WSUS console not connecting

All of the sudden, the WSUS 3.0 console can't connect on my Windows SBS 2003 std. server. I'm not sure why.  It just won't connect.
I need somewhere to start troubleshooting this.  Anyone know where I can start?
Thanks.
bryanchandlerAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
ChiefITConnect With a Mentor Commented:
Is Windows firewall now blocking port 8530?

0
 
pschakravarthiCommented:
Hi,
Check eventlogs for errors.
Looks like an issue with .net
0
 
bryanchandlerAuthor Commented:
Didn't see any errors from .net.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
ChiefITCommented:
WSUS is a pull technology, where all updates are saved on the server, and the clients pull the updates from the server.

Start at the client:

Use the WSUS clientdiag utility:
http://technet.microsoft.com/en-us/wsus/bb466192.aspx

The client diag will tell you more than any other info. So, post the results here and we can evaluate it.
0
 
bryanchandlerAuthor Commented:
Here's the output of the WSUS Client Diag tool ran directly on the server that's supposed to be running WSUS:


WSUS Client Diagnostics Tool

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is running. . . PASS
        Wuaueng.dll version 7.4.7600.226. . . . . . . . . . . . PASS
                This version is WSUS 2.0

Checking AU Settings
        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . .  NONE
                Winhttp local machine ProxyBypass. . . . . . .  NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy. . . . . . . . . . . . . . . . .  NONE
                User IE ProxyByPass. . . . . . . . . . . . . .  NONE
                User IE AutoConfig URL Proxy . . . . . . . . .  NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
WUStatusServer is not set through Policy
WUServer is not set through Policy
        UseWuServer value is missing. . . . . . . . . . . . . . FAIL

GetAUSettingsRegistry(true,pszUseWu,&dwUseWu) failed with hr=0x80070002

The system cannot find the file specified.
0
 
ChiefITCommented:
OK, something wrong with your group policy.

There are two ports that WSUS typically uses for access.

One is http://yourservername.domain.name   (and it uses port 80, this is default)
The second is an alternative port
it is http://yourservername.domain.name:8530

Port 8530 is an alternative port. If you already have a web page on that server, then WSUS will default to that alternative port.

You could try this.

If you tried both, with still no clients, then you should look at File replication event logs to see if your group policies are being replicated and Netbios translation to see if the policies are being broadcasted to the client computers.
0
 
bryanchandlerAuthor Commented:
ChiefIT:
Not sure exactly how to see if GPs are being replicated by looking at the File Replication Event Logs, or if the policies are being broadcast.  

I'm a n00b, I know.  It's a bit "greek" to me at this point.

If you could tell me what I should be looking for I'd appreciate it.

However, I do want to clarify that I'm attempting to use the WSUS console.  This isn't necessarily an issue w/ client PCs not connecting to the server (although that needs to work too).  It's the server that can't connect to itself, locally.  I'd like to deal with just getting the WSUS console functioning again before I worry about the clients connecting to WSUS as it was before.
FYI this was working 100% until last week.  I have no idea what happened, as nothing changed.
0
 
ChiefITCommented:
On the domain controllers, you should look in the FRS logs for events in the 13000's.

Also, you might see errors 1030 and 1058.

0
 
bryanchandlerAuthor Commented:
I don't have any errors in FRS logs for at least a year & a half.
The last event was this:

Event Type:      Information
Event Source:      NtFrs
Event Category:      None
Event ID:      13516
Date:            3/24/2010
Time:            7:13:59 AM
User:            N/A
Computer:      OAKSERVER1
Description:
The File Replication Service is no longer preventing the computer OAKSERVER1 from becoming a domain controller. The system volume has been successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL.
 
Type "net share" to check for the SYSVOL share.


0
 
ChiefITCommented:
OK, that looks good.

So, we have to modify the group policy to work with WSUS.

Try both

This is what we are trying to correct:
____________________________________________
Checking Connection to WSUS/SUS Server
WUStatusServer is not set through Policy
WUServer is not set through Policy
        UseWuServer value is missing. . . . . . . . . . . . . . FAIL
_____________________________________________

On this page, you will see the SUS deployment white papers. It will show you how to create the group policies and walk you through it step-by-step.

http://technet.microsoft.com/en-us/wsus/bb466186.aspx
0
 
bryanchandlerAuthor Commented:
I already have a WSUS specific Group Policy.  I setup WSUS on this server using this white paper & it worked for a year before this error occurred.
See the screenshot of the policy report.

The question is if this policy exists, why isn't it working?
WSUS-GP.png
0
 
bryanchandlerAuthor Commented:
HEYNOW!  That was it!  For some reason it wasn't open.
I opened the port in the GPO for the domain firewall policy & the console popped right up like nothing was ever wrong!
Thanks.
0
 
ChiefITCommented:
Glad that worked for you,

It may take a little while to populate all computers domain computers.  If others are still missing, run the client diag and post another question, It may be an imaged computer that needs a new SID or some other problem.

0
All Courses

From novice to tech pro — start learning today.