asked on Windows Svr 2012, WSUS 4 Problem not picking up computers
I am using Windows Svr 2012 and trying to setup WSUS 4 which comes a Role in Svr 2012.
Have been through the process of setting up the WSUS a number of times and it appears very similar to prev Windows 2003 & 2008 (which worked fine).
However I cannot get the workstations to find the WSUS server in Svr 2012.
No problems communicating with Microsoft in synchronising.
Have used the WID database (which Win Svr 2012 itself says is not a good idea) and the WSUS content is on non-systen drive.
Have tried to use SQL Express for 2012 - however the SQL Express Instance could not be found by WSUS, so back to using WID.
I believe the Database I am using is not the cause of this specific problem of workstation not finding WSUS (just another issue to look at).
Using AD and have setup Group Policy to connect ws's to WSUS. When I look at Windows Update on WS's it says the updates are controlled by Domain Administrator so that is good.
Still the WS's cannot find WSUS to get the actual updates.
Any guidance most appreciated.
Gary
Have been through the process of setting up the WSUS a number of times and it appears very similar to prev Windows 2003 & 2008 (which worked fine).
However I cannot get the workstations to find the WSUS server in Svr 2012.
No problems communicating with Microsoft in synchronising.
Have used the WID database (which Win Svr 2012 itself says is not a good idea) and the WSUS content is on non-systen drive.
Have tried to use SQL Express for 2012 - however the SQL Express Instance could not be found by WSUS, so back to using WID.
I believe the Database I am using is not the cause of this specific problem of workstation not finding WSUS (just another issue to look at).
Using AD and have setup Group Policy to connect ws's to WSUS. When I look at Windows Update on WS's it says the updates are controlled by Domain Administrator so that is good.
Still the WS's cannot find WSUS to get the actual updates.
Any guidance most appreciated.
Gary
Windows Server 2012Networking
Last Comment
ArneLovius
ASKER
Not setting up a Group. Just the location in GPO.
WSUS is not seeing the clients (I am believe that it is the workstations that contact the WSUS, so until they do, WSUS can't see them).
WSUS is not seeing the clients (I am believe that it is the workstations that contact the WSUS, so until they do, WSUS can't see them).
when you say the clients find the WSUS server, how are you determining this ?
ASKER
I was told that the WSUS server can't see the clients until the clients connect to the server (is that wrong?). When I view the computers that are listed in the WSUS, there are none.
that is if the WSUS server can see connected clients
granted for the WSUS server to see a connected client the client must be able to see the server, but to say that the client cannot see the server is a different statement, and one that is not proved by the server not seeing the client
there could be something on the server (firewall, incorrect IIS configuration etc etc) that is preventing the client from connecting
are you able to browse (using a web browser) to the WSUS website from the client ?
granted for the WSUS server to see a connected client the client must be able to see the server, but to say that the client cannot see the server is a different statement, and one that is not proved by the server not seeing the client
there could be something on the server (firewall, incorrect IIS configuration etc etc) that is preventing the client from connecting
are you able to browse (using a web browser) to the WSUS website from the client ?
ASKER
As suggested I used the browser from client to browse WSUS.
At first I got a 403 error indicating that Directory Listing was not permitted, so I changed the setting in IIS to allow browsing.
Now I can browse (Directory Listing) the WSUS site from the client.
At first I got a 403 error indicating that Directory Listing was not permitted, so I changed the setting in IIS to allow browsing.
Now I can browse (Directory Listing) the WSUS site from the client.
As you have proven that the WSUS server is running, I suggest reverting the changes that you made to IIS, and then re-checking each other part.
I would start with your Group Policy config, could the new settings be overwritten by a different GPO ?
Running RSOP (Resultant Set Of Policy) would probably be my starting point.
I would start with your Group Policy config, could the new settings be overwritten by a different GPO ?
Running RSOP (Resultant Set Of Policy) would probably be my starting point.
ASKER
I have run RSOP - Only shows the GP I am using with Windows Update settings.
I have attached a copy of the GPO settings for this.
I have attached a copy of the GPO settings for this.
ASKER
Sorry, here is attachment.
UserGP.docx
UserGP.docx
The RSOP shows that you have specified the IP address and port for the WSUS server
if you check the registry on a client, what does it show for the following key ?
if you check the registry on a client, what does it show for the following key ?
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
ASKER
On the Client:
There is no entry WindowsUpdate in the registry, it only goes as far as for HKLM\SOFTWARE\Policies\Mic
I notice in the Control Panel -> Windows Update that all updates are coming straight from Microsoft. It used to indicate that Updates were under the control of the Network Administrator.
There is no entry WindowsUpdate in the registry, it only goes as far as for HKLM\SOFTWARE\Policies\Mic
I notice in the Control Panel -> Windows Update that all updates are coming straight from Microsoft. It used to indicate that Updates were under the control of the Network Administrator.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
is WSUS seeing the clients ?