impacttg
asked on
WSUS Clients Not Reporting
We are an IT company that manages multiple customer networks. We have WSUS 3.0 installed on a new Dell server with Windows Server 2008 Standard x64 edition, plenty of memory, plenty of disk space, etc. We want to be able to monitor and update our clients' computers across the internet back to our 1 single WSUS server so that we can manage their Windows Updates and patch accordingly. These customers are not on a VPN with us and we have no plans to do so. We also do not want to implement a separate WSUS server at each customer site. We have been told that it is possible by our RMM platform vendor. We have also read many posts across the internet stating it isn't possible and sometimes their seems to be a glimmer of hope that it is possible.
All of our internal computers on our network are reporting correctly to this same WSUS server on our domain. Therefore, I know we have the WSUS server setup correctly. We have implemented a separate Group Policy on our network, as well as our customers' networks with an almost identical separate Group Policy (FQDN vs. Internal). The path to our WSUS server is a FQDN without the /selfupdate and it is using the normal 8530 port. Yes, the firewall port is open and port forwarding correctly to our internal WSUS server (8530-8531 TCP, no UDP). The server also has its firewall opened correctly on port 8530, not 8531. We have turned the Windows firewall on and off to troubleshoot.
WSUS 3.0 with SP1
Client Targeting is Enabled with Group Names
We have installed and ran the WSUS Client Diagnostic Tool on two different customer networks and we are getting mixed results. Client A comes back with 100% clean and connectivity, yet, it will not show up in our WSUS server. See the output from the WSUS Client Diagnostic Tool below:
Client A comes back with:
-------------------------- ---------- ---------- ---------- ---------- -----
WSUS Client Diagnostics Tool
Checking Machine State
Checking for admin rights to run tool . . . . . . . . . PASS
Automatic Updates Service is running. . . . . . . . . . PASS
Background Intelligent Transfer Service is running. . . PASS
Wuaueng.dll version 7.2.6001.788. . . . . . . . . . . . PASS
This version is WSUS 2.0
Checking AU Settings
AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
Option is from Policy settings
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use
Checking Connection to WSUS/SUS Server
WUServer = http://updates.<domain>.net:8530
WUStatusServer = http://updates.<domain>.net:8530
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Client is pointed to SUS 1.0 Server
Connection to server. . . . . . . . . . . . . . . . . . PASS
SelfUpdate folder is present. . . . . . . . . . . . . . PASS
Press Enter to Complete
-------------------------- ---------- ---------- ---------- ---------- -----
Client B comes back with:
-------------------------- ---------- ---------- ---------- ---------- -----
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use
Checking Connection to WSUS/SUS Server
WUServer = http://updates.<domain>.net:8530
WUStatusServer = http://updates.<domain>.net:8530
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Client is pointed to SUS 1.0 Server
WinHttpDownloadFileToMemor y(szURLDes t, NULL, 0, NULL, NULL, NULL, &downloadBuffe
r) failed with hr=0x80190193
No Error description could be found
Press Enter to Complete
-------------------------- ---------- ---------- ---------- ---------- -----
For client B, we considered that it may be an issue with authentication in IIS on various folders within the WSUS site by turning Unauthenticated or Integrated Windows Authentication in different combinations with no success. This may be true for Client A too. Regardless, neither show up on our WSUS server.
Any ideas? We don't care how it works (unauthenticated or authenticated, or Non-SSL or SSL). We just want it to work. Any thoughts, additional troubleshooting, or strategy assistance would be greatly appreciated.
Thanks in advance!
All of our internal computers on our network are reporting correctly to this same WSUS server on our domain. Therefore, I know we have the WSUS server setup correctly. We have implemented a separate Group Policy on our network, as well as our customers' networks with an almost identical separate Group Policy (FQDN vs. Internal). The path to our WSUS server is a FQDN without the /selfupdate and it is using the normal 8530 port. Yes, the firewall port is open and port forwarding correctly to our internal WSUS server (8530-8531 TCP, no UDP). The server also has its firewall opened correctly on port 8530, not 8531. We have turned the Windows firewall on and off to troubleshoot.
