WSUS

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers.

Share tech news, updates, or what's on your mind.

Sign up to Post

Think I broke my SCCM. Its all grayed outt. I have reinstalled WSUS and the role again still no use can someone please help
0
On Demand Webinar - Networking for the Cloud Era
LVL 9
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

I've set up a 2016 WSUS Server and have performed a successful synchronization. I've been testing with one server client (also 2016) just to make sure I can get it working correctly the way I want to before I go edit the Master GPO's on each domain and make this change permanent. The problem is I can't get this client to show in the WSUS Console

Firewalls are off on both server and each machine can ping each other. If I browse to http://WSUSservername I get hit with the IIS web page

When I open the local gpo on the client server, i've edited the correct windowsupdate policy object so that http://WSUSservername is the target WSUS server (I also see this http:// address in the registry)

What is it that i'm missing here? First time setting up WSUS in almost a decade so would appreciate some help! Thanks in advance
0
Just trying to see what I might be missing here or where to look to find the issue.

I have a standalone SCCM 1702 serving about 350 clients. I've deployed apps and update many times over the past year plus. I'm trying to deploy O365 update 1706 8229.2139 to 4 PCs that are in Current Channel via GPO. I have a GPO for enabling manage O365 from SCCM in place. I downloaded the update, created a Software Update Group and deployed it to the collection these PC are in as required with a 3 day deadline. All of the PCs show up under Monitor Deployment in the Unknown tab (1 as Client check passed/Inactive because the PC is powered down, and 3 as Client check passed/Active).

I have initiated a Software Update Evaluation from the SCCM console as well as from the Configuration Manager Client on the PCs and it just doesn't seem to initiate the download or show up as an available update, and I have no idea what to look for in which logs as I've followed some of the posts for troubleshooting and see errors of some point in most logs. Where does one start to troubleshoot this issue?
0
WSUS is being used to install Windows Updates on all PCs in this environment.
A recent batch of updates seems to have broken Office functionality. I want to remove them all to confirm if it is actually the updates that are causing the problem.
However when I try:

wusa /uninstall /kb:%%

Open in new window


This shows me that "KB%%% is not installed."
This is obviously not true since I see the KB in the "Installed Updates" list and can uninstall it manually.

I had a similar issue a few weeks ago and found that running msiexec works in this environment. In that case I had to remove a specific KB and used this command which I found in another forum:

psexec /accepteula \\%%a -e -w C:\ %Windir%\System32\msiexec.exe /I {90140000-0012-0000-0000-0000000FF1CE} MSIPATCHREMOVE={70DAB69D-244C-403A-9C0F-CB7748CD2991}

Open in new window


My question is how can I find these parameters in that command:
{90140000-0012-0000-0000-0000000FF1CE}  and {90140000-0012-0000-0000-0000000FF1CE}

since I think I will need to find those for each update in order to uninstall on all PCs.
Or is there another option?
0
Hi everyone.  We just went through our monthly pilot patching cycle last night and out of 17 servers on the list, we encountered errors with five of them.  Two (the 80244019 errors) showed patches available to download and install and also checked in with WSUS earlier in the day, prior to scheduled patching.  Three showed no patches available, but threw an error message (either 8024401f or 80244008) when I attempted to check for updates.  Two months ago (the last time I was on the hook to update servers), I did not see these errors.  I do not believe the individual who ran the patches last month saw these either.  Nothing I'm seeing in the Windows Update log leads to anything that would seem (to me, at least) to apply.

We have a script that does a number of different things to troubleshoot the issue.  Rather than listing them out, I've copied the script below.  I'll also upload the WindowsUpdate log files.

Beyond this, I found the WSUS Client Diagnostics Tool and there is a single error message that appears on every failed machine, but my Google Fu must be weak as I'm not seeing anything that makes sense.  There is no proxy server are there were not a lot of patches approved (and we've approved far more in the past, successfully).

Here is the script we run:

GetFileVersion(szEngineDir,&susVersion) failed with hr=0x80070002
The system cannot find the file specified

I've also checked that bandwidtch if perfectly fine; I can manually copy hundreds of Gb from the …
0
Win10 clients previously had GPO applied that made them update using a local WSUS Server, the GPO has now been removed, how do I make those clients update via windows update again? Using GPO preferably.

Thanks
0
Hi All,

I get the following error when I check for updates:

There were some problems installing updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for information: (0x80244022)

 
I then RDP to PRODWSUS01VM which is the windows update server set in my registry.

I ran the Update Services snapin and tried to connect to PRODWSUS01VM but I get the following error:

WSUS console
Can anyone here please assist me what stepsI need to do to ensure the WSUS is working again in my AD domain ?

