waverobber
asked on
SBS 2008 AND WINDOWS 7 UPDATE STATUS UNKNOWN
Howdy,
I have a SBS 2008 server (DC), with 30 clients. 28 of the clients are Win XP Pro. The remaining 2 (new workstations) are Windows 7 Pro. In the SBS console, Network, computers, all is well (green) with the exception of the two Win 7 machines. They show in the "Update Status" column as "Unknown."
I have only one custom Group Policy (all the rest are SBS default) that simply sets screen saver, control panel access, logon/logoff, main menu feature, etc. Nothing fancy. I joined ALL workstations into domain using "connect." When the workstations were initially joined, all had current updates already applied.
Is there something in GP that I'm missing for the Win 7 OS to get SBS to be able to query the update status? Maybe a firewall setting on the client side?
Thanks in advance...
I have a SBS 2008 server (DC), with 30 clients. 28 of the clients are Win XP Pro. The remaining 2 (new workstations) are Windows 7 Pro. In the SBS console, Network, computers, all is well (green) with the exception of the two Win 7 machines. They show in the "Update Status" column as "Unknown."
I have only one custom Group Policy (all the rest are SBS default) that simply sets screen saver, control panel access, logon/logoff, main menu feature, etc. Nothing fancy. I joined ALL workstations into domain using "connect." When the workstations were initially joined, all had current updates already applied.
Is there something in GP that I'm missing for the Win 7 OS to get SBS to be able to query the update status? Maybe a firewall setting on the client side?
Thanks in advance...
Are there any errors in the windowsupdate.log?
ASKER
Hey Fordy ,
Thanks for you input. Everything stated above has been completed. The ONLY item I have changed in the "Update Services Common Policy" is the update interval (22). Everything else is default. I ran the WSUS wizard and all is good. Still no Win 7 clients appear. Threre is really no need to create a custom policy in my case. Defaults are OK.
I did observe however, that when looking at the "Update Services Client Computer Policy," all workstations appear there with the exception of the Win 7's. I tried adding them manually (then ran GPUPDATE /Forse), but they WILL NOT stay in that group.
This is probably why, when I look at the console-security-updates-c hange security update settings-included computers, all are there except Win 7. I am also unable to ADD them from the "excluded" window, because they are not there!
I am suspecting something within the Win 7 firewall?
Thanks for you input. Everything stated above has been completed. The ONLY item I have changed in the "Update Services Common Policy" is the update interval (22). Everything else is default. I ran the WSUS wizard and all is good. Still no Win 7 clients appear. Threre is really no need to create a custom policy in my case. Defaults are OK.
I did observe however, that when looking at the "Update Services Client Computer Policy," all workstations appear there with the exception of the Win 7's. I tried adding them manually (then ran GPUPDATE /Forse), but they WILL NOT stay in that group.
This is probably why, when I look at the console-security-updates-c
I am suspecting something within the Win 7 firewall?
ASKER
No errors in windows update log
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Same as above!
ASKER
You guys "rock!" I've used this board several times for a myriad of issues. Most of the time the answer can be found here!
did u configure WSUS on GP??
here are the instructions..
WSUS Prerequisites
1.Server 2008 or Server 2003 SP1
2.BITS (Background Intelligent Transfer Service)
3.IIS (Internet Information Services)
4.MSDE database or SQL 2005 Database
5..NET Framework 2.0 or higher
Install WSUS on Windows Server 2008
1.Open Server Manager > Add Roles
2.Install “Windows Server Update Services” Role
Configure on Windows Server 2008
3.On “Select Update Source” screen, check “Store updates locally” (ensure you have enough space to store large amounts of updates)
4.Use existing SQL 2005 Server or choose Windows Internal Database
5.Use the existing IIS site, click Next
6.Click Finish
Now you can further configure WSUS by using WSUS MMC. WSUS MMC can be accessed from Administrative Tools or Server manager.
Configure Automatic Update client via Group Policy
Use Group Policy to configure Automatic Update client to download from WSUS server.
1.Create a new Domain Policy on Computers OU
2.Expand to Computer Configuration>Administrati
3.Click on “Configure Automatic Updates setting”, here configure Automatic Updates as you desire. Click OK
4.Click on “Specify intranet Microsoft update service location”, choose “Enabled ”, Configure intranet server in this format: http://WSUSSERVER
5.Once this Group Policy is propagated to the clients, clients will start to download from the WSUS server