Solved

WSUS clients have all stopped updating in July

Posted on 2015-01-16
23
42 Views
Last Modified: 2016-02-20
All of my Clients have stopped updating via WSUS July 5,6, or 7th.  I know that was when I did a large patch update.  And I did another one in October.

All indications on the WSUS server are that things are fine, all updates have been approved, I just didn't see anything that said they had failed, until I had to reindex my WSUS database for other issues.  

Now I have clients that are checked against the WSUS everyday, but nothing is being installed.

If I go the "Check Updates From Microsoft Update" things seem to work but takes a long time.

Thoughts - Suggestions - Concerns...
0
Comment
Question by:Travis Hahn
  • 12
  • 7
  • 4
23 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40553553
What leads you to believe they're not updating ??
Are the clients rebooted so that further updates can be detected installed ??
What errors are in the clients windowsupdate.log ???
0
 

Author Comment

by:Travis Hahn
ID: 40553671
The arent updating because both the client and the WSUS server indicate that there that updates were last installed on 7/5/2015

Attached is one of the LOGs from a problem client

This is what I am seeing

2015-01-16      03:57:17:469       964      92c      DnldMgr      ***********  DnldMgr: New download job [UpdateId = {FB8F3684-96E8-441E-B45D-8A5A0F1AB716}.200]  ***********
2015-01-16      03:57:17:469       964      92c      DnldMgr      Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update FB8F3684-96E8-441E-B45D-8A5A0F1AB716 is "PerUpdate" regulated and can NOT download. Sequence 1865 vs AcceptRate 0.
2015-01-16      03:57:17:469       964      92c      DnldMgr        * Update is not allowed to download due to regulation.
WUL.txt
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40554200
Make sure you have this update installed on your WSUS server

http://support.microsoft.com/kb/2828185
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:Travis Hahn
ID: 40557680
I installed the update on Friday, and I am still having issues.  Looks like most of my clients are showing to have errors
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40557958
Based on the log you provided, this client is not configured to use WSUS.

2015-01-14      03:24:15:590       964      7e8      Agent        * WSUS server: <NULL>
2015-01-14      03:24:15:590       964      7e8      Agent        * WSUS status server:<NULL>
0
 

Author Comment

by:Travis Hahn
ID: 40558062
Thats strange - here is my log for my laptop - which also shows errors
WindowsUpdate.log
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40558895
Please configure GP in client system, or you can deploy GP to all client system.
Please configure following GP to get updates from your WSUS server.
1. Open run and type "gpedit.msc"
2.under the "computer configuration" settings, expand the "administrative templates".
3. After that expand the "windows components".
4.Point to "windows update" and double click it.
5. Find and double click "Specify intranet Microsoft update service location".
6. on resultant window please provide your Wsus server details. and click ok.
7. You can find other option like automatic update frequency, turn on the notification etc... please configure as per your requirement.
8. Once you are done with configuration open run and type "gpupdate /force".

Please check and confirm.
0
 

Author Comment

by:Travis Hahn
ID: 40559992
I already have that set
CaptureWSUS.PNG
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40560401
Can you able to ping to WSUS server with name?

Can you please check the port is open, which you have mentioned in GP....user telnet to check.

Try to check with, configure GP with IP instead of WSUS server name and check.

Mean while you can check with this, I will find additional solutions.
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40560433
0
 

Author Comment

by:Travis Hahn
ID: 40560453
I can ping by name

I try to telnet iota-vcserver 8530 and get the blank response
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40560575
could you please provide me WSUS version details and os details.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40561025
@Praveen Kumar Bonala the author has already confirmed that KB2828185 is installed(The latest WSUS version)


@Travis Hahn what do you get on clients when you run from cmd prompt ??

reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /s
0
 

Author Comment

by:Travis Hahn
ID: 40561192
Attached is the output.

I am almost thinking that the errors on the client are some type of residual updates that are "stuck"

I did a comparison of what has errors on a client (what WSUS says has failed) versus the list on the client, and on client it says its installed.
Capture.PNG
0
 

Author Comment

by:Travis Hahn
ID: 40561200
Attached are my screen shots
Failed.tiff
Failed2.tiff
Failed3.tiff
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40562025
On your WSUS server run the command WSUSutil.exe reset

The 80244019 error is most likely because the content is missing on the WSUS server.

https://technet.microsoft.com/en-us/library/cc720466%28v=ws.10%29.aspx

WSUSutil.exe reset will redownload any content that is detected as missing.

Also look over

http://kx.cloudingenium.com/microsoft/80244019-windows-update-encountered-an-unknown-error/
0
 

Author Comment

by:Travis Hahn
ID: 40562042
Okay - thats the Direction I am leaning in - that something happened thus clients and WSUS server are not on same page.

I have ran to command - will wait 24 hours to see if any change in client reporting.
0
 

Author Comment

by:Travis Hahn
ID: 40564156
I am still reporting that most of my clients have errors.

How do I "clear" the client so that they dont think they need to download/install a update that they already have or has been since replaced by a newer update?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40564318
Run the following .bat on them

%Windir%\system32\gpupdate

%Windir%\system32\net.exe stop bits 
%Windir%\system32\net.exe stop wuauserv 
%Windir%\system32\net.exe stop cryptsvc
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
del %WINDIR%\WindowsUpdate.log /S /Q 
rd /s /q %windir%\softwareDistribution
%Windir%\system32\net.exe start cryptsvc
%Windir%\system32\net.exe start bits 
%Windir%\system32\net.exe start wuauserv 

wuauclt /resetauthorization /detectnow
wuauclt /reportnow

exit /B 0 

Open in new window

0
 

Author Comment

by:Travis Hahn
ID: 40570421
Dosent seem to be helping - the clients are still reporting that they need 26-28 updates from the WSUS server.  When I try to install they fail.

If I install all updates from Microsoft then 24 hours later the client is reporting that it needs those 28 updates.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 40570556
Are the errors the same in the windowsupdate.log as earlier ???
0
 

Accepted Solution

by:
Travis Hahn earned 0 total points
ID: 40570795
I have attached some screen shots and the windosupdate.log

What I see happen is that I run the above .bat file, Client then says no updates.  I decline the failed updates on the server, run the WSUS server cleanup option; and all is good.  

However within 24 hours the same updates that I declied and "cleaned up" reappear and fail on the clients again.
CaptureDH.PNG
CaptureVC.PNG
DHWindowsUpdate.log
0
 

Author Closing Comment

by:Travis Hahn
ID: 41385873
To close the open question
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question