Solved

WSUS - Computers not reporting in

Posted on 2013-10-30
9
1,358 Views
Last Modified: 2013-10-30
I setup a new WSUS server at one of our sites because it was killing our bandwidth at our main site. I setup the server locally and changed them over to the new WSUS server. The machines are showing up in the correct Workstations group but they are not reporting in.

I am able to get to the server and tried the below and its working.

To troubleshoot client connectivity
Open a command window.
Contact the WSUS server: pingWSUSServerName
Contact the WSUS HTTP server. Open Internet Explorer and in the Address bar type: http://WSUSServerName:portNumber where WSUSServerName is the name of the WSUS server, and portNumber is the port that has been configured for it (for example, 80 for HTTP, 443 for SSL, and 8530 for a custom port).
Verify the existence of the self-update tree. In an Internet Explorer Address bar type http://WSUSServerName/selfupdate/wuident.cab
If the WSUS server is functioning properly, you should see a File Download window asking you whether to open or save the file. Close the window.

I haven't approved any updates yet. Was waiting for the machines to report in. Do I have to have some updates approved for them to report in?
0
Comment
Question by:ats2012
  • 5
  • 4
9 Comments
 
LVL 47

Expert Comment

by:dstewartjr
Comment Utility
By default computers report into WSUS every 22 hours, so if this is a recent change you only need to be patient.
0
 
LVL 47

Expert Comment

by:dstewartjr
Comment Utility
You can run this on clients to speed up checkins

%Windir%\system32\net.exe stop bits
%Windir%\system32\net.exe stop wuauserv
%Windir%\system32\net.exe stop cryptsvc
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f

%Windir%\system32\net.exe start cryptsvc
%Windir%\system32\net.exe start bits
%Windir%\system32\net.exe start wuauserv


wuauclt /resetauthorization /detectnow
wuauclt /reportnow

exit /B 0
0
 

Author Comment

by:ats2012
Comment Utility
I have been waiting over 2 days for these machines to report in. I see only 2 machines have reported in.
0
 
LVL 47

Expert Comment

by:dstewartjr
Comment Utility
on a client not reporting in what is the result of ??

 reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

what errors do you see in a clients windowsupdate.log ??
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 

Author Comment

by:ats2012
Comment Utility
Its showing the correct WSUS server. Looked at the log and showing alot of errors

