Solved

Windows Svr 2012, WSUS 4 Problem not picking up computers

Posted on 2013-01-05
13
1,118 Views
Last Modified: 2013-01-13
I am using Windows Svr 2012 and trying to setup WSUS 4 which comes a Role in Svr 2012.
Have been through the process of setting up the WSUS a number of times and it appears very similar to prev Windows 2003 & 2008 (which worked fine).

However I cannot get the workstations to find the WSUS server in Svr 2012.
No problems communicating with Microsoft in synchronising.

Have used the WID database (which Win Svr 2012 itself says is not a good idea) and the WSUS content is on non-systen drive.

Have tried to use SQL Express for 2012 - however the SQL Express Instance could not be found by WSUS, so back to using WID.

I believe the Database I am using is not the cause of this specific problem of workstation not finding WSUS (just another issue to look at).

Using AD and have setup Group Policy to connect ws's to WSUS. When I look at Windows Update on WS's it says the updates are controlled by Domain Administrator so that is good.

Still the WS's cannot find WSUS to get the actual updates.

Any guidance most appreciated.
Gary
0
Comment
Question by:AIGS
  • 6
  • 6
13 Comments
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38749645
are you setting a group with GPO, or just the location ?

is WSUS seeing the clients ?
0
 

Author Comment

by:AIGS
ID: 38750416
Not setting up a Group. Just the location in GPO.
WSUS is not seeing the clients (I am believe that it is the workstations that contact the WSUS, so until they do, WSUS can't see them).
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38750481
when you say the clients find the WSUS server, how are you determining this ?
0
 

Author Comment

by:AIGS
ID: 38750582
I was told that the WSUS server can't see the clients until the clients connect to the server (is that wrong?). When I view the computers that are listed in the WSUS, there are none.
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38766581
that is if the WSUS server can see connected clients

granted for the WSUS server to see a  connected client the client must be able to see the server, but to say that the client cannot see the server is a different statement, and one that is not proved by the server not seeing the client

there could be something on the server (firewall, incorrect IIS configuration etc etc) that is preventing the client from connecting

are you able to browse (using a web browser) to the WSUS website from the client ?
0
 

Author Comment

by:AIGS
ID: 38768826
As suggested I used the browser from client to browse WSUS.
At first I got a 403 error indicating that Directory Listing was not permitted, so I changed the setting in IIS to allow browsing.
Now I can browse (Directory Listing) the WSUS site from the client.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 36

Expert Comment

by:ArneLovius
ID: 38768897
As you have proven that the WSUS server is running, I suggest reverting the changes that you made to IIS, and then re-checking each other part.

I would start with your Group Policy config, could the new settings be overwritten by a different GPO ?

Running RSOP (Resultant Set Of Policy) would probably be my starting point.
0
 

Author Comment

by:AIGS
ID: 38769323
I have run RSOP - Only shows the GP I am using with Windows Update settings.

I have attached a copy of the GPO settings for this.
0
 

Author Comment

by:AIGS
ID: 38769325
Sorry, here is attachment.
UserGP.docx
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38769990
The RSOP shows that you have specified the IP address and port for the WSUS server

if you check the registry on a client, what does it show for the following key ?

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

Open in new window

0
 

Author Comment

by:AIGS
ID: 38770707
On the Client:
There is no entry WindowsUpdate in the registry, it only goes as far as for HKLM\SOFTWARE\Policies\Microsoft\Windows.

I notice in the Control Panel -> Windows Update that all updates are coming straight from Microsoft. It used to indicate that Updates were under the control of the Network Administrator.
0
 
LVL 36

Accepted Solution

by:
ArneLovius earned 300 total points
ID: 38770884
in which case, the client is not picking up the group policy object...
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
A procedure for exporting installed hotfix details of remote computers using powershell
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now