://someserver:someport
Can you go to the url in a browser http://someserver/SelfUpdate or something like that check the IIS configuration to see where the WSUS related items are.

Note the intranet URL must be pointing to the location below which the WSUS related files are:
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24097530
Browse to C:\Program Files\Update Services\Tools\

From there run the command "wsusutil reset".

This should fix it for you
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24098277
Thanks, I will give this a shot. Once I run this, will running gpupdate /force cause the client to get the update from the WSUS server immediately?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 77

Expert Comment

by:arnold
ID: 24098313
No, to get the client to check for updates, you need to run wuauclt /detectnow.
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24098320
Arnold:

I have the correct URL, but when I go to the url in by browser I receive the "page under construction".
0
 
LVL 77

Expert Comment

by:arnold
ID: 24098545
That is fine. The page you get is the standard IIS page.  If you want you can enable directory browsing if it is not and rename the default.asp or index.asp to something else .asp-not at which point going to the URL will give you the directory listing.
Expand the default web site in IIS administrative tool and see whether you have there Selfupdate, Content, Inventory, SimpleAuth, etc. items that make up WSUS.
There should nine entries there that point to where your WSUS is installed and where your content repository is.

/msdownload is not one of those.
Can you double check what your GPO has for the Intranet site and post it.  Make sure it is not the entry that has htt://server/msdownload which you may have added because you are storing the files on e:\msdownload.
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24099153
Arnold:

I ran the wauclt /detectnow on one test computer. I then looked on the WSUS management console. under the test machine, it shows the "last report status" has changed, but it still does not install any of the updates I approved for install.
0
 
LVL 77

Expert Comment

by:arnold
ID: 24099441
What is the schedule on the client?  Check the client system's system event log dealing with windows update.  It may have scheduled the install based on the time.
I.e. updates downloaded and are scheduled for install on April 8 at 3:00 am.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24099664
Save the below as fixwsus.cmd and run on client and  then check
%Windir%\system32\net.exe stop bits 
%Windir%\system32\net.exe stop wuauserv
 
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientValidation /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
 
 
 
 
if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll  
if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll 
if exist %Windir%\system32\softpub.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll  
if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll 
if exist %Windir%\system32\wuaueng.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll  
if exist %Windir%\system32\wuaueng1.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll  
if exist %Windir%\system32\wucltui.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll  
if exist %Windir%\system32\wups.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll  
if exist %Windir%\system32\wups2.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll  
if exist %Windir%\system32\wuweb.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll  
if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll
if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll
if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll
if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll
if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll
if exist %windir%\system32\msxml.dll  %windir%\system32\regsvr32.exe /s msxml.dll
if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll
if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll
if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll
if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll
if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll
if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
 
del C:\Windows\WindowsUpdate.log /S /Q
rd /s /q %windir%\softwareDistribution
sleep 5
%Windir%\system32\net.exe start bits 
%Windir%\system32\net.exe start wuauserv 
 
 
sc sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
 
sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
wuauclt.exe /resetauthorization
wuauclt.exe /detectnow 
wuauclt.exe /reportnow
 
 
 
exit /B 0 

Open in new window

0
 
LVL 1

Author Comment

by:Randy_K
ID: 24100174
Ok, I created the script and ran it on one of the test clients. It ran fine, I looked in the event viewer and saw no errors. I then looked at the wsus management console and it still does not list any of the updates ad beinbg installed.......
0
 
LVL 77

Expert Comment

by:arnold
ID: 24100244
It takes time for the client to report their status and the WSUS to reflect it.
have you checked the system event log on the client dealing with windows updates?
Where the updates downloaded and scheduled/installed?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24100265
It wont list them as being installed until the client(test) machine first downloads and then installs it.
Did the yellow shield appear in the task bar on the test machine?
Look for errors in the windowsupdate.log on this test machine
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24100285
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24100325
Ok, I looked again at the event log. The log shows the updates as ready for installation. An administrator must login and windows will prompt them what to do. The current user has full administrative rights on the machine. I also restarted the machine and logged in as the network administrator. I never received any prompts for update installation. I do have the yellow shield for updates. But, I want to have the wsus server install the updates without user intervention.
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 24100370
The install of updates without user intervention will happen during the time you specify for the installs to happen in group policy
 
 
Best Practices with Windows Server Update Services
0
 
LVL 1

Author Closing Comment

by:Randy_K
ID: 31568019
Thanks for the help from everyone. You were a big help!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows 10 is here and for most admins this means frustration and challenges getting that first working Windows 10 image. As in my previous sysprep articles, I've put together a simple help guide to get you through this process. The aim is to achiev…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now