2013-10-30	08:49:52:558	 900	988	Misc	 Microsoft signed: Yes
2013-10-30	08:49:52:558	 900	988	Misc	WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab are not trusted: Error 0x800b0001
2013-10-30	08:49:52:558	 900	988	Setup	WARNING: SelfUpdate check failed to download package information, error = 0x800B0001
2013-10-30	08:49:52:559	 900	988	Setup	FATAL: SelfUpdate check failed, err = 0x800B0001
2013-10-30	08:49:52:559	 900	988	Agent	  * WARNING: Skipping scan, self-update check returned 0x800B0001
2013-10-30	08:49:52:596	 900	988	Agent	  * WARNING: Exit code = 0x800B0001
2013-10-30	08:49:52:596	 900	988	Agent	*********
2013-10-30	08:49:52:596	 900	988	Agent	**  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-30	08:49:52:596	 900	988	Agent	*************
2013-10-30	08:49:52:597	 900	988	Agent	WARNING: WU client failed Searching for update with error 0x800b0001
2013-10-30	08:49:52:597	 900	aa0	AU	>>##  RESUMED  ## AU: Search for updates [CallId = {22D3792C-21CB-4EF9-84E7-A5BF2EA4BF46}]
2013-10-30	08:49:52:597	 900	aa0	AU	  # WARNING: Search callback failed, result = 0x800B0001
2013-10-30	08:49:52:597	 900	aa0	AU	  # WARNING: Failed to find updates with error code 800B0001
2013-10-30	08:49:52:597	 900	aa0	AU	#########
2013-10-30	08:49:52:597	 900	aa0	AU	##  END  ##  AU: Search for updates [CallId = {22D3792C-21CB-4EF9-84E7-A5BF2EA4BF46}]
2013-10-30	08:49:52:597	 900	aa0	AU	#############
2013-10-30	08:49:52:597	 900	aa0	AU	Successfully wrote event for AU health state:0
2013-10-30	08:49:52:597	 900	aa0	AU	AU setting next detection timeout to 2013-10-30 17:30:30
2013-10-30	08:49:52:597	 900	aa0	AU	Setting AU scheduled install time to 2013-10-31 08:00:00
2013-10-30	08:49:52:598	 900	aa0	AU	Successfully wrote event for AU health state:0
2013-10-30	08:49:52:599	 900	aa0	AU	Successfully wrote event for AU health state:0
2013-10-30	08:49:57:583	 900	988	Report	REPORT EVENT: {58E03541-0713-4222-B349-691E9E036353}	2013-10-30 08:49:52:559-0500	1	148	101	{D67661EB-2423-451D-BF5D-13199E37DF28}	1	800b0001	SelfUpdate	Failure	Software Synchronization	Windows Update Client failed to detect with error 0x800b0001.
2013-10-30	08:49:57:620	 900	988	Report	CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-10-30	08:49:57:620	 900	988	Report	WER Report sent: 7.6.7600.256 0x800b0001 D67661EB-2423-451D-BF5D-13199E37DF28 Scan 101 Managed
2013-10-30	08:49:57:620	 900	988	Report	CWERReporter finishing event handling. (00000000)
2013-10-30	08:58:07:449	 900	988	Report	Uploading 2 events using cached cookie, reporting URL = http://wtwlia-wsus01v.ats-inc.com/ReportingWebService/ReportingWebService.asmx
2013-10-30	08:58:07:693	 900	988	PT	WARNING: ReportEventBatch failure, error = 0x8024400D, soap client error = 7, soap error code = 300, HTTP status code = 200
2013-10-30	08:58:07:693	 900	988	PT	WARNING: SOAP Fault: 0x00012c
2013-10-30	08:58:07:693	 900	988	PT	WARNING:     faultstring:Fault occurred
2013-10-30	08:58:07:693	 900	988	PT	WARNING:     ErrorCode:InvalidCookie(1)
2013-10-30	08:58:07:693	 900	988	PT	WARNING:     Message:(null)
2013-10-30	08:58:07:693	 900	988	PT	WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/ReportEventBatch"
2013-10-30	08:58:07:693	 900	988	PT	WARNING:     ID:e86f75d5-b31f-4562-bfb2-2400b17ad273
2013-10-30	08:58:07:693	 900	988	Report	WARNING: Reporter failed to upload events with hr = 8024400d.
2013-10-30	09:09:02:810	 900	988	Report	Uploading 2 events using cached cookie, reporting URL = http://wtwlia-wsus01v.ats-inc.com/ReportingWebService/ReportingWebService.asmx
2013-10-30	09:09:02:890	 900	988	PT	WARNING: ReportEventBatch failure, error = 0x8024400D, soap client error = 7, soap error code = 300, HTTP status code = 200
2013-10-30	09:09:02:890	 900	988	PT	WARNING: SOAP Fault: 0x00012c
2013-10-30	09:09:02:890	 900	988	PT	WARNING:     faultstring:Fault occurred
2013-10-30	09:09:02:890	 900	988	PT	WARNING:     ErrorCode:InvalidCookie(1)
2013-10-30	09:09:02:890	 900	988	PT	WARNING:     Message:(null)
2013-10-30	09:09:02:890	 900	988	PT	WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/ReportEventBatch"
2013-10-30	09:09:02:890	 900	988	PT	WARNING:     ID:27aadfd8-5a1c-49d4-9112-46974280aa35
2013-10-30	09:09:02:890	 900	988	Report	WARNING: Reporter failed to upload events with hr = 8024400d.
2013-10-30	09:38:20:971	 900	c80	PT	WARNING: Cached cookie has expired or new PID is available
2013-10-30	09:38:20:971	 900	c80	PT	Initializing simple targeting cookie, clientId = 2466cfbc-23d2-4894-b099-4db2b04dde2d, target group = Workstations, DNS name = win7test.ats-inc.com
2013-10-30	09:38:20:971	 900	c80	PT	  Server URL = http://wtwlia-wsus01v.ats-inc.com/SimpleAuthWebService/SimpleAuth.asmx
2013-10-30	09:38:21:102	 900	c80	PT	WARNING: GetCookie failure, error = 0x8024400D, soap client error = 7, soap error code = 300, HTTP status code = 200
2013-10-30	09:38:21:102	 900	c80	PT	WARNING: SOAP Fault: 0x00012c
2013-10-30	09:38:21:102	 900	c80	PT	WARNING:     faultstring:Fault occurred
2013-10-30	09:38:21:102	 900	c80	PT	WARNING:     ErrorCode:InvalidCookie(1)
2013-10-30	09:38:21:102	 900	c80	PT	WARNING:     Message:(null)
2013-10-30	09:38:21:102	 900	c80	PT	WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/GetCookie"
2013-10-30	09:38:21:102	 900	c80	PT	WARNING:     ID:19e8ff9a-4fcc-49f0-bf35-828abfa70481
2013-10-30	09:38:21:102	 900	c80	PT	WARNING: PTError: 0x80244015
2013-10-30	09:38:21:102	 900	c80	PT	WARNING: GetCookie_WithRecovery failed : 0x80244015
2013-10-30	09:38:21:102	 900	c80	PT	WARNING: RefreshCookie failed: 0x80244015
2013-10-30	09:38:21:102	 900	c80	PT	WARNING: RefreshPTState failed: 0x80244015
2013-10-30	09:38:21:264	 900	c80	PT	WARNING: Cached cookie has expired or new PID is available
2013-10-30	09:38:21:264	 900	c80	PT	Initializing simple targeting cookie, clientId = 2466cfbc-23d2-4894-b099-4db2b04dde2d, target group = Workstations, DNS name = win7test.ats-inc.com
2013-10-30	09:38:21:264	 900	c80	PT	  Server URL = http://wtwlia-wsus01v.ats-inc.com/SimpleAuthWebService/SimpleAuth.asmx
2013-10-30	09:38:27:770	 900	c80	Report	Uploading 2 events using cached cookie, reporting URL = http://wtwlia-wsus01v.ats-inc.com/ReportingWebService/ReportingWebService.asmx
2013-10-30	09:38:27:805	 900	c80	Report	Reporter successfully uploaded 2 events.

Open in new window

0
 
LVL 47

Accepted Solution

by:
dstewartjr earned 500 total points
Comment Utility
If you are using server 2008 and WSUS you most likely have WSUS on the custom port 8530

this needs to be added to your GPO config

http://wtwlia-wsus01v.ats-inc.com:8530
0
 

Author Comment

by:ats2012
Comment Utility
i will try that but would the machines show up at all if it was set to http://wtwlia-wsus01v.ats-inc.com?
0
 

Author Closing Comment

by:ats2012
Comment Utility
Computers are now reporting in. Adding the port fixed the issue.

Thank you
0
 
LVL 47

Expert Comment

by:dstewartjr
Comment Utility
You're welcome
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now