Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 74
  • Last Modified:

WSUS clients have all stopped updating in July

All of my Clients have stopped updating via WSUS July 5,6, or 7th.  I know that was when I did a large patch update.  And I did another one in October.

All indications on the WSUS server are that things are fine, all updates have been approved, I just didn't see anything that said they had failed, until I had to reindex my WSUS database for other issues.  

Now I have clients that are checked against the WSUS everyday, but nothing is being installed.

If I go the "Check Updates From Microsoft Update" things seem to work but takes a long time.

Thoughts - Suggestions - Concerns...
0
Travis Hahn
Asked:
Travis Hahn
  • 12
  • 7
  • 4
1 Solution
 
Donald StewartNetwork AdministratorCommented:
What leads you to believe they're not updating ??
Are the clients rebooted so that further updates can be detected installed ??
What errors are in the clients windowsupdate.log ???
0
 
Travis HahnIT ManagerAuthor Commented:
The arent updating because both the client and the WSUS server indicate that there that updates were last installed on 7/5/2015

Attached is one of the LOGs from a problem client

This is what I am seeing

2015-01-16      03:57:17:469       964      92c      DnldMgr      ***********  DnldMgr: New download job [UpdateId = {FB8F3684-96E8-441E-B45D-8A5A0F1AB716}.200]  ***********
2015-01-16      03:57:17:469       964      92c      DnldMgr      Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update FB8F3684-96E8-441E-B45D-8A5A0F1AB716 is "PerUpdate" regulated and can NOT download. Sequence 1865 vs AcceptRate 0.
2015-01-16      03:57:17:469       964      92c      DnldMgr        * Update is not allowed to download due to regulation.
WUL.txt
0
 
Donald StewartNetwork AdministratorCommented:
Make sure you have this update installed on your WSUS server

http://support.microsoft.com/kb/2828185
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Travis HahnIT ManagerAuthor Commented:
I installed the update on Friday, and I am still having issues.  Looks like most of my clients are showing to have errors
0
 
Donald StewartNetwork AdministratorCommented:
Based on the log you provided, this client is not configured to use WSUS.

2015-01-14      03:24:15:590       964      7e8      Agent        * WSUS server: <NULL>
2015-01-14      03:24:15:590       964      7e8      Agent        * WSUS status server:<NULL>
0
 
Travis HahnIT ManagerAuthor Commented:
Thats strange - here is my log for my laptop - which also shows errors
WindowsUpdate.log
0
 
Praveen Kumar BonalaProgrammer AnalystCommented:
Please configure GP in client system, or you can deploy GP to all client system.
Please configure following GP to get updates from your WSUS server.
1. Open run and type "gpedit.msc"
2.under the "computer configuration" settings, expand the "administrative templates".
3. After that expand the "windows components".
4.Point to "windows update" and double click it.
5. Find and double click "Specify intranet Microsoft update service location".
6. on resultant window please provide your Wsus server details. and click ok.
7. You can find other option like automatic update frequency, turn on the notification etc... please configure as per your requirement.
8. Once you are done with configuration open run and type "gpupdate /force".

Please check and confirm.
0
 
Travis HahnIT ManagerAuthor Commented:
I already have that set
CaptureWSUS.PNG
0
 
Praveen Kumar BonalaProgrammer AnalystCommented:
Can you able to ping to WSUS server with name?

Can you please check the port is open, which you have mentioned in GP....user telnet to check.

Try to check with, configure GP with IP instead of WSUS server name and check.

Mean while you can check with this, I will find additional solutions.
0
 
Travis HahnIT ManagerAuthor Commented:
I can ping by name

I try to telnet iota-vcserver 8530 and get the blank response
0
 
Praveen Kumar BonalaProgrammer AnalystCommented:
could you please provide me WSUS version details and os details.
0
 
Donald StewartNetwork AdministratorCommented:
@Praveen Kumar Bonala the author has already confirmed that KB2828185 is installed(The latest WSUS version)


@Travis Hahn what do you get on clients when you run from cmd prompt ??

reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /s
0
 
Travis HahnIT ManagerAuthor Commented:
Attached is the output.

I am almost thinking that the errors on the client are some type of residual updates that are "stuck"

I did a comparison of what has errors on a client (what WSUS says has failed) versus the list on the client, and on client it says its installed.
Capture.PNG
0
 
Travis HahnIT ManagerAuthor Commented:
Attached are my screen shots
Failed.tiff
Failed2.tiff
Failed3.tiff
0
 
Donald StewartNetwork AdministratorCommented:
On your WSUS server run the command WSUSutil.exe reset

The 80244019 error is most likely because the content is missing on the WSUS server.

https://technet.microsoft.com/en-us/library/cc720466%28v=ws.10%29.aspx

WSUSutil.exe reset will redownload any content that is detected as missing.

Also look over

http://kx.cloudingenium.com/microsoft/80244019-windows-update-encountered-an-unknown-error/
0
 
Travis HahnIT ManagerAuthor Commented:
Okay - thats the Direction I am leaning in - that something happened thus clients and WSUS server are not on same page.

I have ran to command - will wait 24 hours to see if any change in client reporting.
0
 
Travis HahnIT ManagerAuthor Commented:
I am still reporting that most of my clients have errors.

How do I "clear" the client so that they dont think they need to download/install a update that they already have or has been since replaced by a newer update?
0
 
Donald StewartNetwork AdministratorCommented:
Run the following .bat on them

%Windir%\system32\gpupdate

%Windir%\system32\net.exe stop bits 
%Windir%\system32\net.exe stop wuauserv 
%Windir%\system32\net.exe stop cryptsvc
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
del %WINDIR%\WindowsUpdate.log /S /Q 
rd /s /q %windir%\softwareDistribution
%Windir%\system32\net.exe start cryptsvc
%Windir%\system32\net.exe start bits 
%Windir%\system32\net.exe start wuauserv 

wuauclt /resetauthorization /detectnow
wuauclt /reportnow

exit /B 0 

Open in new window

0
 
Travis HahnIT ManagerAuthor Commented:
Dosent seem to be helping - the clients are still reporting that they need 26-28 updates from the WSUS server.  When I try to install they fail.

If I install all updates from Microsoft then 24 hours later the client is reporting that it needs those 28 updates.
0
 
Donald StewartNetwork AdministratorCommented:
Are the errors the same in the windowsupdate.log as earlier ???
0
 
Travis HahnIT ManagerAuthor Commented:
I have attached some screen shots and the windosupdate.log

What I see happen is that I run the above .bat file, Client then says no updates.  I decline the failed updates on the server, run the WSUS server cleanup option; and all is good.  

However within 24 hours the same updates that I declied and "cleaned up" reappear and fail on the clients again.
CaptureDH.PNG
CaptureVC.PNG
DHWindowsUpdate.log
0
 
Travis HahnIT ManagerAuthor Commented:
To close the open question
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 12
  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now