Solved

Windows Computers in SBS2011 Domain are not updating

Posted on 2014-01-08
11
1,530 Views
Last Modified: 2014-01-13
We have a mix of Windows XP and Windows 7 computers in a SBS2011 domain.
WSUS is not used or configured. Each computer was setup to auto download and install updates. About 2 months ago, this process stopped.

On the Windows 7 Systems, the control Windows/Windows Update section reports that updates are "Managed by your system Administrator"

I tried to run the update manually on one of the Windows 7 PC's  and got Error code 80072ee2.

On one of the Windows XP systems, I checked in the System Properties/Automatic Updates tab and I that the following selection is made and greyed out so it cannot be changed: Notify me but don't automatically download and install them.

Do I have need to change something in a Group Policy?
0
Comment
Question by:itplatoon
11 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 39767145
Run gpresult /v > C:\gpresult.txt

on each OS and look through that file for the WSUS setting to find out what policy you need to fix.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 39767147
You'll have to Edit Group Policy on the SBS Server
Specifically the Update Services Client Computer Policy and the Update Services Common Settings Policy

Why aren't you using WSUS?
0
 

Expert Comment

by:okeno12
ID: 39767159
go to the sbs server and edit the group policy
0
 

Author Comment

by:itplatoon
ID: 39767178
Another system admin might have made use of WSUS, not sure at this point.

I do see an error on the SBS console>Home> Updates  tab that shows " Update services cannot be contacted"

I checked and do see the Update Services service is online and running
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 39767184
So is your goal to get WSUS working properly. Or do you want to disable the group policy objects that force workstations to only update through WSUS?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:itplatoon
ID: 39767187
If there is no downside to using WSUS, it might make sense to fix and use it. At this point, nothing is getting updated. So what are next steps to fix WSUS?
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 39767208
Here is the official Repair Guide for WSUS on SBS from Microsoft
Repair Windows Server Update Services   http://technet.microsoft.com/en-us/library/gg680316.aspx
0
 
LVL 18

Expert Comment

by:Sushil Sonawane
ID: 39767244
You have to remove configure setting related wsus in group policy. Disable the WSUS configure group policy and run the command gpupdate /force or restart the computer and check if you can do windows update manually.

To disable setting is below :

In Group Policy Object Editor, expand Computer Configuration, expand Administrative Templates, expand Windows Components, and then click Windows Update.
In the details pane, click Specify Intranet Microsoft update service location.
Click Enabled and type the HTTP(S) URL of the same WSUS server in the Set the intranet update service for detecting updates box and in the Set the intranet statistics server box. For example, type http(s)://servername in both boxes.
Click OK.


For more info refer below link :

http://social.technet.microsoft.com/Forums/en-US/eff10fab-7ca3-471e-a164-bf7b73a28128/how-to-remove-wsus-client-settings?forum=winserverwsus

http://technet.microsoft.com/en-us/library/cc720539(ws.10).aspx
0
 

Author Comment

by:itplatoon
ID: 39775374
I use the repair process steps noted at this link:
http://technet.microsoft.com/en-us/library/gg680316.aspx 

I found the following services not running:
WWW Published
Windows Process Activation and showing "Error: 13 The data is invalid

This led me to:

http://www.gringod.com/2008/08/15/when-iis-wont-start-error-13/

The culprit was: c:\windows\system32\inetsrv\config\applicationHost.config
I used the backup of the applicationHost.config file in c:\inetpub\history.
copied the file over and now all of the service work as expected.
WSUS seems to be working now as well too.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 39775443
Glad you were able to track this down.  is there anyone besides you that would make changes to IIS that could cause that file to change?
0
 

Author Closing Comment

by:itplatoon
ID: 39778329
Thanks for the expert advice!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Restore Group Policy Server 2012 11 67
Information Store Service missing 3 53
Domain Controller Diagnostic Errors on SBS 2008 3 41
Certificate Renewal Question 3 41
The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now