WSUS 3.1 clients not updating

I have recently setup a new wsus 3.1 server. I created all the GPO's which seems to work fine. I have the server email me the summary every morning. It lists all the computer groups with all the computers. The management console on the WSUS server lists all the groups with the appropriate computers in each group. The server does not install any updates on the clients. It lists all the critical updates approved but when I go to one of the test machines (in the specific grouped named "TEST") no updates have beed installed.

I have noticied the following error in the event log on the WSUS server:
Content file download failed. Reason: The requested URL does not exist on the server.
 Source File: /msdownload/update/v3-19990518/cabpool/wss2003sp1-kb841876-fullfile-eng-(sfxcab)_a7e23a4aa5b5d0430d275c53b571e04365ce5eb4.exe Destination File: d:\WSUS\WsusContent\B4\A7E23A4AA5B5D0430D275C53B571E04365CE5EB4.exe

The Wsus server is a server 2003 SP1 but is not the DC, our DC is also a server 2003 SP1
Any suggestions?.

In the GPO management console I have enabled the following:

Do not adjust default option to "Install updates and shut down"
Configure automatic updates
Specify intranet microsoft update service location
Enable client side targeting
No auto-restart with logged on users for scheduled automatic updates
Automatic update frequency
allow automatic updates immediate installtion
Who is Participating?

Improve company productivity with a Business Account.Sign Up

DonConnect With a Mentor Network AdministratorCommented:
The install of updates without user intervention will happen during the time you specify for the installs to happen in group policy
Best Practices with Windows Server Update Services
To what URL did you set the GPO that points to the intranet update server
http://someserver/ or is it https://someserver or http://someserver:someport
Can you go to the url in a browser http://someserver/SelfUpdate or something like that check the IIS configuration to see where the WSUS related items are.

Note the intranet URL must be pointing to the location below which the WSUS related files are:
DonNetwork AdministratorCommented:
Browse to C:\Program Files\Update Services\Tools\

From there run the command "wsusutil reset".

This should fix it for you
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Randy_KAuthor Commented:
Thanks, I will give this a shot. Once I run this, will running gpupdate /force cause the client to get the update from the WSUS server immediately?
No, to get the client to check for updates, you need to run wuauclt /detectnow.
Randy_KAuthor Commented:

I have the correct URL, but when I go to the url in by browser I receive the "page under construction".
That is fine. The page you get is the standard IIS page.  If you want you can enable directory browsing if it is not and rename the default.asp or index.asp to something else .asp-not at which point going to the URL will give you the directory listing.
Expand the default web site in IIS administrative tool and see whether you have there Selfupdate, Content, Inventory, SimpleAuth, etc. items that make up WSUS.
There should nine entries there that point to where your WSUS is installed and where your content repository is.

/msdownload is not one of those.
Can you double check what your GPO has for the Intranet site and post it.  Make sure it is not the entry that has htt://server/msdownload which you may have added because you are storing the files on e:\msdownload.
Randy_KAuthor Commented:

I ran the wauclt /detectnow on one test computer. I then looked on the WSUS management console. under the test machine, it shows the "last report status" has changed, but it still does not install any of the updates I approved for install.
What is the schedule on the client?  Check the client system's system event log dealing with windows update.  It may have scheduled the install based on the time.
I.e. updates downloaded and are scheduled for install on April 8 at 3:00 am.
DonNetwork AdministratorCommented:
Save the below as fixwsus.cmd and run on client and  then check
%Windir%\system32\net.exe stop bits 
%Windir%\system32\net.exe stop wuauserv
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientValidation /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll  
if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll 
if exist %Windir%\system32\softpub.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll  
if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll 
if exist %Windir%\system32\wuaueng.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll  
if exist %Windir%\system32\wuaueng1.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll  
if exist %Windir%\system32\wucltui.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll  
if exist %Windir%\system32\wups.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll  
if exist %Windir%\system32\wups2.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll  
if exist %Windir%\system32\wuweb.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll  
if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll
if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll
if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll
if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll
if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll
if exist %windir%\system32\msxml.dll  %windir%\system32\regsvr32.exe /s msxml.dll
if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll
if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll
if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll
if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll
if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll
if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
del C:\Windows\WindowsUpdate.log /S /Q
rd /s /q %windir%\softwareDistribution
sleep 5
%Windir%\system32\net.exe start bits 
%Windir%\system32\net.exe start wuauserv 
wuauclt.exe /resetauthorization
wuauclt.exe /detectnow 
wuauclt.exe /reportnow
exit /B 0 

Open in new window

Randy_KAuthor Commented:
Ok, I created the script and ran it on one of the test clients. It ran fine, I looked in the event viewer and saw no errors. I then looked at the wsus management console and it still does not list any of the updates ad beinbg installed.......
It takes time for the client to report their status and the WSUS to reflect it.
have you checked the system event log on the client dealing with windows updates?
Where the updates downloaded and scheduled/installed?
DonNetwork AdministratorCommented:
It wont list them as being installed until the client(test) machine first downloads and then installs it.
Did the yellow shield appear in the task bar on the test machine?
Look for errors in the windowsupdate.log on this test machine
DonNetwork AdministratorCommented:
Randy_KAuthor Commented:
Ok, I looked again at the event log. The log shows the updates as ready for installation. An administrator must login and windows will prompt them what to do. The current user has full administrative rights on the machine. I also restarted the machine and logged in as the network administrator. I never received any prompts for update installation. I do have the yellow shield for updates. But, I want to have the wsus server install the updates without user intervention.
Randy_KAuthor Commented:
Thanks for the help from everyone. You were a big help!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.