Solved

Wsus3 Clients connected to wrong wsus Server

Posted on 2009-05-05
6
625 Views
Last Modified: 2012-05-06
Hi


We have an issue where a few clients from a few offices are connected to the wrong wsus server. It is also downloading something from the wsus3 server and causing heavy network traffic

If i run a netstat on a client that is registred to stockholmwsus, i see connections to glasgowwsus.

We have used tpcview, and the connections are: system:4 connections.

Why are some clients connected to a diffrent wsusbox while they are registred on the correct one and can be seen as active on the correct wsusserver, but still is downloading stuff from another wsusserver which is not specified in gpo??

All XP, GPO's used. Clients are in correct GPO.

Thanks /Dabosa
0
Comment
Question by:Dabosa
  • 3
  • 2
6 Comments
 
LVL 4

Expert Comment

by:rentonc
ID: 24303125
Assuming you have checked the GPO and confirmed by looking at the registry settings on the affected machines
in the follwoing key
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

It couild be a DNS issue on the affected machines, can you ping to your stockholmwsus from the affected machines to make sure they are not resolving to the ip of the glasgowwsus

0
 

Author Comment

by:Dabosa
ID: 24303462
GPO is checked and correct, also the correct server stockholmwsus is specified in this registry key.
Still there are connections to the glasgowwsus.

The clint ip settings are correct, the stockholmwsus resolves fine.

I have now checked the IP config on both wsus servers and they have the same correct  dns's and wins's.
0
 
LVL 4

Expert Comment

by:rentonc
ID: 24303793
1 final thought - is that maybe it is in the middle of a large update so the cookie may still point to the old server - maybe you could try this from the command prompt
wuauclt /resetauthorization /detectnow

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:Dabosa
ID: 24303856
Just tried it, command went fine, but still i see connection to wrong wsus server.

I have used the taskkill /F /PID "nr" on client tio kill connection and it sussessfully removes the connection but its instantly re-establishes connectivity once removed.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24306641
What does this command return?
 
reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /s  
0
 

Accepted Solution

by:
Dabosa earned 0 total points
ID: 24314029
It is solved now. This was the problem: In the same subnet we had a rightfax server

It just so happens that it used  to be the same IP address as the new Glasgow WSUS Server. No IP confilct events on the wsus though:(

The problem is arising when users have accidently printed to the Rightfax driver (possibly because it was set a default at one point.)

These then attempt to connect to the WSUS Server.

The size of the print seems to have some bearing on the connections also, but Im not sure where the downloading is coming from, or if the prints determine the size.

WSUS was fine all along - All fine now.

Thanks for all troubleshoot input! /D

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question