Solved

WSUS - Computers showing Not Yet Reported

Posted on 2016-10-31
13
1,153 Views
Last Modified: 2016-11-06
I have set up a WSUS server on a Windows Server 2008 R2 32 bit.  The install went fine.  I created a GPO on my Domain Server with automatic updates.  I have about 350 computers spread across the state in 16 different sites.  Most of the computers are showing up on WSUS but only about 325 are showing the status of Not yet Reported.  I noticed that when I set it up the update process for the computers is very slow.  I set my computers to register through Update Services console instead of Group Policy, I don't know if that makes a difference or not. I don't know why some computers are reporting a status just fine and others are not.

the group of people with computers that are in my building, I had them restart their computers to see if it would register.  I have seen so much information on here, but my concern that it is fine for working with computers in your facilities, but most of these are 1 to 2 hours away from me and I would have to remote into everyone to run some of the scripts that I have seen on here.  Is there a simpler way to do this.

I have even considered reinstalling everything, but I have to start the automatic updates by Wednesday of this week.
0
Comment
Question by:Salonge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +1
13 Comments
 
LVL 35

Assisted Solution

by:Seth Simmons
Seth Simmons earned 167 total points
ID: 41867011
what is the network speed to these other sites?  how long has it been since it said 'not yet reported'?
it would take a little time for it to update but should show in the console in less than a half hour or so depending on the speed between sites.  to force a check from the command line, use wuauclt /detectnow.

as far as the computer groups go, the GPO is what matters the most.  the computer groups in the wsus console are for organizing systems for display purposes.  if you changed to using GPO instead of the console, then you need to create computer groups that match the names of the 'client-side target' value in the GPO.

for the remote systems, i use psexec from sysinternals.  i can run a command remotely from the command line so if i wanted to run wuauclt i can do it from my machine (assuming you have admin rights on the remote system).

you should also look at the value of the check frequency in the GPO.  it might be configured to not check very often.
0
 
LVL 21

Assisted Solution

by:Radhakrishnan R
Radhakrishnan R earned 167 total points
ID: 41867046
Hi,

Since it's 2008 R2, you need to install some other updates (WSUS 3 SP2, an update for wsus etc) onto the WSUS server. This will help to identify and client machines and detect the updates.

https://support.microsoft.com/en-in/kb/2720211
https://support.microsoft.com/en-in/kb/2828185
https://support.microsoft.com/en-in/kb/2938066

Thanks
0
 

Author Comment

by:Salonge
ID: 41867142
Thanks.

I ran all the updates and still no change.

Seth - What is the syntax to use with PsExec to put this command on all of my remote computers.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:Salonge
ID: 41867326
I have psexec installed and trying to run that wuauclt / detectnow or reportnow commmand and it doesn't work.  It says that the system cannot find the file specified.
0
 
LVL 7

Assisted Solution

by:Hector2016
Hector2016 earned 166 total points
ID: 41867362
Hello,

To force computers to report to the wsus server with PSEXEC use this(PCLIST.txt is the list of computer names one per line):

PSEXEC.exe @PCLIST.txt wuauclt /repornow

If any computer can not report to WSUS then check connectivity with PING and TELNET from the client to the WSUS TCP port (typically 80 or 8530).

Once the computers are reporting to the wsus server you can let them update as needed. Please read my article for a script to launch Windows Updates installation.

To use it with PSEXEC, copy the VBS script to the Netlogon folder on any domain controller, then run it with this line from your Administration computer:

PSEXEC -User Admin -Password MyPassword -h cscript.exe /nologo \\my.domain.name\netlogon\doupdate.vbs /nr
0
 

Author Comment

by:Salonge
ID: 41867369
Hector2016

Can I use the wild card PSEXEC \\* wuauclt /reportnow?  I have over 300 computer reading with the status of Not yet reporting.
0
 

Author Comment

by:Salonge
ID: 41867476
Okay, I was able to run the psexec on several computers.  Why is it that several of my computers that are showing as not yet reported, I am unable to ping them from the WSUS server.  Why is this showing up in the console if the WSUS cannot contact the computer?
0
 
LVL 7

Expert Comment

by:Hector2016
ID: 41868156
Yes, you can use the \\* option.

It is probably due to some firewall or application control feature on those computers, that is blocking you to ping them and blocking the Windows Update Client to connect to your WSUS server.

Did you try TELNET from the failing clients to the WSUS TCP port. Example, TELNET MyWSUS 8530 That should response with a black screen. Then press CTRL+C and you must see something like this:

Testing WSUS with TELNET
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 41868382
I am unable to ping them from the WSUS server

sounds like a network or firewall issue somewhere and there is only partial communication
0
 

Author Comment

by:Salonge
ID: 41868415
Nothing was working, so I did a reinstall, reconfigured my GPO with the updated adm for Server 2008.  I will let you know if it works this time.
0
 
LVL 7

Assisted Solution

by:Hector2016
Hector2016 earned 166 total points
ID: 41868622
You can use the Solarwind free WSUS diag tool (Requires .Net) to verify a few things in the client configuration. Just download and run it, it is very useful.

http://www.solarwinds.com/products/freetools/diagnostic-tool-for-wsus-agent.aspx
0
 

Accepted Solution

by:
Salonge earned 0 total points
ID: 41869026
Thank you all for your assistance.  I uninstalled everything and reinstalled it.  I ran the one update instead of 3 and it is working like a charm.  The computers are registering and the updates downloaded.  Thank you all for your assistance and will give you credit for assisting me with this.
0
 

Author Closing Comment

by:Salonge
ID: 41876014
I had to reinstall everything and it worked fine.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question