Windows update error using WSUS

Hi

I have recently deployed WSUS and am having an issue with a couple of updates. I have managed to deploy over 1000 security updates to all of our PC's but cannot get two updates to install on some of the PC's, I get the same error for both the updates. The PC's that have these updates installed Im assuming have had this update installed before I deployed WSUS.

The error I receive On the Client PC's is code 80244019

Having read up on this error I have read that this is linked to a potential Virus, having scanned the PC's using Mcafee I can confirm no Viruses are present on the PC's. I therefore referred to the WindowUpdate.log file

Upon inspection of this I can see the following errors (I have replaced server/domain names with ????)

2015-11-05      13:21:56:552      1128      1a88      DnldMgr        Progress failure bytes total = 11049823, bytes transferred = 0
2015-11-05      13:21:56:552      1128      1a88      DnldMgr        Failed job file: URL = http://lfv?????????.?????.local:8530/Content/7E/A21F22F5091D225C02895D4062942A95550A887E.cab, local path = C:\windows\SoftwareDistribution\Download\9d2d12c4b34d8cad2cc894ca890f31ca\windows6.1-kb2943357-x86.cab
2015-11-05      13:21:56:573      1128      1a88      DnldMgr      Error 0x80244019 occurred while downloading update; notifying dependent calls.
2015-11-05      13:21:56:599      1128      15b4      AU      >>##  RESUMED  ## AU: Download update [UpdateId = {C5EF6752-6195-40C6-B8BC-277199F18F1A}]
2015-11-05      13:21:56:599      1128      15b4      AU        # WARNING: Download failed, error = 0x80244019

Anyway if I try to browse to the location C:\Windows\SoftwareDistribution\Download folder on the WSUS server I cannot see the 9d2d12c4b34d8cad2cc894ca890f31ca Folder.

I also get a Http 404 error when trying to browse to URL  http://lfv?????????.?????local:8530/Content/7E/A21F22F5091D225C02895D4062942A95550A887E.ca from the client PC's

I therefore assume this is the cause of the issue, the fact the update that the client is attempting to download is not there. However I have attempted to reset WSUS using wsusutil.exe tool. To do this I opened a CMD prompt as an administrator, browsed to the %drive%\Program Files\Update Services\Tools folder and run the reset command.

I have also run a fresh syncronization within WSUS.

I have attempted to download the updates from the client PC's again and still receive the same error.

Does anybody have any ideas?

Thanks

Tom
Muir_GroupAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DonNetwork AdministratorCommented:
Sounds to me like the files havent finished downloading to the server yet.

On the home page(Click on server name in WSUS) and look at download status.
0
Muir_GroupAuthor Commented:
Hi dstewartjr

Thanks for your response, The download status shows the following

Updates needing files: 0

Thanks
0
DonNetwork AdministratorCommented:
On that same page, does your server indicate it's using port 8530 ???
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Muir_GroupAuthor Commented:
The connection settings are as follows:

Type: Local/SSL
Port: 8531
User role: Administrator
Server Version: 6.3.9600.16384

I did consider the port number but ruled this out as other updates have successfully been pulled from the Wsus server. We are using SSL encryption with our updates
0
Muir_GroupAuthor Commented:
Does any body have any further comments on this? Really starting to pull my hair out with this issue

Any help would be appreciated

Thanks
0
DonNetwork AdministratorCommented:
Ok I see Port: 8531

Does your group policies specify this as well ??

Quickest way to check is from command prompt type

Reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
0
Muir_GroupAuthor Commented:
Hi dstewart

Thanks for this. I can confirm I have completed all the steps in the article provided above. This is the article I used for support when originally setting Wsus up.

I can also confirm that the group policy specifies the SSL settings too. I have double checked this with the Reg query too.

Im beginning to think that maybe our Anti-Virus software is causing this, therefore Im currently awaiting for our security team to remove Mcafee Endpoint Encryption, DLP endpoint and on access scanner. Then I will reattempt with these uninstalled.

I will update this space one this has been completed

Thanks
0
DonNetwork AdministratorCommented:
Oh...cause your windowsupdate.log says

http://lfv?????????.?????.local:8530/Content/7E/A21F22F5091D225C02895D4062942A95550A887E.cab,

8530
1
Muir_GroupAuthor Commented:
see screenshots attached. I have double checked the settings on both the WSUS server and The client PC
Client-PC-reg-settings.JPG
Wsus-Settings.JPG
0
Muir_GroupAuthor Commented:
Hi dstewartjr

I cannot get my head round this at all. I have triple checked the GPO i have in place, I have triple checked the Client PC Registry settings which also states port 8531.

I have approved other updates for the PC's all of which have installed. I just cannot get the following updates to install

KB2943357
KB3033929
KB2864058
KB2742599

I can also confirm that after clearing out the Windowsupdate.log file reattempting the install the log file still shows the failure and references port 8530.

Is there any reasons that the 8530 port appears to being used for these updates? Im confused!

If I manually install the update (from windows update without WSUS) the updates install with no issues. However with having over 50 PC's with the same issue this is not really an option to follow up with

Thanks
0
DonNetwork AdministratorCommented:
Try deleting the wsus registry entries, and then run wuauclt / resetauthorization /detectnow
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Muir_GroupAuthor Commented:
This has resolved the issue. Thanks v.much
0
DonNetwork AdministratorCommented:
You're welcome
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.