Solved

1 Server not receiving updates from WSUS

Posted on 2009-04-08
6
2,478 Views
Last Modified: 2013-11-21
Hello EE,

We have 1 server that is not reporting to our WSUS server.  1 machone out 194 total in WSUS.  I have done my due diligence to find a solution, but everything I have come across points to a global issue where no client are reporting.  That is not the case here are we only have 1 out 194 that is not reporting.  I am not sure if it is related or not but I only noticed the problem after deploying Microsoft Forefront to the server.  It may have been happening all along and I am jus now noticing it.  I ran the WSUS Client Diagnotic Tool and have posted the results.  Any Ideas?
WSUS Client Diagnostics Tool
 

Checking Machine State

        Checking for admin rights to run tool . . . . . . . . . PASS

        Automatic Updates Service is running. . . . . . . . . . PASS

        Background Intelligent Transfer Service is not running. PASS

        Wuaueng.dll version 7.2.6001.788. . . . . . . . . . . . PASS

                This version is WSUS 2.0
 

Checking AU Settings

        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS

                Option is from Policy settings
 

Checking Proxy Configuration

        Checking for winhttp local machine Proxy settings . . . PASS

                Winhttp local machine access type

                        <Direct Connection>

                Winhttp local machine Proxy. . . . . . . . . .  NONE

                Winhttp local machine ProxyBypass. . . . . . .  NONE

        Checking User IE Proxy settings . . . . . . . . . . . . PASS

                User IE Proxy. . . . . . . . . . . . . . . . .  NONE

                User IE ProxyByPass. . . . . . . . . . . . . .  NONE

                User IE AutoConfig URL Proxy . . . . . . . . .  NONE

                User IE AutoDetect

                AutoDetect not in use
 

Checking Connection to WSUS/SUS Server

                WUServer = http://Neo:8530

                WUStatusServer = http://Neo:8530

        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS

        Connection to server. . . . . . . . . . . . . . . . . . PASS
 

WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL, &downloadBuffe

r) failed with hr=0x80190194
 

No Error description could be found
 

Press Enter to Complete
 

WindowsUpdate.log (just a snippet as the rest of the entries are rather redundant)

2009-04-08	11:05:20:761	1676	d48	AU	#############

2009-04-08	11:05:20:761	1676	d48	AU	AU setting next detection timeout to 2009-04-08 19:33:27

2009-04-08	11:05:20:761	1676	d48	AU	Setting AU scheduled install time to 2009-04-09 08:00:00

2009-04-08	11:05:25:761	1676	e0c	Report	REPORT EVENT: {6F320B50-CD22-4F5C-AB7E-04F187D6B129}	2009-04-08 11:05:20:761-0500	1	148	101	{00000000-0000-0000-0000-000000000000}	0	8024400e	AutomaticUpdates	Failure	Software Synchronization	Windows Update Client failed to detect with error 0x8024400e.

2009-04-08	11:05:29:589	1676	e0c	Report	Uploading 1 events using cached cookie, reporting URL = http://Neo:8530/ReportingWebService/ReportingWebService.asmx

2009-04-08	11:05:29:589	1676	e0c	Report	Reporter successfully uploaded 1 events.

2009-04-08	11:10:16:828	1676	cb0	AU	AU received policy change subscription event

2009-04-08	11:11:07:547	2804	2d8	Misc	===========  Logging initialized (build: 7.2.6001.788, tz: -0500)  ===========

2009-04-08	11:11:07:547	2804	2d8	Misc	  = Process: C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe

2009-04-08	11:11:07:547	2804	2d8	Misc	  = Module: C:\WINDOWS\system32\wuapi.dll

2009-04-08	11:11:07:547	2804	2d8	COMAPI	-------------

2009-04-08	11:11:07:547	2804	2d8	COMAPI	-- START --  COMAPI: Search [ClientId = Microsoft Forefront Client Security]

2009-04-08	11:11:07:547	2804	2d8	COMAPI	---------

2009-04-08	11:11:07:563	1676	e0c	Agent	*************

2009-04-08	11:11:07:563	1676	e0c	Agent	** START **  Agent: Finding updates [CallerId = Microsoft Forefront Client Security]

