Link to home
Start Free TrialLog in
Avatar of criskrit
criskrit

asked on

WSUS and list of needed updates

Hello, we have a WSUS server controlling circa a dozen clients. All machines are Windows 2003. For some servers, WSUS won't show any needed/pending updates but if i manually run Win Updates i see that there is a bunch of them needed. For other servers WSUS reports numerous missing updates but if i run Win Updates manually i see that everything is installed. It seems as if WSUS doesn't report the updates properly. Why is this? How can i fix it? thx! :-)
Avatar of Gabriel Clifton
Gabriel Clifton
Flag of United States of America image
It is usually not the WSUS but rather the computer getting the updates. Try this batch script.

@ECHO OFF
net stop wuauserv 

echo -----------------------------------------------------------------------
echo This batch file will register all of the files associated
echo with a visit to the Microsoft Update / Windows Update
echo resources.
echo.
echo -----------------------------------------------------------------------

cls

echo ---Registering Widows Update Agent DLLs---
regsvr32 /s %systemroot%\system32\wuapi.dll
regsvr32 /s %systemroot%\system32\wuaueng.dll
regsvr32 /s %systemroot%\system32\wuaueng1.dll
regsvr32 /s %systemroot%\system32\wucltui.dll
regsvr32 /s %systemroot%\system32\wups.dll
regsvr32 /s %systemroot%\system32\wups2.dll
regsvr32 /s %systemroot%\system32\wuweb.dll

echo.
echo --Done registering Windows Update Agent DLLs
echo.

echo ---Registering Microsoft XML DLLs---
regsvr32 /s %systemroot%\system32\msxml3.dll
echo.
echo.

echo --Done registering Microsoft XML DLLs
echo.

echo PROCESS COMPLETE!
echo.

 Del "C:\Windows\SoftwareDistribution\DataStore\*.*" /f /q
net start wuauserv 
wuauclt.exe /resetauthorization /detectnow

Open in new window

Avatar of Don
Don
Flag of United States of America image
Are you approving all updates that are needed within the WSUS console ???

Have these servers been rebooted ??? If there is a pending reboot, future updates that are needed wont be detected until the reboot has taken place.

Are there any errors in their windowsupdate.log ???
Avatar of criskrit
criskrit

ASKER

Hello and thank you for the replies. Lets deal with clients for which WSUS doesn't report needed updates. I am testing using two such clients, WSUS says that they are both up-to-date but Microsoft Update says they both need at least 60 updates! (the latter seems correct as these computers haven't been updated in almost a year).

I stopped the Automatic Update service, deleted the contents of DataStore folder, then started the Automatic Update service and ran "wuauclt.exe /resetauthorization /detectnow" and "wuauclt.exe /reportnow". I can see the "last status report" time for these clients being updated in WSUS but they still show up as needing no updates. I also checked the windowsupdate.log and it doesn't report any error messages and says that "0 updates were found". However Microsoft Update still reports 60+ updates missing. These servers don't need a reboot (if they did MS Update wouldn't report updates either).

any more ideas?
Avatar of Gabriel Clifton
Gabriel Clifton
Flag of United States of America image
Updates in Microsoft update that are not showing up in the wsus updates have probably been rejected in wsus at some point
Avatar of criskrit
criskrit

ASKER

as far as i know, nobody touched WSUS or MS Update for about a year. However if the updates have indeed been rejected, how can i "un-reject" them?
Avatar of Gabriel Clifton
Gabriel Clifton
Flag of United States of America image
Do a search in the wsus for the update and approve it. It can be rejected years ago and any future updates to it will also be rejected
ASKER CERTIFIED SOLUTION
Avatar of criskrit
criskrit
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Gabriel Clifton
Gabriel Clifton
Flag of United States of America image
Good to hear you got it fixed