WSUS 3.0 with SP1
Client Targeting is Enabled with Group Names
We have installed and ran the WSUS Client Diagnostic Tool on two different customer networks and we are getting mixed results. Client A comes back with 100% clean and connectivity, yet, it will not show up in our WSUS server. See the output from the WSUS Client Diagnostic Tool below:
Client A comes back with:
--------------------------
WSUS Client Diagnostics Tool
Checking Machine State
Checking for admin rights to run tool . . . . . . . . . PASS
Automatic Updates Service is running. . . . . . . . . . PASS
Background Intelligent Transfer Service is running. . . PASS
Wuaueng.dll version 7.2.6001.788. . . . . . . . . . . . PASS
This version is WSUS 2.0
Checking AU Settings
AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
Option is from Policy settings
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use
Checking Connection to WSUS/SUS Server
WUServer = http://updates.<domain>.net:8530
WUStatusServer = http://updates.<domain>.net:8530
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Client is pointed to SUS 1.0 Server
Connection to server. . . . . . . . . . . . . . . . . . PASS
SelfUpdate folder is present. . . . . . . . . . . . . . PASS
Press Enter to Complete
--------------------------
Client B comes back with:
--------------------------
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use
Checking Connection to WSUS/SUS Server
WUServer = http://updates.<domain>.net:8530
WUStatusServer = http://updates.<domain>.net:8530
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Client is pointed to SUS 1.0 Server
WinHttpDownloadFileToMemor
r) failed with hr=0x80190193
No Error description could be found
Press Enter to Complete
--------------------------
For client B, we considered that it may be an issue with authentication in IIS on various folders within the WSUS site by turning Unauthenticated or Integrated Windows Authentication in different combinations with no success. This may be true for Client A too. Regardless, neither show up on our WSUS server.
Any ideas? We don't care how it works (unauthenticated or authenticated, or Non-SSL or SSL). We just want it to work. Any thoughts, additional troubleshooting, or strategy assistance would be greatly appreciated.
Thanks in advance!
ASKER
Checked the selfupdate virtual directory under IIS and ran the script you mentioned. Clients are still not reporting back to our WSUS server. Any other ideas?
ASKER
Checked one of our clients Windows Update log file and it is as follows:
2009-04-15 06:27:56:250 852 b40 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-04-15 06:27:56:250 852 b40 Agent *********
2009-04-15 06:27:56:250 852 b40 Agent * Online = Yes; Ignore download priority = No
2009-04-15 06:27:56:250 852 b40 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installa tion' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstal lation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installa tion' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstal lation' and IsAssigned=1 and RebootRequired=1"
2009-04-15 06:27:56:250 852 b40 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B 43877BCB1B 7}
2009-04-15 06:27:56:250 852 b40 Agent * Search Scope = {Machine}
2009-04-15 06:27:56:250 852 b40 Misc Validating signature for C:\WINDOWS\SoftwareDistrib ution\Self Update\Def ault\wuide nt.cab:
2009-04-15 06:27:56:250 852 b40 Misc Microsoft signed: Yes
2009-04-15 06:28:02:859 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:02:859 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate /wuident.c ab>. error 0x80072efd
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n MakeRequest failed. error 0x80072efd
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n failed with 0x80072efd
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:09:312 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:09:312 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate /wuident.c ab>. error 0x80072efd
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n MakeRequest failed. error 0x80072efd
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n failed with 0x80072efd
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:15:875 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:15:875 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate /wuident.c ab>. error 0x80072efd
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n MakeRequest failed. error 0x80072efd
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n failed with 0x80072efd
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:22:328 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate /wuident.c ab>. error 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n MakeRequest failed. error 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile Informatio n failed with 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: DownloadFileInternal failed for http://updates.<domain>:8530/selfupdate/ wuident.ca b: error 0x80072efd
