criskrit
asked on
WSUS and list of needed updates
Hello, we have a WSUS server controlling circa a dozen clients. All machines are Windows 2003. For some servers, WSUS won't show any needed/pending updates but if i manually run Win Updates i see that there is a bunch of them needed. For other servers WSUS reports numerous missing updates but if i run Win Updates manually i see that everything is installed. It seems as if WSUS doesn't report the updates properly. Why is this? How can i fix it? thx! :-)
Are you approving all updates that are needed within the WSUS console ???
Have these servers been rebooted ??? If there is a pending reboot, future updates that are needed wont be detected until the reboot has taken place.
Are there any errors in their windowsupdate.log ???
Have these servers been rebooted ??? If there is a pending reboot, future updates that are needed wont be detected until the reboot has taken place.
Are there any errors in their windowsupdate.log ???
ASKER
Hello and thank you for the replies. Lets deal with clients for which WSUS doesn't report needed updates. I am testing using two such clients, WSUS says that they are both up-to-date but Microsoft Update says they both need at least 60 updates! (the latter seems correct as these computers haven't been updated in almost a year).
I stopped the Automatic Update service, deleted the contents of DataStore folder, then started the Automatic Update service and ran "wuauclt.exe /resetauthorization /detectnow" and "wuauclt.exe /reportnow". I can see the "last status report" time for these clients being updated in WSUS but they still show up as needing no updates. I also checked the windowsupdate.log and it doesn't report any error messages and says that "0 updates were found". However Microsoft Update still reports 60+ updates missing. These servers don't need a reboot (if they did MS Update wouldn't report updates either).
any more ideas?
I stopped the Automatic Update service, deleted the contents of DataStore folder, then started the Automatic Update service and ran "wuauclt.exe /resetauthorization /detectnow" and "wuauclt.exe /reportnow". I can see the "last status report" time for these clients being updated in WSUS but they still show up as needing no updates. I also checked the windowsupdate.log and it doesn't report any error messages and says that "0 updates were found". However Microsoft Update still reports 60+ updates missing. These servers don't need a reboot (if they did MS Update wouldn't report updates either).
any more ideas?
Updates in Microsoft update that are not showing up in the wsus updates have probably been rejected in wsus at some point
ASKER
as far as i know, nobody touched WSUS or MS Update for about a year. However if the updates have indeed been rejected, how can i "un-reject" them?
Do a search in the wsus for the update and approve it. It can be rejected years ago and any future updates to it will also be rejected
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good to hear you got it fixed
Open in new window