WSUS managed computers not receiving updates

Posted on 2014-08-25
Last Modified: 2016-02-20
I'm installing WSUS onto a domain controller (Server 2012 R2). I have the role up and running, have a custom Computer group with our ~200 domain computers running Windows 7 Pro x64. I have synchronized the server with the Microsoft Updates server, and approved many, many updates for installation.

In my list of computers, I see machines needing anywhere from 10-60 updates. I have configured both the default domain group policy, as well as WSUS Policy, to point to this domain controller, automatically download/install updates, and check for new updates daily as well as 5 minutes after boot.

Unfortunately the domain computers don't seem to be reporting back to WSUS, and WSUS never shows any computers receiving updates. On my test machine if I manually check for updates direct from Microsoft I get authentic results, but when I check for updates via sever (our traditional way) it comes back with an error.

For the GPO in Windows Update for "specify intranet locations", I have entered:
All with no results of computers getting updates.

I feel like the WSUS is set up correctly (how many modifications can there really be?), and feel like I have customized the default and WSUS GPOs correctly (pretty straightforward enable/disable for server 2012)....Seems like the clients just aren't looking for updates...any ideas?
Question by:dpcsit
    LVL 56

    Expert Comment

    by:Cliff Galiher
    "but when I check for updates via sever (our traditional way) it comes back with an error."

    ...and that error would be...??
    LVL 1

    Author Comment

    D'OH...knew i left something out...

    Windows Update error: 80244019

    I was hoping to stick with GP changes and not registry...We have previously had WSUS working in our domain, but on a now-extinct domain controller running server 2008. It was fairly seamless in that I would approve updates, and within the next few hours, clients would have pop ups for users to restart so that updates can install.
    LVL 56

    Expert Comment

    by:Cliff Galiher
    You should be configuring the client to use port 8530. Check for typos. Test DNS. And make sure port 8530 is open on the window firewall (that last one trips up a lot of people.) 80244029 is often just simple failure to contact which pints to a network issue.
    LVL 1

    Author Comment

    Thanks Cliff,

    In the migration from server 2008 > server 2012, we have had residual DNS issues off and on...I'll try to replace the intranet name with http://domain ip address:8530 to see if that works.

    I'll report back with any updates...
    LVL 1

    Accepted Solution


    I had to remove/reinstall the WSUS service as a whole; it was trying to download 1.9 TB of updates for all kinds of Windows OS's and the download couldn't be stopped.

    After the role reinstallation, I made sure to only select Windows 7 as a product, and go from there. I had to download 8 GB of updates, which completed over the weekend, and the clients are slowly starting to get their updates and report back as ok (now if I could only convince the users to actually APPLY the updates).

    Thanks for the help. Moral of the story; be patient; don't download half the internet either.
    LVL 1

    Author Closing Comment

    It worked.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Suggested Solutions

    Title # Comments Views Activity
    Cannot Manage RDS 2012R2 Deployment 3 17
    DFS Question 4 20
    Windows Cal question 3 22
    Upgrading Domain to Windows 2012 R2 7 33
    This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
    Microsoft Windows Server Update Service (WSUS) is free for everyone, but it lacks of some desirable features like send an e-mail to the administrator with the status of all computers on the WSUS server. This article is based on my PowerShell script …
    In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now