2009-04-15 06:28:22:328 852 b40 Setup FATAL: IsUpdateRequired failed with error 0x80072efd
2009-04-15 06:28:22:328 852 b40 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed: 0x80072efd
2009-04-15 06:28:22:328 852 b40 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed, error = 0x80072EFD
2009-04-15 06:28:22:328 852 b40 Agent * WARNING: Skipping scan, self-update check returned 0x80072EFD
2009-04-15 06:28:22:546 852 b40 Agent * WARNING: Exit code = 0x80072EFD
2009-04-15 06:28:22:546 852 b40 Agent *********
2009-04-15 06:28:22:546 852 b40 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-04-15 06:28:22:546 852 b40 Agent *************
2009-04-15 06:28:22:546 852 b40 Agent WARNING: WU client failed Searching for update with error 0x80072efd
2009-04-15 06:28:22:546 852 a2c AU >>## RESUMED ## AU: Search for updates [CallId = {761EC591-4A8E-48B0-9CF0-4 0362267BD8 3}]
2009-04-15 06:28:22:546 852 a2c AU # WARNING: Search callback failed, result = 0x80072EFD
2009-04-15 06:28:22:546 852 a2c AU # WARNING: Failed to find updates with error code 80072EFD
2009-04-15 06:28:22:546 852 a2c AU #########
2009-04-15 06:28:22:546 852 a2c AU ## END ## AU: Search for updates [CallId = {761EC591-4A8E-48B0-9CF0-4 0362267BD8 3}]
2009-04-15 06:28:22:546 852 a2c AU #############
2009-04-15 06:27:56:250 852 b40 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-04-15 06:27:56:250 852 b40 Agent *********
2009-04-15 06:27:56:250 852 b40 Agent * Online = Yes; Ignore download priority = No
2009-04-15 06:27:56:250 852 b40 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installa
2009-04-15 06:27:56:250 852 b40 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B
2009-04-15 06:27:56:250 852 b40 Agent * Search Scope = {Machine}
2009-04-15 06:27:56:250 852 b40 Misc Validating signature for C:\WINDOWS\SoftwareDistrib
2009-04-15 06:27:56:250 852 b40 Misc Microsoft signed: Yes
2009-04-15 06:28:02:859 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:02:859 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:02:859 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:09:312 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:09:312 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:09:312 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:15:875 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:15:875 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:15:875 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: Send failed with hr = 80072efd.
2009-04-15 06:28:22:328 852 b40 Misc WARNING: SendRequest failed with hr = 80072efd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://updates.<domain>:8530/selfupdate
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: SendRequestToServerForFile
2009-04-15 06:28:22:328 852 b40 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efd
2009-04-15 06:28:22:328 852 b40 Misc WARNING: DownloadFileInternal failed for http://updates.<domain>:8530/selfupdate/
2009-04-15 06:28:22:328 852 b40 Setup FATAL: IsUpdateRequired failed with error 0x80072efd
2009-04-15 06:28:22:328 852 b40 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed: 0x80072efd
2009-04-15 06:28:22:328 852 b40 Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed, error = 0x80072EFD
2009-04-15 06:28:22:328 852 b40 Agent * WARNING: Skipping scan, self-update check returned 0x80072EFD
2009-04-15 06:28:22:546 852 b40 Agent * WARNING: Exit code = 0x80072EFD
2009-04-15 06:28:22:546 852 b40 Agent *********
2009-04-15 06:28:22:546 852 b40 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-04-15 06:28:22:546 852 b40 Agent *************
2009-04-15 06:28:22:546 852 b40 Agent WARNING: WU client failed Searching for update with error 0x80072efd
2009-04-15 06:28:22:546 852 a2c AU >>## RESUMED ## AU: Search for updates [CallId = {761EC591-4A8E-48B0-9CF0-4
2009-04-15 06:28:22:546 852 a2c AU # WARNING: Search callback failed, result = 0x80072EFD
2009-04-15 06:28:22:546 852 a2c AU # WARNING: Failed to find updates with error code 80072EFD
2009-04-15 06:28:22:546 852 a2c AU #########
2009-04-15 06:28:22:546 852 a2c AU ## END ## AU: Search for updates [CallId = {761EC591-4A8E-48B0-9CF0-4
2009-04-15 06:28:22:546 852 a2c AU #############
ASKER
I checked all of the permissions as mentioned earlier. I found that the Integrated Authentication on the Default Web Site was disabled but Anonymous was enabled. I left that alone since it is the Default Web Site. I may add IA later to test. I checked other IIS subfolders under the Default Web Site and they all seemed OK. I then moved on to NTFS permissions and adjusted various folders. I added the IIS Anonymous account called IUSR_XYZ to various folders and gave it R/X permissions accordingly. This makes sense to me since some of these folders will be accessed by outside-my-domain clients and not be able to authenticate.
