Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

1 Server not receiving updates from WSUS

Posted on 2009-04-08
6
Medium Priority
?
2,534 Views
Last Modified: 2013-11-21
Hello EE,

We have 1 server that is not reporting to our WSUS server.  1 machone out 194 total in WSUS.  I have done my due diligence to find a solution, but everything I have come across points to a global issue where no client are reporting.  That is not the case here are we only have 1 out 194 that is not reporting.  I am not sure if it is related or not but I only noticed the problem after deploying Microsoft Forefront to the server.  It may have been happening all along and I am jus now noticing it.  I ran the WSUS Client Diagnotic Tool and have posted the results.  Any Ideas?
WSUS Client Diagnostics Tool
 
Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is not running. PASS
        Wuaueng.dll version 7.2.6001.788. . . . . . . . . . . . PASS
                This version is WSUS 2.0
 
Checking AU Settings
        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
                Option is from Policy settings
 
Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . .  NONE
                Winhttp local machine ProxyBypass. . . . . . .  NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy. . . . . . . . . . . . . . . . .  NONE
                User IE ProxyByPass. . . . . . . . . . . . . .  NONE
                User IE AutoConfig URL Proxy . . . . . . . . .  NONE
                User IE AutoDetect
                AutoDetect not in use
 
Checking Connection to WSUS/SUS Server
                WUServer = http://Neo:8530
                WUStatusServer = http://Neo:8530
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
        Connection to server. . . . . . . . . . . . . . . . . . PASS
 
WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL, &downloadBuffe
r) failed with hr=0x80190194
 
