Solved

Computers Not Showing in WSUS

Posted on 2010-09-10
9
674 Views
Last Modified: 2012-05-10
Hi folks!

Got a Windows Server 2003-based Active Directory network with approximately 150 Windows XP Professional Service Pack 3 workstations. I am attempting to implement a WSUS server for our organization.

I have installed WSUS, configured it, and set the group policy (for the entire domain) to point workstations to the server. Thus far, only about 100 of the 150 workstations have appeared in the WSUS management console. The other 50 or so workstations are not showing up.

In an effort to troubleshoot this problem, I have done the following:

1. I have run the "wuauclt.exe /detectnow" and "wuauclt.exe /resetauthorization /detectnow" commands. Neither produces any effect.

2. I have run the WSUS client diagnostic tool. On some workstations, it reports that the UseWUServer value is missing from the registry. However, when I create that registry value (in HKLM\Software\Policies\Microsoft\Wiindows\WindowsUpdate\AU" and set it to a value of 1, the diag tool runs successfully and reports no errors, but the computer still never appears in the server console.

3. I have used the script, posted in other question threads here on EE, to reset the SID and registry key values, and then re-run the "wuauclt.exe /resetauthorization /detectnow" command. Still no change.

4. I have checked the IIS server settings and have verified that the WSUS web site is on the default of port 80 and, therefore, the server address I used in Group Policy is correct.

If anyone could offer any additional suggestions, they would be most appreciated. Thanks!

- Ithizar
0
Comment
Question by:Ithizar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 10

Expert Comment

by:jramsier
ID: 33647350
on one of the machines that is not working (client side) do a "gpresult" and see if that GPO is applied to that device.  If it is filtered then you have a problem with GPO not apply to the device.  Iether way try a "gpupdate /force" on the device.

Also check the registry settings.  here is a link that decribes them, depending on what you set in GPO:
http://technet.microsoft.com/en-us/library/cc708545(WS.10).aspx

Sounds like a GPO issue if they are not in WSUS.
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 33647959
download the client diagnostic tools and see where the problem is coming from.

http://technet.microsoft.com/en-us/wsus/bb466192.aspx
0
 

Author Comment

by:Ithizar
ID: 33648044
Thanks, justinyeung. However, did you actually read my post? :) Please see # 2 in my list of things I've tried.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:Ithizar
ID: 33648533
jramsier,

gpresult shows that the GPO is being applied to the computer, and updated on a regular basis. Additionally, I ran the "rsop.msc" tool to look at the resultant set of policies, and all of the specific policy settings I had defined, like the use of automatic updates and the location of our WSUS server, were correct.

I have run "gpupdate /force" many times, but did it again just to be safe. Then, I even ran "wuauclt.exe /resetauthorization /detectnow" again. Still no dice.

I checked the link you provided, and basically all the permissions were set correctly. The only thing that was missing is that the ASPNET account did not have access to one registry key. I fixed that. Still no change in behavior.

- Ithizar
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 33648633
"I have installed WSUS, configured it, and set the group policy (for the entire domain) to point workstations to the server. Thus far, only about 100 of the 150 workstations have appeared in the WSUS management console. The other 50 or so workstations are not showing up."

This is a duplicate sid issue
 
 
http://msmvps.com/blogs/athif/pages/66376.aspx

0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 33648822
add the following registry key on the machine that is not contact

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"AUState"=dword:00000002

and then try to reauthorize the machine

0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 33648904
@justinyeung
 
Group policy configures this registry setting which the author has already stated is correctly being applied.
0
 
LVL 10

Expert Comment

by:jramsier
ID: 33650135
I agree with dstewartjr.  This is very common if you image the machines via Symantec Ghost or other programs.  You will need to recreate the SID on the machines if so.

Use this to check the SIDs:
http://technet.microsoft.com/en-us/sysinternals/bb897417.aspx

If some are the same use this to fix:
http://technet.microsoft.com/en-us/sysinternals/bb897418.aspx
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 33650213
Machine SId and the WSUS SUSclientID are 2 different items.
 
NewSid is retired and will not remedy a WSUS issue.
 
The script in the link I posted will delete the registry locations where the DuplicateSid is located.
Wuauclt /resetauthorization /detectnow will tell the client to retrieve a new SUSClientID.
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question