Tested again and it didn't seem to help much.
To fix the 0x80072efd error code on one of the clients, I temporarily changed the Windows Update intranet site to just the FQDN and remove port 8530 completely, updated the GP, rebooted, and the error went away. This time, I got a whole new error in the Windows Update log but the WSUS Client Diagnostic tool came back clean now. That error in the WU log is:
2009-04-15 11:45:17:046 852 a3c PT WARNING: GetConfig failure, error = 0x80244019, soap client error = 10, soap error code = 0, HTTP status code = 404
2009-04-15 11:45:17:046 852 a3c PT WARNING: PTError: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: GetConfig_WithRecovery failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: RefreshConfig failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: RefreshPTState failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: Sync of Updates: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: SyncServerUpdatesInternal failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c Agent * WARNING: Failed to synchronize, error = 0x80244019
2009-04-15 11:45:17:312 852 a3c Agent * WARNING: Exit code = 0x80244019
Is it possible that port 80 also needs to be redirected to this server on the firewall? We currently have port 80 redirected to another internal server. Does an WSUS server need both 80 and 8530 completely directed to it? I have multiple WAN IPs available. Please advise. Thanks!
Tested again and it didn't seem to help much.
To fix the 0x80072efd error code on one of the clients, I temporarily changed the Windows Update intranet site to just the FQDN and remove port 8530 completely, updated the GP, rebooted, and the error went away. This time, I got a whole new error in the Windows Update log but the WSUS Client Diagnostic tool came back clean now. That error in the WU log is:
2009-04-15 11:45:17:046 852 a3c PT WARNING: GetConfig failure, error = 0x80244019, soap client error = 10, soap error code = 0, HTTP status code = 404
2009-04-15 11:45:17:046 852 a3c PT WARNING: PTError: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: GetConfig_WithRecovery failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: RefreshConfig failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: RefreshPTState failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: Sync of Updates: 0x80244019
2009-04-15 11:45:17:046 852 a3c PT WARNING: SyncServerUpdatesInternal failed: 0x80244019
2009-04-15 11:45:17:046 852 a3c Agent * WARNING: Failed to synchronize, error = 0x80244019
2009-04-15 11:45:17:312 852 a3c Agent * WARNING: Exit code = 0x80244019
Is it possible that port 80 also needs to be redirected to this server on the firewall? We currently have port 80 redirected to another internal server. Does an WSUS server need both 80 and 8530 completely directed to it? I have multiple WAN IPs available. Please advise. Thanks!
Save below as fixwsus.cmd and run on client and check log again
%Windir%\system32\net.exe stop bits
%Windir%\system32\net.exe stop wuauserv
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientValidation /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll
if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll
if exist %Windir%\system32\softpub.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll
if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll
if exist %Windir%\system32\wuaueng.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll
if exist %Windir%\system32\wuaueng1.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll
if exist %Windir%\system32\wucltui.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll
if exist %Windir%\system32\wups.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll
if exist %Windir%\system32\wups2.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll
if exist %Windir%\system32\wuweb.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll
if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll
if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll
if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll
if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll
if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll
if exist %windir%\system32\msxml.dll %windir%\system32\regsvr32.exe /s msxml.dll
if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll
if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll
if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll
if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll
if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll
if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
del C:\Windows\WindowsUpdate.log /S /Q
rd /s /q %windir%\softwareDistribution
sleep 5
%Windir%\system32\net.exe start bits
%Windir%\system32\net.exe start wuauserv
sc sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
wuauclt.exe /resetauthorization
wuauclt.exe /detectnow
wuauclt.exe /reportnow
exit /B 0
ASKER
Ran the script you provided. Same result. Any other ideas?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am doing some more testing today and tomorrow. From something we did last week, 4 clients reported in but then stopped. Progress is being made....