No Error description could be found
 
Press Enter to Complete
 
WindowsUpdate.log (just a snippet as the rest of the entries are rather redundant)
2009-04-08	11:05:20:761	1676	d48	AU	#############
2009-04-08	11:05:20:761	1676	d48	AU	AU setting next detection timeout to 2009-04-08 19:33:27
2009-04-08	11:05:20:761	1676	d48	AU	Setting AU scheduled install time to 2009-04-09 08:00:00
2009-04-08	11:05:25:761	1676	e0c	Report	REPORT EVENT: {6F320B50-CD22-4F5C-AB7E-04F187D6B129}	2009-04-08 11:05:20:761-0500	1	148	101	{00000000-0000-0000-0000-000000000000}	0	8024400e	AutomaticUpdates	Failure	Software Synchronization	Windows Update Client failed to detect with error 0x8024400e.
2009-04-08	11:05:29:589	1676	e0c	Report	Uploading 1 events using cached cookie, reporting URL = http://Neo:8530/ReportingWebService/ReportingWebService.asmx
2009-04-08	11:05:29:589	1676	e0c	Report	Reporter successfully uploaded 1 events.
2009-04-08	11:10:16:828	1676	cb0	AU	AU received policy change subscription event
2009-04-08	11:11:07:547	2804	2d8	Misc	===========  Logging initialized (build: 7.2.6001.788, tz: -0500)  ===========
2009-04-08	11:11:07:547	2804	2d8	Misc	  = Process: C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe
2009-04-08	11:11:07:547	2804	2d8	Misc	  = Module: C:\WINDOWS\system32\wuapi.dll
2009-04-08	11:11:07:547	2804	2d8	COMAPI	-------------
2009-04-08	11:11:07:547	2804	2d8	COMAPI	-- START --  COMAPI: Search [ClientId = Microsoft Forefront Client Security]
2009-04-08	11:11:07:547	2804	2d8	COMAPI	---------
2009-04-08	11:11:07:563	1676	e0c	Agent	*************
2009-04-08	11:11:07:563	1676	e0c	Agent	** START **  Agent: Finding updates [CallerId = Microsoft Forefront Client Security]
2009-04-08	11:11:07:563	1676	e0c	Agent	*********
2009-04-08	11:11:07:563	1676	e0c	Agent	  * Online = Yes; Ignore download priority = No
2009-04-08	11:11:07:563	1676	e0c	Agent	  * Criteria = "(IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains '0a487050-8b0f-4f81-b401-be4ceacd61cd') or (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains '8c3fcc84-7410-4a95-8b89-a166a0190486')"
2009-04-08	11:11:07:563	1676	e0c	Agent	  * ServiceID = {00000000-0000-0000-0000-000000000000}
2009-04-08	11:11:07:563	1676	e0c	Agent	  * Search Scope = {Machine}
2009-04-08	11:11:07:563	2804	2d8	COMAPI	<<-- SUBMITTED -- COMAPI: Search [ClientId = Microsoft Forefront Client Security]
2009-04-08	11:11:08:000	1676	e0c	PT	WARNING: StartCategoryScan failed : 0x80240436
2009-04-08	11:11:08:000	1676	e0c	Agent	WARNING: Server does not support CatScan. Falling back to full catalog sync...
2009-04-08	11:11:08:000	1676	e0c	Agent	Server changed and need resyncing with server
2009-04-08	11:11:08:344	1676	e0c	PT	+++++++++++  PT: Synchronizing server updates  +++++++++++
2009-04-08	11:11:08:344	1676	e0c	PT	  + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://Neo:8530/ClientWebService/client.asmx
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SyncUpdates failure, error = 0x8024400E, soap client error = 7, soap error code = 400, HTTP status code = 200
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SOAP Fault: 0x000190
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     faultstring:Fault occurred
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     ErrorCode:InternalServerError(5)
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     Message:(null)
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/SyncUpdates"
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING:     ID:e32b834d-5f97-4658-95c7-a7dff154ac95
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: PTError: 0x8024400e
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SyncUpdates_WithRecovery failed.: 0x8024400e
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: Sync of Updates: 0x8024400e
2009-04-08	11:11:08:734	1676	e0c	PT	WARNING: SyncServerUpdatesInternal failed: 0x8024400e
2009-04-08	11:11:08:734	1676	e0c	Agent	  * WARNING: Failed to synchronize, error = 0x8024400E
2009-04-08	11:11:08:734	1676	e0c	Agent	  * WARNING: Exit code = 0x8024400E
2009-04-08	11:11:08:734	1676	e0c	Agent	*********
2009-04-08	11:11:08:734	1676	e0c	Agent	**  END  **  Agent: Finding updates [CallerId = Microsoft Forefront Client Security]
2009-04-08	11:11:08:734	1676	e0c	Agent	*************
2009-04-08	11:11:08:734	1676	e0c	Agent	WARNING: WU client failed Searching for update with error 0x8024400e
2009-04-08	11:11:08:750	2804	d88	COMAPI	>>--  RESUMED  -- COMAPI: Search [ClientId = Microsoft Forefront Client Security]
2009-04-08	11:11:08:750	2804	d88	COMAPI	  - Updates found = 0
2009-04-08	11:11:08:750	2804	d88	COMAPI	  - WARNING: Exit code = 0x00000000, Result code = 0x8024400E
2009-04-08	11:11:08:750	2804	d88	COMAPI	---------
2009-04-08	11:11:08:750	2804	d88	COMAPI	--  END  --  COMAPI: Search [ClientId = Microsoft Forefront Client Security]
2009-04-08	11:11:08:750	2804	d88	COMAPI	-------------
2009-04-08	11:11:08:750	2804	ccc	COMAPI	WARNING: Operation failed due to earlier error, hr=8024400E
2009-04-08	11:11:08:750	2804	ccc	COMAPI	FATAL: Unable to complete asynchronous search. (hr=8024400E)
2009-04-08	11:11:13:735	1676	e0c	Report	REPORT EVENT: {1DF12AD1-29BC-4582-9217-2FB491C9675E}	2009-04-08 11:11:08:734-0500	1	148	101	{00000000-0000-0000-0000-000000000000}	0	8024400e	Microsoft Forefront Client Secu	Failure	Software Synchronization	Windows Update Client failed to detect with error 0x8024400e.
2009-04-08	11:15:24:816	1676	e0c	Report	Uploading 1 events using cached cookie, reporting URL = http://Neo:8530/ReportingWebService/ReportingWebService.asmx
2009-04-08	11:15:24:816	1676	e0c	Report	Reporter successfully uploaded 1 events.

