[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


Clients Not Updating - SBS2011 to Server 2012 R2

Posted on 2016-09-15
Medium Priority
Last Modified: 2016-09-15
So you understand my skill level, let me preface with saying that I am a self taught administrator with little formal training besides the online MCSA training course for Windows Server 2012.  I never took the actual test.  I also work for a small business and wear many different hats, so I do not focus all of my time on IT.

Back in July of 2015 we had a company migrate us from SBS 2011 to Server 2012 R2.  We did this so that we could install the latest version of Microsoft GP.  

The Problem:
The client computers are not checking the Microsoft Update portal for updates.  Some of the computers have not been updated for more than a year.

Our previous SBS 2011 installation had WSUS installed and running.  The current Server 2012 R2 installation does NOT have WSUS installed.  My guess is that there are some artifacts left behind from SBS 2011 WSUS that may be causing the clients to not be able to update from the MS Update portal.

Ultimate Goal:
Client computers need to be able to update from Windows Update without an admin to approve updates.  We have less than 20 client computers, so I am not concerned with update issues for such few clients.  However, we do run a multiple server environment, but I want to be notified before updates are installed.   I only have a couple server instances so manually checking the updates should be a problem even without WSUS installed.

How do I isolate the problem and correct it so that the clients can update and so I can manually install updates to servers?

Thanks in advance!
Question by:Darth Chadakin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 27

Accepted Solution

DrDave242 earned 2000 total points
ID: 41800224
It's likely that the Group Policy object that configures clients to get updates from the now-defunct WSUS server is still around, so clients are looking only to that server for updates. To confirm this, you can run gpresult /h c:\temp\gpresult.htm on a client (substitute your own file path if you like), then open the resulting HTML file in a browser (IE will be best, because that file will use an ActiveX control).

That file will show you all of the settings being controlled by Group Policy. The WSUS settings are located here:

Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Update

There are two specific settings to look at: Configure Automatic Updates and Specify intranet Microsoft Update location. The former setting controls things like whether the clients will automatically download and/or install updates, and if so, what time this will happen. Setting it to "Not Configured" will allow users to control these settings on their own machines. The latter setting is more important in your case, as it tells the clients where to find a WSUS server. If you set it to "Not Configured," clients will get updates from Microsoft rather than a WSUS server.

The HTML file will show you which GPO is controlling these settings. Use the Group Policy Management Console to modify that GPO. You can then run gpupdate /force on a client to manually refresh its Group Policy settings, or you can just wait for the refresh to happen automaticaly.

Author Comment

by:Darth Chadakin
ID: 41800318
Thanks for your response!

Making the adjustments now.  I will let you know how it goes!

Author Closing Comment

by:Darth Chadakin
ID: 41800627
Thanks for the help!

One note for other users that find the same issue, I did have to create the temp folder because I did not have one created already.  The run command would fail otherwise.

The report was extremely helpful.  It was also helpful in finding other GPO related issues that we had going on as well.

Thanks again!

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question