Solved

WSUS 3.1 clients not updating

Posted on 2009-04-08
16
647 Views
Last Modified: 2012-05-06
I have recently setup a new wsus 3.1 server. I created all the GPO's which seems to work fine. I have the server email me the summary every morning. It lists all the computer groups with all the computers. The management console on the WSUS server lists all the groups with the appropriate computers in each group. The server does not install any updates on the clients. It lists all the critical updates approved but when I go to one of the test machines (in the specific grouped named "TEST") no updates have beed installed.

I have noticied the following error in the event log on the WSUS server:
Content file download failed. Reason: The requested URL does not exist on the server.
 Source File: /msdownload/update/v3-19990518/cabpool/wss2003sp1-kb841876-fullfile-eng-(sfxcab)_a7e23a4aa5b5d0430d275c53b571e04365ce5eb4.exe Destination File: d:\WSUS\WsusContent\B4\A7E23A4AA5B5D0430D275C53B571E04365CE5EB4.exe

The Wsus server is a server 2003 SP1 but is not the DC, our DC is also a server 2003 SP1
Any suggestions?.

In the GPO management console I have enabled the following:

Do not adjust default option to "Install updates and shut down"
Configure automatic updates
Specify intranet microsoft update service location
Enable client side targeting
No auto-restart with logged on users for scheduled automatic updates
Automatic update frequency
allow automatic updates immediate installtion
0
Comment
Question by:Randy_K
  • 6
  • 5
  • 5
16 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 24097287
To what URL did you set the GPO that points to the intranet update server
http://someserver/ or is it https://someserver or http://someserver:someport
Can you go to the url in a browser http://someserver/SelfUpdate or something like that check the IIS configuration to see where the WSUS related items are.

Note the intranet URL must be pointing to the location below which the WSUS related files are:
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24097530
Browse to C:\Program Files\Update Services\Tools\

From there run the command "wsusutil reset".

This should fix it for you
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24098277
Thanks, I will give this a shot. Once I run this, will running gpupdate /force cause the client to get the update from the WSUS server immediately?
0
 
LVL 77

Expert Comment

by:arnold
ID: 24098313
No, to get the client to check for updates, you need to run wuauclt /detectnow.
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24098320
Arnold:

I have the correct URL, but when I go to the url in by browser I receive the "page under construction".
0
 
LVL 77

Expert Comment

by:arnold
ID: 24098545
That is fine. The page you get is the standard IIS page.  If you want you can enable directory browsing if it is not and rename the default.asp or index.asp to something else .asp-not at which point going to the URL will give you the directory listing.
Expand the default web site in IIS administrative tool and see whether you have there Selfupdate, Content, Inventory, SimpleAuth, etc. items that make up WSUS.
There should nine entries there that point to where your WSUS is installed and where your content repository is.

/msdownload is not one of those.
Can you double check what your GPO has for the Intranet site and post it.  Make sure it is not the entry that has htt://server/msdownload which you may have added because you are storing the files on e:\msdownload.
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24099153
Arnold:

I ran the wauclt /detectnow on one test computer. I then looked on the WSUS management console. under the test machine, it shows the "last report status" has changed, but it still does not install any of the updates I approved for install.
0
 
LVL 77

Expert Comment

by:arnold
ID: 24099441
What is the schedule on the client?  Check the client system's system event log dealing with windows update.  It may have scheduled the install based on the time.
I.e. updates downloaded and are scheduled for install on April 8 at 3:00 am.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24099664
Save the below as fixwsus.cmd and run on client and  then check
%Windir%\system32\net.exe stop bits 

%Windir%\system32\net.exe stop wuauserv

 

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientValidation /f

reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f

reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f

reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
 

 
 
 

if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll  

if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll 

if exist %Windir%\system32\softpub.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll  

if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll 

if exist %Windir%\system32\wuaueng.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll  

if exist %Windir%\system32\wuaueng1.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll  

if exist %Windir%\system32\wucltui.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll  

if exist %Windir%\system32\wups.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll  

if exist %Windir%\system32\wups2.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll  

if exist %Windir%\system32\wuweb.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll  

if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll

if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll

if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll

if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll

if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll

if exist %windir%\system32\msxml.dll  %windir%\system32\regsvr32.exe /s msxml.dll

if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll

if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll

if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll

if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll

if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll

if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
 

del C:\Windows\WindowsUpdate.log /S /Q

rd /s /q %windir%\softwareDistribution

sleep 5

%Windir%\system32\net.exe start bits 

%Windir%\system32\net.exe start wuauserv 
 
 

sc sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
 

sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 

wuauclt.exe /resetauthorization

wuauclt.exe /detectnow 

wuauclt.exe /reportnow
 
 
 

exit /B 0 

Open in new window

0
 
LVL 1

Author Comment

by:Randy_K
ID: 24100174
Ok, I created the script and ran it on one of the test clients. It ran fine, I looked in the event viewer and saw no errors. I then looked at the wsus management console and it still does not list any of the updates ad beinbg installed.......
0
 
LVL 77

Expert Comment

by:arnold
ID: 24100244
It takes time for the client to report their status and the WSUS to reflect it.
have you checked the system event log on the client dealing with windows updates?
Where the updates downloaded and scheduled/installed?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24100265
It wont list them as being installed until the client(test) machine first downloads and then installs it.
Did the yellow shield appear in the task bar on the test machine?
Look for errors in the windowsupdate.log on this test machine
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24100285
0
 
LVL 1

Author Comment

by:Randy_K
ID: 24100325
Ok, I looked again at the event log. The log shows the updates as ready for installation. An administrator must login and windows will prompt them what to do. The current user has full administrative rights on the machine. I also restarted the machine and logged in as the network administrator. I never received any prompts for update installation. I do have the yellow shield for updates. But, I want to have the wsus server install the updates without user intervention.
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 24100370
The install of updates without user intervention will happen during the time you specify for the installs to happen in group policy
 
 
Best Practices with Windows Server Update Services
0
 
LVL 1

Author Closing Comment

by:Randy_K
ID: 31568019
Thanks for the help from everyone. You were a big help!
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
idle mapped drive 10 50
URL for downloading Google Chrome for Win XP 2 120
setup share and NTFS permissions. 12 69
Trust relationship SBS2011 - > Windows 2003 3 37
As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.html) because one time I did this and I essentially had a bricked …
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now