2009-04-08	11:11:07:563	1676	e0c	Agent	*********

2009-04-08	11:11:07:563	1676	e0c	Agent	  * Online = Yes; Ignore download priority = No

2009-04-08	11:11:07:563	1676	e0c	Agent	  * Criteria = "(IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains '0a487050-8b0f-4f81-b401-be4ceacd61cd') or (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains '8c3fcc84-7410-4a95-8b89-a166a0190486')"

2009-04-08	11:11:07:563	1676	e0c	Agent	  * ServiceID = {00000000-0000-0000-0000-000000000000}

2009-04-08	11:11:07:563	1676	e0c	Agent	  * Search Scope = {Machine}

2009-04-08	11:11:07:563	2804	2d8	COMAPI	<<-- SUBMITTED -- COMAPI: Search [ClientId = Microsoft Forefront Client Security]

2009-04-08	11:11:08:000	1676	e0c	PT	WARNING: StartCategoryScan failed : 0x80240436

2009-04-08	11:11:08:000	1676	e0c	Agent	WARNING: Server does not support CatScan. Falling back to full catalog sync...

2009-04-08	11:11:08:000	1676	e0c	Agent	Server changed and need resyncing with server

2009-04-08	11:11:08:344	1676	e0c	PT	+++++++++++  PT: Synchronizing server updates  +++++++++++

2009-04-08	11:11:08:344	1676	e0c	PT	  + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://Neo:8530/ClientWebService/client.asmx

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SyncUpdates failure, error = 0x8024400E, soap client error = 7, soap error code = 400, HTTP status code = 200

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SOAP Fault: 0x000190

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     faultstring:Fault occurred

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     ErrorCode:InternalServerError(5)

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     Message:(null)

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/SyncUpdates"

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     ID:e32b834d-5f97-4658-95c7-a7dff154ac95

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: PTError: 0x8024400e

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SyncUpdates_WithRecovery failed.: 0x8024400e

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: Sync of Updates: 0x8024400e

2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SyncServerUpdatesInternal failed: 0x8024400e

2009-04-08	11:11:08:734	1676	e0c	Agent	  * WARNING: Failed to synchronize, error = 0x8024400E

2009-04-08	11:11:08:734	1676	e0c	Agent	  * WARNING: Exit code = 0x8024400E

2009-04-08	11:11:08:734	1676	e0c	Agent	*********

2009-04-08	11:11:08:734	1676	e0c	Agent	**  END  **  Agent: Finding updates [CallerId = Microsoft Forefront Client Security]

2009-04-08	11:11:08:734	1676	e0c	Agent	*************

2009-04-08	11:11:08:734	1676	e0c	Agent	WARNING: WU client failed Searching for update with error 0x8024400e

2009-04-08	11:11:08:750	2804	d88	COMAPI	>>--  RESUMED  -- COMAPI: Search [ClientId = Microsoft Forefront Client Security]

2009-04-08	11:11:08:750	2804	d88	COMAPI	  - Updates found = 0

2009-04-08	11:11:08:750	2804	d88	COMAPI	  - WARNING: Exit code = 0x00000000, Result code = 0x8024400E

2009-04-08	11:11:08:750	2804	d88	COMAPI	---------

2009-04-08	11:11:08:750	2804	d88	COMAPI	--  END  --  COMAPI: Search [ClientId = Microsoft Forefront Client Security]

2009-04-08	11:11:08:750	2804	d88	COMAPI	-------------

2009-04-08	11:11:08:750	2804	ccc	COMAPI	WARNING: Operation failed due to earlier error, hr=8024400E

2009-04-08	11:11:08:750	2804	ccc	COMAPI	FATAL: Unable to complete asynchronous search. (hr=8024400E)

2009-04-08	11:11:13:735	1676	e0c	Report	REPORT EVENT: {1DF12AD1-29BC-4582-9217-2FB491C9675E}	2009-04-08 11:11:08:734-0500	1	148	101	{00000000-0000-0000-0000-000000000000}	0	8024400e	Microsoft Forefront Client Secu	Failure	Software Synchronization	Windows Update Client failed to detect with error 0x8024400e.