ASKER
Still getting this secondary error that is now the only error in client WindowsUpdates.log:
2009-04-20 10:49:29:411 852 1d6c PT WARNING: GetConfig failure, error = 0x80244019, soap client error = 10, soap error code = 0, HTTP status code = 404
2009-04-20 10:49:29:411 852 1d6c PT WARNING: PTError: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: GetConfig_WithRecovery failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: RefreshConfig failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: RefreshPTState failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: Sync of Updates: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: SyncServerUpdatesInternal failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c Agent * WARNING: Failed to synchronize, error = 0x80244019
2009-04-20 10:49:29:630 852 1d6c Agent * WARNING: Exit code = 0x80244019
2009-04-20 10:49:29:630 852 1d6c Agent *********
2009-04-20 10:49:29:630 852 1d6c Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-04-20 10:49:29:630 852 1d6c Agent *************
2009-04-20 10:49:29:630 852 1d6c Agent WARNING: WU client failed Searching for update with error 0x80244019
2009-04-20 10:49:29:630 852 24b4 AU >>## RESUMED ## AU: Search for updates [CallId = {261F439A-3FBA-45EB-B224-4 1E19AB4BF4 5}]
2009-04-20 10:49:29:630 852 24b4 AU # WARNING: Search callback failed, result = 0x80244019
2009-04-20 10:49:29:630 852 24b4 AU # WARNING: Failed to find updates with error code 80244019
2009-04-20 10:49:29:630 852 24b4 AU #########
2009-04-20 10:49:29:630 852 24b4 AU ## END ## AU: Search for updates [CallId = {261F439A-3FBA-45EB-B224-4 1E19AB4BF4 5}]
2009-04-20 10:49:29:630 852 24b4 AU #############
Any help is appreciated?
2009-04-20 10:49:29:411 852 1d6c PT WARNING: GetConfig failure, error = 0x80244019, soap client error = 10, soap error code = 0, HTTP status code = 404
2009-04-20 10:49:29:411 852 1d6c PT WARNING: PTError: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: GetConfig_WithRecovery failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: RefreshConfig failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: RefreshPTState failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: Sync of Updates: 0x80244019
2009-04-20 10:49:29:411 852 1d6c PT WARNING: SyncServerUpdatesInternal failed: 0x80244019
2009-04-20 10:49:29:411 852 1d6c Agent * WARNING: Failed to synchronize, error = 0x80244019
2009-04-20 10:49:29:630 852 1d6c Agent * WARNING: Exit code = 0x80244019
2009-04-20 10:49:29:630 852 1d6c Agent *********
2009-04-20 10:49:29:630 852 1d6c Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-04-20 10:49:29:630 852 1d6c Agent *************
2009-04-20 10:49:29:630 852 1d6c Agent WARNING: WU client failed Searching for update with error 0x80244019
2009-04-20 10:49:29:630 852 24b4 AU >>## RESUMED ## AU: Search for updates [CallId = {261F439A-3FBA-45EB-B224-4
2009-04-20 10:49:29:630 852 24b4 AU # WARNING: Search callback failed, result = 0x80244019
2009-04-20 10:49:29:630 852 24b4 AU # WARNING: Failed to find updates with error code 80244019
2009-04-20 10:49:29:630 852 24b4 AU #########
2009-04-20 10:49:29:630 852 24b4 AU ## END ## AU: Search for updates [CallId = {261F439A-3FBA-45EB-B224-4
2009-04-20 10:49:29:630 852 24b4 AU #############
Any help is appreciated?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
cscript WSUSInstallDirectory\setup\installselfupdateon
Even though you set it up under the custom port 8530, there still needs to be the virtual directory under port 80