We help IT Professionals succeed at work.

How do you force computers to find the new WSUS server?

J.R. Sitman
J.R. Sitman asked
on
We built a new WSUS server and 13 of the 33 computers still have the old server name in their registry.  

How can I fix this?
Comment
Watch Question

nappy_dThere are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
Do you have active directory in your environment?

If so, you can configure WSUS via  GPO.

You then refresh the policies on your workstations with GPupdate /force.

The computers should then start finding the update server.
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
How did the old setting get in the registry.  That's *usually* GPO or some sort of script.  If you did it manually and have no method of pushing out the new setting...manual will be the option again.
Joe FulginitiNetwork Engineer
CERTIFIED EXPERT

Commented:
Try running gpupdate /force on the affected machines.
J.R. SitmanIT Director

Author

Commented:
Yes the WSUS setting are in a GPO.   That is why I am confused that some computers got the new setting and some did not.  The new WSUS server was created and the GPO updated 30 days ago.
J.R. SitmanIT Director

Author

Commented:
My apologies.  The registry setting is correct.  

Is this setting correct?

intranet
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
I don't recommend doing IP addresses. That actually goes against RFC and can cause problems in odd places.   Create an A record and use DNS.

Then, if possible, use https.  8531 is the default.

Otherwise, format and "usual" port, that is correct.
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:
J.R. SitmanIT Director

Author

Commented:
Yes, I ran Gpresult /r and the policy is there.

I will try the FQDN and HTTPS:.   However, we have 2 other locations and they use HTTP:
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
Note that switching to https *does* require configuration on your part.  I wasn't saying that was an issue. It was a general recommendation.  Security is more important than ever these days.  http and 8530 is fine for testing and getting your setup verified.
J.R. SitmanIT Director

Author

Commented:
ok.  I will leave it at HTTP
J.R. SitmanIT Director

Author

Commented:
Do not know if this is important but I have rebooted and forced update and ran wuauclt /reportnow and wuauclt /detectnow on 3, 64 bit computers and none of them are reporting in.    However, 2, 32 bit compuiters that logged on by the staff did report in.
CERTIFIED EXPERT
Distinguished Expert 2018
Commented:
Be patient. Especially if they are Win10. There are things that usually only happen during the maintenance scheduled tasks so forcing check-in doesn't work as you'd expect. 24-48 hours is normal.
J.R. SitmanIT Director

Author

Commented:
Thanks
J.R. SitmanIT Director

Author

Commented:
The being patient did not work.   Many of the computers never reported in after weeks of waiting.  We are no longer using WSUS.  We are switching to Automox.   Much better product.
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:
Please mark your comment as answer

Explore More ContentExplore courses, solutions, and other research materials related to this topic.