Solved

Computers Not Showing in WSUS

Posted on 2010-09-10
9
660 Views
Last Modified: 2012-05-10
Hi folks!

Got a Windows Server 2003-based Active Directory network with approximately 150 Windows XP Professional Service Pack 3 workstations. I am attempting to implement a WSUS server for our organization.

I have installed WSUS, configured it, and set the group policy (for the entire domain) to point workstations to the server. Thus far, only about 100 of the 150 workstations have appeared in the WSUS management console. The other 50 or so workstations are not showing up.

In an effort to troubleshoot this problem, I have done the following:

1. I have run the "wuauclt.exe /detectnow" and "wuauclt.exe /resetauthorization /detectnow" commands. Neither produces any effect.

2. I have run the WSUS client diagnostic tool. On some workstations, it reports that the UseWUServer value is missing from the registry. However, when I create that registry value (in HKLM\Software\Policies\Microsoft\Wiindows\WindowsUpdate\AU" and set it to a value of 1, the diag tool runs successfully and reports no errors, but the computer still never appears in the server console.

3. I have used the script, posted in other question threads here on EE, to reset the SID and registry key values, and then re-run the "wuauclt.exe /resetauthorization /detectnow" command. Still no change.

4. I have checked the IIS server settings and have verified that the WSUS web site is on the default of port 80 and, therefore, the server address I used in Group Policy is correct.

If anyone could offer any additional suggestions, they would be most appreciated. Thanks!

- Ithizar
0
Comment
Question by:Ithizar
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 10

Expert Comment

by:jramsier
ID: 33647350
on one of the machines that is not working (client side) do a "gpresult" and see if that GPO is applied to that device.  If it is filtered then you have a problem with GPO not apply to the device.  Iether way try a "gpupdate /force" on the device.

Also check the registry settings.  here is a link that decribes them, depending on what you set in GPO:
http://technet.microsoft.com/en-us/library/cc708545(WS.10).aspx

Sounds like a GPO issue if they are not in WSUS.
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 33647959
download the client diagnostic tools and see where the problem is coming from.

http://technet.microsoft.com/en-us/wsus/bb466192.aspx
0
 

Author Comment

by:Ithizar
ID: 33648044
Thanks, justinyeung. However, did you actually read my post? :) Please see # 2 in my list of things I've tried.
0
 

Author Comment

by:Ithizar
ID: 33648533
jramsier,

gpresult shows that the GPO is being applied to the computer, and updated on a regular basis. Additionally, I ran the "rsop.msc" tool to look at the resultant set of policies, and all of the specific policy settings I had defined, like the use of automatic updates and the location of our WSUS server, were correct.

I have run "gpupdate /force" many times, but did it again just to be safe. Then, I even ran "wuauclt.exe /resetauthorization /detectnow" again. Still no dice.

I checked the link you provided, and basically all the permissions were set correctly. The only thing that was missing is that the ASPNET account did not have access to one registry key. I fixed that. Still no change in behavior.

- Ithizar
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 33648633
"I have installed WSUS, configured it, and set the group policy (for the entire domain) to point workstations to the server. Thus far, only about 100 of the 150 workstations have appeared in the WSUS management console. The other 50 or so workstations are not showing up."

This is a duplicate sid issue
 
 
http://msmvps.com/blogs/athif/pages/66376.aspx

0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 33648822
add the following registry key on the machine that is not contact

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"AUState"=dword:00000002

and then try to reauthorize the machine

0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 33648904
@justinyeung
 
Group policy configures this registry setting which the author has already stated is correctly being applied.
0
 
LVL 10

Expert Comment

by:jramsier
ID: 33650135
I agree with dstewartjr.  This is very common if you image the machines via Symantec Ghost or other programs.  You will need to recreate the SID on the machines if so.

Use this to check the SIDs:
http://technet.microsoft.com/en-us/sysinternals/bb897417.aspx

If some are the same use this to fix:
http://technet.microsoft.com/en-us/sysinternals/bb897418.aspx
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 33650213
Machine SId and the WSUS SUSclientID are 2 different items.
 
NewSid is retired and will not remedy a WSUS issue.
 
The script in the link I posted will delete the registry locations where the DuplicateSid is located.
Wuauclt /resetauthorization /detectnow will tell the client to retrieve a new SUSClientID.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
active directory 5 55
Windows 10 Domain Account Not Logging in away from office 17 61
Windows server 2003 bootable iso 9 45
OpenVPN Speed limitation to only 10 mbps 7 95
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now