Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1182
  • Last Modified:

Windows Svr 2012, WSUS 4 Problem not picking up computers

I am using Windows Svr 2012 and trying to setup WSUS 4 which comes a Role in Svr 2012.
Have been through the process of setting up the WSUS a number of times and it appears very similar to prev Windows 2003 & 2008 (which worked fine).

However I cannot get the workstations to find the WSUS server in Svr 2012.
No problems communicating with Microsoft in synchronising.

Have used the WID database (which Win Svr 2012 itself says is not a good idea) and the WSUS content is on non-systen drive.

Have tried to use SQL Express for 2012 - however the SQL Express Instance could not be found by WSUS, so back to using WID.

I believe the Database I am using is not the cause of this specific problem of workstation not finding WSUS (just another issue to look at).

Using AD and have setup Group Policy to connect ws's to WSUS. When I look at Windows Update on WS's it says the updates are controlled by Domain Administrator so that is good.

Still the WS's cannot find WSUS to get the actual updates.

Any guidance most appreciated.
Gary
0
AIGS
Asked:
AIGS
  • 6
  • 6
1 Solution
 
ArneLoviusCommented:
are you setting a group with GPO, or just the location ?

is WSUS seeing the clients ?
0
 
AIGSAuthor Commented:
Not setting up a Group. Just the location in GPO.
WSUS is not seeing the clients (I am believe that it is the workstations that contact the WSUS, so until they do, WSUS can't see them).
0
 
ArneLoviusCommented:
when you say the clients find the WSUS server, how are you determining this ?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
AIGSAuthor Commented:
I was told that the WSUS server can't see the clients until the clients connect to the server (is that wrong?). When I view the computers that are listed in the WSUS, there are none.
0
 
ArneLoviusCommented:
that is if the WSUS server can see connected clients

granted for the WSUS server to see a  connected client the client must be able to see the server, but to say that the client cannot see the server is a different statement, and one that is not proved by the server not seeing the client

there could be something on the server (firewall, incorrect IIS configuration etc etc) that is preventing the client from connecting

are you able to browse (using a web browser) to the WSUS website from the client ?
0
 
AIGSAuthor Commented:
As suggested I used the browser from client to browse WSUS.
At first I got a 403 error indicating that Directory Listing was not permitted, so I changed the setting in IIS to allow browsing.
Now I can browse (Directory Listing) the WSUS site from the client.
0
 
ArneLoviusCommented:
As you have proven that the WSUS server is running, I suggest reverting the changes that you made to IIS, and then re-checking each other part.

I would start with your Group Policy config, could the new settings be overwritten by a different GPO ?

Running RSOP (Resultant Set Of Policy) would probably be my starting point.
0
 
AIGSAuthor Commented:
I have run RSOP - Only shows the GP I am using with Windows Update settings.

I have attached a copy of the GPO settings for this.
0
 
AIGSAuthor Commented:
Sorry, here is attachment.
UserGP.docx
0
 
ArneLoviusCommented:
The RSOP shows that you have specified the IP address and port for the WSUS server

if you check the registry on a client, what does it show for the following key ?

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

Open in new window

0
 
AIGSAuthor Commented:
On the Client:
There is no entry WindowsUpdate in the registry, it only goes as far as for HKLM\SOFTWARE\Policies\Microsoft\Windows.

I notice in the Control Panel -> Windows Update that all updates are coming straight from Microsoft. It used to indicate that Updates were under the control of the Network Administrator.
0
 
ArneLoviusCommented:
in which case, the client is not picking up the group policy object...
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now