2009-04-08	11:15:24:816	1676	e0c	Report	Uploading 1 events using cached cookie, reporting URL = http://Neo:8530/ReportingWebService/ReportingWebService.asmx

2009-04-08	11:15:24:816	1676	e0c	Report	Reporter successfully uploaded 1 events.

Open in new window

0
Comment
Question by:CityofKerrville
6 Comments
 
LVL 17

Accepted Solution

by:
Nik earned 500 total points
ID: 24099982
Here's what I've found..

I fought with the same error, then gave up & emailed MS.
NOTE: the workaround below didn't work at first because the problem update was expired. However, I ran through the steps a couple of times & then manually resynchronized the WSUS server. After that, clients started synchronizing correctly.

Here's their workaround from the MS tech:

Thank you for the log. The error you see repeated in the log, 0x8024400E, is consistent with an issue that has been appearing recently. I've posted some root cause information and steps to resolve below. Please review the information and apply the workaround. This is a new problem, so a KB article has not yet been released.

<snip>

" Root Cause:
A recent revision to the 'Office 2003 Service Pack 1' update has resulted in some WSUS 3.0 servers syncing that revision to enter an inconsistent state with respect to the update's approvals. When computers with products related to Office 2003 talk to such a server, the web service is unable to process the approvals resulting in the detection failure.

Workaround:
In order to reset the approvals to a consistent state on the WSUS server, follow these steps from the WSUS Administration Console
1. Find the 'Office 2003 Service Pack 1' update in the updates list. This may involve changing the Approval and Status filters in the update UI (set the Status to "Any" and the Approval to "Declined" - if you don't see it then set the Approval to "Any except Declined"
2. Perform the following steps:
a. First make sure the update is declined.
i. If the update is not yet declined, right click on the update and decline it.
b. Next, approve the update.
i. Right click on the update and select the 'Approve...' option in the context menu.
ii. In the 'Approve Updates' dialog that opens, just click 'OK'. Dismiss the 'Approval Progress' dialog that appears.
c. Next, decline the update.
i. Right click on the update and select the 'Approve...' option in the context menu.
ii. In the 'Approve Updates' dialog that opens, just click 'OK'. Dismiss the 'Approval Progress' dialog that appears.

The computers that were failing detection will now successfully complete detection against the server and receive any applicable updates.

Note: If you have a hierarchy of WSUS servers, these steps must be performed on each server, starting with the top-level server. If one of the servers is a replica child, one must first change it to be autonomous, then perform the steps above, then change it back to being a replica. This can be done from the Options/Update Source and Proxy Server Dialog."
0
 
LVL 77

Expert Comment

by:arnold
ID: 24100087
Run gpresult on this server to make sure the GPO that sets the Windows Update parameters is loaded on this server.

Run wuauclt /detectnow on this server and look at the c:\windows\windowsupdatelog.log to see whether it was trying to connect and to where it is trying to connect.
Can this system get to the WSUS server, tracert wsusserver.
Does this server in a different OU than the other working ones?
Are there different GPO's applied to this system that are not applied to others?

Etc.
0
 

Author Comment

by:CityofKerrville
ID: 24100157
Can this system get to the WSUS server, tracert wsusserver?
Yes.  Lines 27-30 of the Client Diagnostic Tool outpout shown above demonstrates a good connection to WSUS server.
Does this server in a different OU than the other working ones?
No, it is in the same OU and on the same subnet
Are there different GPO's applied to this system that are not applied to others?
No, all GPO are identical to server that are reporting properly.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 77

Expert Comment

by:arnold
ID: 24100216
You may have a corruption, Remote into the server, use IE and go to windows update and see what it tells you.

See if the following helps deals with Office 2003 SP1 patch.
Does the system in question have Office 2003?
http://www.wsus.info/forums/index.php?showtopic=11876
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24100621
0
 

Author Closing Comment

by:CityofKerrville
ID: 31568127
Perfect
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now