Solved

Clients Not Updating - SBS2011 to Server 2012 R2

Posted on 2016-09-15
3
112 Views
Last Modified: 2016-09-15
So you understand my skill level, let me preface with saying that I am a self taught administrator with little formal training besides the online MCSA training course for Windows Server 2012.  I never took the actual test.  I also work for a small business and wear many different hats, so I do not focus all of my time on IT.

Back in July of 2015 we had a company migrate us from SBS 2011 to Server 2012 R2.  We did this so that we could install the latest version of Microsoft GP.  

The Problem:
The client computers are not checking the Microsoft Update portal for updates.  Some of the computers have not been updated for more than a year.

Theory:
Our previous SBS 2011 installation had WSUS installed and running.  The current Server 2012 R2 installation does NOT have WSUS installed.  My guess is that there are some artifacts left behind from SBS 2011 WSUS that may be causing the clients to not be able to update from the MS Update portal.

Ultimate Goal:
Client computers need to be able to update from Windows Update without an admin to approve updates.  We have less than 20 client computers, so I am not concerned with update issues for such few clients.  However, we do run a multiple server environment, but I want to be notified before updates are installed.   I only have a couple server instances so manually checking the updates should be a problem even without WSUS installed.

Question:
How do I isolate the problem and correct it so that the clients can update and so I can manually install updates to servers?

Thanks in advance!
0
Comment
Question by:Darth Chadakin
  • 2
3 Comments
 
LVL 26

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 41800224
It's likely that the Group Policy object that configures clients to get updates from the now-defunct WSUS server is still around, so clients are looking only to that server for updates. To confirm this, you can run gpresult /h c:\temp\gpresult.htm on a client (substitute your own file path if you like), then open the resulting HTML file in a browser (IE will be best, because that file will use an ActiveX control).

That file will show you all of the settings being controlled by Group Policy. The WSUS settings are located here:

Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Update

There are two specific settings to look at: Configure Automatic Updates and Specify intranet Microsoft Update location. The former setting controls things like whether the clients will automatically download and/or install updates, and if so, what time this will happen. Setting it to "Not Configured" will allow users to control these settings on their own machines. The latter setting is more important in your case, as it tells the clients where to find a WSUS server. If you set it to "Not Configured," clients will get updates from Microsoft rather than a WSUS server.

The HTML file will show you which GPO is controlling these settings. Use the Group Policy Management Console to modify that GPO. You can then run gpupdate /force on a client to manually refresh its Group Policy settings, or you can just wait for the refresh to happen automaticaly.
0
 

Author Comment

by:Darth Chadakin
ID: 41800318
Thanks for your response!

Making the adjustments now.  I will let you know how it goes!
0
 

Author Closing Comment

by:Darth Chadakin
ID: 41800627
Thanks for the help!

One note for other users that find the same issue, I did have to create the temp folder because I did not have one created already.  The run command would fail otherwise.

The report was extremely helpful.  It was also helpful in finding other GPO related issues that we had going on as well.

Thanks again!
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question