Open in new window

0
Comment
Question by:CityofKerrville
6 Comments
 
LVL 17

Accepted Solution

by:
Nik earned 2000 total points
ID: 24099982
Here's what I've found..

I fought with the same error, then gave up & emailed MS.
NOTE: the workaround below didn't work at first because the problem update was expired. However, I ran through the steps a couple of times & then manually resynchronized the WSUS server. After that, clients started synchronizing correctly.

Here's their workaround from the MS tech:

Thank you for the log. The error you see repeated in the log, 0x8024400E, is consistent with an issue that has been appearing recently. I've posted some root cause information and steps to resolve below. Please review the information and apply the workaround. This is a new problem, so a KB article has not yet been released.

<snip>

" Root Cause:
A recent revision to the 'Office 2003 Service Pack 1' update has resulted in some WSUS 3.0 servers syncing that revision to enter an inconsistent state with respect to the update's approvals. When computers with products related to Office 2003 talk to such a server, the web service is unable to process the approvals resulting in the detection failure.

Workaround:
In order to reset the approvals to a consistent state on the WSUS server, follow these steps from the WSUS Administration Console
1. Find the 'Office 2003 Service Pack 1' update in the updates list. This may involve changing the Approval and Status filters in the update UI (set the Status to "Any" and the Approval to "Declined" - if you don't see it then set the Approval to "Any except Declined"
2. Perform the following steps:
a. First make sure the update is declined.
i. If the update is not yet declined, right click on the update and decline it.
b. Next, approve the update.
i. Right click on the update and select the 'Approve...' option in the context menu.
ii. In the 'Approve Updates' dialog that opens, just click 'OK'. Dismiss the 'Approval Progress' dialog that appears.
c. Next, decline the update.
i. Right click on the update and select the 'Approve...' option in the context menu.
ii. In the 'Approve Updates' dialog that opens, just click 'OK'. Dismiss the 'Approval Progress' dialog that appears.

The computers that were failing detection will now successfully complete detection against the server and receive any applicable updates.

Note: If you have a hierarchy of WSUS servers, these steps must be performed on each server, starting with the top-level server. If one of the servers is a replica child, one must first change it to be autonomous, then perform the steps above, then change it back to being a replica. This can be done from the Options/Update Source and Proxy Server Dialog."
0
 
LVL 80

Expert Comment

by:arnold
ID: 24100087
Run gpresult on this server to make sure the GPO that sets the Windows Update parameters is loaded on this server.

Run wuauclt /detectnow on this server and look at the c:\windows\windowsupdatelog.log to see whether it was trying to connect and to where it is trying to connect.
Can this system get to the WSUS server, tracert wsusserver.
Does this server in a different OU than the other working ones?
Are there different GPO's applied to this system that are not applied to others?

Etc.
0
 

Author Comment

by:CityofKerrville
ID: 24100157
Can this system get to the WSUS server, tracert wsusserver?
Yes.  Lines 27-30 of the Client Diagnostic Tool outpout shown above demonstrates a good connection to WSUS server.
Does this server in a different OU than the other working ones?
No, it is in the same OU and on the same subnet
Are there different GPO's applied to this system that are not applied to others?
No, all GPO are identical to server that are reporting properly.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 80

Expert Comment

by:arnold
ID: 24100216
You may have a corruption, Remote into the server, use IE and go to windows update and see what it tells you.

See if the following helps deals with Office 2003 SP1 patch.
Does the system in question have Office 2003?
http://www.wsus.info/forums/index.php?showtopic=11876
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24100621
0
 

Author Closing Comment

by:CityofKerrville
ID: 31568127
Perfect
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know what services you can and cannot, should and should not combine on your server.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question