Solved

WSUS clients have all stopped updating in July

Posted on 2015-01-16
23
27 Views
Last Modified: 2016-02-20
All of my Clients have stopped updating via WSUS July 5,6, or 7th.  I know that was when I did a large patch update.  And I did another one in October.

All indications on the WSUS server are that things are fine, all updates have been approved, I just didn't see anything that said they had failed, until I had to reindex my WSUS database for other issues.  

Now I have clients that are checked against the WSUS everyday, but nothing is being installed.

If I go the "Check Updates From Microsoft Update" things seem to work but takes a long time.

Thoughts - Suggestions - Concerns...
0
Comment
Question by:Travis Hahn
  • 12
  • 7
  • 4
23 Comments
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40553553
What leads you to believe they're not updating ??
Are the clients rebooted so that further updates can be detected installed ??
What errors are in the clients windowsupdate.log ???
0
 

Author Comment

by:Travis Hahn
ID: 40553671
The arent updating because both the client and the WSUS server indicate that there that updates were last installed on 7/5/2015

Attached is one of the LOGs from a problem client

This is what I am seeing

2015-01-16      03:57:17:469       964      92c      DnldMgr      ***********  DnldMgr: New download job [UpdateId = {FB8F3684-96E8-441E-B45D-8A5A0F1AB716}.200]  ***********
2015-01-16      03:57:17:469       964      92c      DnldMgr      Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update FB8F3684-96E8-441E-B45D-8A5A0F1AB716 is "PerUpdate" regulated and can NOT download. Sequence 1865 vs AcceptRate 0.
2015-01-16      03:57:17:469       964      92c      DnldMgr        * Update is not allowed to download due to regulation.
WUL.txt
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40554200
Make sure you have this update installed on your WSUS server

http://support.microsoft.com/kb/2828185
0
 

Author Comment

by:Travis Hahn
ID: 40557680
I installed the update on Friday, and I am still having issues.  Looks like most of my clients are showing to have errors
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40557958
Based on the log you provided, this client is not configured to use WSUS.

2015-01-14      03:24:15:590       964      7e8      Agent        * WSUS server: <NULL>
2015-01-14      03:24:15:590       964      7e8      Agent        * WSUS status server:<NULL>
0
 

Author Comment

by:Travis Hahn
ID: 40558062
Thats strange - here is my log for my laptop - which also shows errors
WindowsUpdate.log
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40558895
Please configure GP in client system, or you can deploy GP to all client system.
Please configure following GP to get updates from your WSUS server.
1. Open run and type "gpedit.msc"
2.under the "computer configuration" settings, expand the "administrative templates".
3. After that expand the "windows components".
4.Point to "windows update" and double click it.
5. Find and double click "Specify intranet Microsoft update service location".
6. on resultant window please provide your Wsus server details. and click ok.
7. You can find other option like automatic update frequency, turn on the notification etc... please configure as per your requirement.
8. Once you are done with configuration open run and type "gpupdate /force".

Please check and confirm.
0
 

Author Comment

by:Travis Hahn
ID: 40559992
I already have that set
CaptureWSUS.PNG
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40560401
Can you able to ping to WSUS server with name?

Can you please check the port is open, which you have mentioned in GP....user telnet to check.

Try to check with, configure GP with IP instead of WSUS server name and check.

Mean while you can check with this, I will find additional solutions.
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40560433
0
 

Author Comment

by:Travis Hahn
ID: 40560453
I can ping by name

I try to telnet iota-vcserver 8530 and get the blank response
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40560575
could you please provide me WSUS version details and os details.
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40561025
@Praveen Kumar Bonala the author has already confirmed that KB2828185 is installed(The latest WSUS version)


@Travis Hahn what do you get on clients when you run from cmd prompt ??

reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /s
0
 

Author Comment

by:Travis Hahn
ID: 40561192
Attached is the output.

I am almost thinking that the errors on the client are some type of residual updates that are "stuck"

I did a comparison of what has errors on a client (what WSUS says has failed) versus the list on the client, and on client it says its installed.
Capture.PNG
0
 

Author Comment

by:Travis Hahn
ID: 40561200
Attached are my screen shots
Failed.tiff
Failed2.tiff
Failed3.tiff
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40562025
On your WSUS server run the command WSUSutil.exe reset

The 80244019 error is most likely because the content is missing on the WSUS server.

https://technet.microsoft.com/en-us/library/cc720466%28v=ws.10%29.aspx

WSUSutil.exe reset will redownload any content that is detected as missing.

Also look over

http://kx.cloudingenium.com/microsoft/80244019-windows-update-encountered-an-unknown-error/
0
 

Author Comment

by:Travis Hahn
ID: 40562042
Okay - thats the Direction I am leaning in - that something happened thus clients and WSUS server are not on same page.

I have ran to command - will wait 24 hours to see if any change in client reporting.
0
 

Author Comment

by:Travis Hahn
ID: 40564156
I am still reporting that most of my clients have errors.

How do I "clear" the client so that they dont think they need to download/install a update that they already have or has been since replaced by a newer update?
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40564318
Run the following .bat on them

%Windir%\system32\gpupdate

%Windir%\system32\net.exe stop bits 
%Windir%\system32\net.exe stop wuauserv 
%Windir%\system32\net.exe stop cryptsvc
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
del %WINDIR%\WindowsUpdate.log /S /Q 
rd /s /q %windir%\softwareDistribution
%Windir%\system32\net.exe start cryptsvc
%Windir%\system32\net.exe start bits 
%Windir%\system32\net.exe start wuauserv 

wuauclt /resetauthorization /detectnow
wuauclt /reportnow

exit /B 0 

Open in new window

0
 

Author Comment

by:Travis Hahn
ID: 40570421
Dosent seem to be helping - the clients are still reporting that they need 26-28 updates from the WSUS server.  When I try to install they fail.

If I install all updates from Microsoft then 24 hours later the client is reporting that it needs those 28 updates.
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 40570556
Are the errors the same in the windowsupdate.log as earlier ???
0
 

Accepted Solution

by:
Travis Hahn earned 0 total points
ID: 40570795
I have attached some screen shots and the windosupdate.log

What I see happen is that I run the above .bat file, Client then says no updates.  I decline the failed updates on the server, run the WSUS server cleanup option; and all is good.  

However within 24 hours the same updates that I declied and "cleaned up" reappear and fail on the clients again.
CaptureDH.PNG
CaptureVC.PNG
DHWindowsUpdate.log
0
 

Author Closing Comment

by:Travis Hahn
ID: 41385873
To close the open question
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now