WSUS not getting correct updates and Computers not pulling updates from WSUS server
First off, I just have to express how much I dislike WSUS, it is such a frustrating un-intuitive unreliable piece of software I find..
First problem, I find that in my WSUS console certain updates show up, but when I go to the Windows update site individually with each client machine, it shows a lot more needed updates than what is actually in the updates page on the console itself. I have all the products that I want it to download ticked and I'm selecting the view to show any needed/not applicable updates. I don't see half of the updates that are on the actual windows update page in the WSUS console. So I feel as if using WSUS alone is not giving the machines all the updates they need.
2nd problem. I find every so often, the computers for some reason just do not communicate properly with WSUS. Here's what I mean. I have modified group policy to add my WSUS server as the update server for the clients and they still never seem to report to the server until I go to the windows update page at least once and click "install" on that active X thingy or whatever it is that it is prompting you to install before you can see the list of updates. After I click install then it seems to magically start reporting to the WSUS server.. Why do I have to do this??? I should not have to go to the website to get the WSUS client/server communication to work the way that it is supposed to. I thought all you had to do was set the group policy make sure the registry key is set and it will just start pulling updates or pushing (however it works).
Am I doing something wrong? Or is this how half built this thing is?
First problem, I find that in my WSUS console certain updates show up, but when I go to the Windows update site individually with each client machine, it shows a lot more needed updates than what is actually in the updates page on the console itself. I have all the products that I want it to download ticked and I'm selecting the view to show any needed/not applicable updates. I don't see half of the updates that are on the actual windows update page in the WSUS console. So I feel as if using WSUS alone is not giving the machines all the updates they need.
2nd problem. I find every so often, the computers for some reason just do not communicate properly with WSUS. Here's what I mean. I have modified group policy to add my WSUS server as the update server for the clients and they still never seem to report to the server until I go to the windows update page at least once and click "install" on that active X thingy or whatever it is that it is prompting you to install before you can see the list of updates. After I click install then it seems to magically start reporting to the WSUS server.. Why do I have to do this??? I should not have to go to the website to get the WSUS client/server communication to work the way that it is supposed to. I thought all you had to do was set the group policy make sure the registry key is set and it will just start pulling updates or pushing (however it works).
Am I doing something wrong? Or is this how half built this thing is?
ASKER
Hey Arnold,
Thanks for the response. Here's what I did. I went to the options portion of the WSUS console, clicked on Products and Classifications and selected all the things I wanted WSUS to download.
2nd thing. How do I reregister the right dlls?
3rd thing. No I never used Targets to specify which group they belong to. I just manually drag them into different groups in the WSUS console itself. I never quite understood how to set up the Target groups.
Thanks for the response. Here's what I did. I went to the options portion of the WSUS console, clicked on Products and Classifications and selected all the things I wanted WSUS to download.
2nd thing. How do I reregister the right dlls?
3rd thing. No I never used Targets to specify which group they belong to. I just manually drag them into different groups in the WSUS console itself. I never quite understood how to set up the Target groups.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hey Arnold,
seems like the computers are reporting fine now, but all of them except for the WSUS server itself has "Updates with Errors" as the status. All of them have a red X next to them. Some of them say that they have 2 or more failed updates etc. How do I go about resolving these errors? Or getting them to install?
seems like the computers are reporting fine now, but all of them except for the WSUS server itself has "Updates with Errors" as the status. All of them have a red X next to them. Some of them say that they have 2 or more failed updates etc. How do I go about resolving these errors? Or getting them to install?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Arnold,
These 3 updates seem to be the main ones that fail on every system:
Security Update for Microsoft .NET Framework, Version 2.0 (KB928365),
Microsoft .NET Framework 3.5 Service Pack 1, .NET Framework 3.5 Family Update (KB951847) x86 and Cumulative Security Update for Internet Explorer 6 for Windows XP (KB953838)..
Then I have two other systems that have regular security updates for Windows XP that are failing:
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
I just can't figure out why updates like those would fail.
These 3 updates seem to be the main ones that fail on every system:
Security Update for Microsoft .NET Framework, Version 2.0 (KB928365),
Microsoft .NET Framework 3.5 Service Pack 1, .NET Framework 3.5 Family Update (KB951847) x86 and Cumulative Security Update for Internet Explorer 6 for Windows XP (KB953838)..
Then I have two other systems that have regular security updates for Windows XP that are failing:
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
I just can't figure out why updates like those would fail.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I clicked on the failed link and it says for all the errors the following: Error: Download failed.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I checked the log file. It looks like jibberish to me lol. The only thing that I saw that made some kinda sense was this "DnldMgr Error 0x80244019 occurred while downloading update; notifying dependent calls."
I am only getting the regular updates on this WSUS server. I ran the command then checked back my WSUS server. Nothing seems to look different except for the last status report changed to the current time, but the red X is still there.
I am only getting the regular updates on this WSUS server. I ran the command then checked back my WSUS server. Nothing seems to look different except for the last status report changed to the current time, but the red X is still there.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have it set to option 4 in Group Policy - Auto Download and schedule the install time. Have it set to not download express versions... But have changed that since your last post. I have it set to only download English updates.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hey Arnold,
It seemed like the computers started to report accurately again after I declined the .Net 3.5 update and enabled the express updates. Thanks for your assistance!
It seemed like the computers started to report accurately again after I declined the .Net 3.5 update and enabled the express updates. Thanks for your assistance!
For your second question that issue might be that your AU/WSUS client side is somehow corrupt and the access to the Windows update sites resets/reregisters the right dlls.
Besides pointing the GPO to the WSUS are you also using Targets to specify to which group the computer belongs??