Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

WSUS clients not all updating

Posted on 2009-07-13
17
561 Views
Last Modified: 2016-02-21
Hi,
Here is my issue.
I am taking on monitoring WSUS from a previous already configured set up. I was told it is set up at a central location to push out updates to all domain controllers on the network and then the domain controllers send out alerts to all computers to go to the update website and down load the updates. I am trying to learn as much as I can as quick as I can on this subject but I need some answers soon. I have some pc that under last status report they have a "not yet reported" status. Can anyone point me in the right direction on that one??? Also under 'downstream servers' there is nothing there, which may be completely normal. However how I understood it was that if the main server that pulls the updates from Windows and pushes them to the domain controllers which should be downstream  servers. Unless they aren't set up as replica servers, would that be the reason?? Thank you any help is appreciated!!
0
Comment
Question by:INSL
  • 8
  • 4
  • 3
  • +1
17 Comments
 
LVL 10

Accepted Solution

by:
sublifer earned 250 total points
ID: 24843633
If you pulled your computer list from AD then most likely the  "not yet reported"  message indicates stale entries in AD, probably older computers that were replaced, rebuilt, or computers whose names have been changed.  You'll want to check each on a case by case basis to see if you need to delete it from AD.

As for the other, yes it sounds like the DC's weren't set up as replicators.  Not a problem unless you're pushing your patches to multiple locations (with the DC being at that location) with limited available bandwidth.
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 250 total points
ID: 24843677
" I was told it is set up at a central location to push out updates to all domain controllers on the network and then the domain controllers send out alerts to all computers to go to the update website and down load the updates"
All clients(including Servers) Pull their updates from the Wsus Server and report thier status.
Post your Windowsupdate.log for troubleshooting the "Not yet Reported"
It doesnt sound like your environment is configured with "Replica Servers"
 
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24843719
Let me reiterate, there is absolutely no pushing of updates when it comes to Windows Updates/WSUS updates. There is what is called the WUA(Windows Update Agent) which is installed on all systems. This agent queries either WSUS or Windows Update for available updates.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 2

Expert Comment

by:cincytopher
ID: 24843871
Dstewartjr is correct.  The updates are pulled from the wsus server.  Also, you said that domain controllers send out alerts to all computer to go the update website and down load the updates.  Alerts are not sent out, rather client randomly check in to the wsus server and download updates if needed and update their status.  This is usually done through group policy in the domain.  You can configure everything from what group the client goes in, to how the updates are installed, to how often the clients check in.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24843920
Post your Windowsupdate.log for troubleshooting the "Not yet Reported"
We will be able to figure out your issue from there.
0
 
LVL 1

Author Comment

by:INSL
ID: 24844991
Here is the log file from the server that is hosting the WSUS.
I only put on about a months worth..not to sure if that is way too much or if you want the whole log which is from about May.

Thanks for all the help!!
WindowsUpdate1.txt
0
 
LVL 10

Expert Comment

by:sublifer
ID: 24846040
Your proxy isn't configured correct for   mail01.cervuscorp.com

Take a look at this kb for that

http://support.microsoft.com/kb/900936

For that "not yet reported" error, you need the windowsupdate.log from a client machine experiencing the problem, not the server.  If you don't see any problems then its as I said above, stale computer instances.
But, after seeing that log from your server it looks more like the server has been misconfigured and dependent clients aren't able to communicate with the server.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24846197
0
 
LVL 1

Author Comment

by:INSL
ID: 24850358
Ok I will track down a client log file.. my bad
0
 
LVL 2

Expert Comment

by:cincytopher
ID: 24850513
We actually need the log file of the client that is not reporting.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24851996
a posting of your clientdiag results may also help too.


http://download.microsoft.com/download/9/7/6/976d1084-d2fd-45a1-8c27-a467c768d8ef/WSUS%20Client%20Diagnostic%20Tool.EXE


Do this on a client not reporting
0
 
LVL 1

Author Comment

by:INSL
ID: 24852896
This is a log file of a client that is not reporting.
I have attached the entire file.
WindowsUpdate.log
0
 
LVL 10

Expert Comment

by:sublifer
ID: 24858086
I see a few things to check, first make sure your WSUS site has the selfupdate folder.
Next verify that the IUSR\  account has read (and maybe write) access to the WSUS content folders.
Also seeing what looks like proxy errors but could be related to the above so check those first.  If the above didn't help, try adding your WSUS servers to the proxy bypass list.

0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24859476
The error in your log usually refers to a bug with office 2003
 
http://www.expta.com/2008/10/fix-for-0x8024400e-errors-on-wsus.html 
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24859557
0
 
LVL 1

Author Comment

by:INSL
ID: 24861391
Thank you for all the help I will look into it all.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24861516
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
Microsoft Windows Server Update Service (WSUS) is free for everyone, but it lacks of some desirable features like send an e-mail to the administrator with the status of all computers on the WSUS server. This article is based on my PowerShell script …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question