Thanks,
0
Hi,

I'd need to deploy Outlook patch kb2878264, it is a very old one (2015):

https://support.microsoft.com/en-us/help/2878264/january-8-2015-update-for-outlook-2010-kb2878264

I would like to see which patch superseded it, but can't find it in the update catalog: http://www.catalog.update.microsoft.com/Search.aspx?q=kb2878264 

Please advise how I can find this.
J.
0
Hi All,

WSUS Clients are showing status "Not Reported Yet"

We have WSUS Server where clients are not receiving updates by the Server and the status is Not Yet Reported

Regards
System Support
0
hi team

we require a script which will copy the reg file to remote servers and add it in registry.

we are implementing wsus. we don't want to use the GP. so we would like to add the reg key in our servers. please help to provide a nice script.
0
Free Tool: Subnet Calculator
LVL 9
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Hello, on WSUS post installation, i am getting this error, and attached is the "tmp919A.tmp"


Log file is located at C:\Users\USER\AppData\Local\Temp\2\tmp919A.tmp
Post install is starting
Fatal Error: Attempted to perform an unauthorized operation.

any help ?
tmp919A.txt
0
Hi All,
We have SCCM 2012, Current Branch.
Been installed (by a consultant) about 6 weeks ago. We have ran into an issue with clients updating and not sure if they have ever updated since it's been installed
I think (I will double check) most of our clients are showing the following errors from the windowupdate.log

2017/08/03 22:09:18.4202729 312   3520  ProtocolTalker  SyncServerUpdatesInternal failed 0x8024401c
2017/08/03 22:09:18.4246690 312   3520  Agent           Failed to synchronize, error = 0x8024401C

I have attached logs from 3 Windows 10 machines. These include WU log and WUAHandler.log
Also attached are 2 SCCM Log files

What I have tried.
1. Can telnet onto port 8530 from any client machine
2. Checked event logs
3. Rebooted SCCM Server
4. Made the changes as per this article - all through I don't think it was relevant - https://blogs.msdn.microsoft.com/the_secure_infrastructure_guy/2015/09/02/windows-server-2012-r2-wsus-issue-clients-cause-the-wsus-app-pool-to-become-unresponsive-with-http-503/
5. Ran through this article - https://technet.microsoft.com/en-us/library/bb735874.aspx.
But still haven't been able to crack the issue.

Questions
1. Can you still use WU to check for updates that will just go to your SCCM Server and expect to find and install updates? Or do updates get installed differently using ADR's?
I was expecting to click "Check for Updates" and find available updates.

2. Under update history, would I still see updates …
0
Hey guys,

My C: drive is running low on space on my SBS 2011 server, i ran a scan, and i see in the WSUS folder, there is a SUSDB.mdf file of 20GB. How can i free up space in this folder properly?
0
Hi Experts

is there anyway get a report of last patched status of group of servers from wsus. I want to know when was the  patches installed last.
0
We have a WSUS services running on a Windows 2008 server that uses a SQL Express database.  

Is it possible to open up the database using SQL server management studio on another server remotely?
0
I had this question after viewing On an SBS 2011 server what do you think about turning off WSUS and how would you do that?.

The SBS Console shows that the 3 workstations are missing 10 or 11 updates that have been downloaded.  But the Updates tab of the console does not show any undeployed updates and the workstations think they are up to date.
0
Is there a way within WSUS to show only the updates that have not had the update downloaded or the download needs to be retried?
0
Microsoft updates are getting too large and take too long to download. I work for a school and we have over 250 windows computers that share 100MB internet and they take a long time to update and update at bad times. i am trying to create a wsus server, but keep getting connection errors. we have a xtm525 watchguard firewall and was told there may be a way to prevent the updates at different times. is this correct? Does anyone know how?

thank you
0
Hi

we have mulitple machines running Windows 8.1 , those machines are their respective OUs in AD and there was a policy created for them to point towards our WSUS server onsite to get their updates, up until this month the machines were receiving them correctly, this month however multiple machines are stuck on 99% in WSUS,  once we check the details of the updates we see that the same 3 updates for the windows 8.1 machines will not install, we have marked them for removal and set a specific deadline but the deadline passed and still the machines status do not change and remain at 99%, can anyone please advise?

the three updates -

KB4025336
KB4025333
KB4025252
0
Free Tool: Port Scanner
LVL 9
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Just setup a WSUS server on Server 2016.  Group policies are set and our test systems are checking in to WSUS just fine.  However, they're not showing any Windows 10 updates as needed by the machines.  If we interactively run Windows Update, they need (For example) June and July's monthly security patches.  WSUS says they're not needed or applicable.

We ARE seeing all Office updates that are needed by the machines.

I've read about the various hotfixes and patches needed to make Windows 10 work properly under WSUS, but those are only for 2012 or 2012R2.  No known hotfixes or patches I can find for WSUS under Server 2016.

Any ideas?
0
Just the last couple of days our 500+ WSUS clients go straight to

Error 8024401f

The WSUS server 2012r2  has been rebooted, and appears to be OK, syncs updates from MS etc. It will not even update itself from itself.

Can anyone please advise?
Thanks
0
WSUS error: connection error
i can get the console open, but after using it a while i get this error.

2017-07-18_7-21-28.jpgthis is what it shows in the event log.
The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The operation has timed out

Source
System.Web.Services

Stack Trace:
   at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.ApiRemotingCompressionProxy.GetWebResponse(WebRequest webRequest)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, Int32 publicationState)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, ExtendedPublicationState publicationState)
   at Microsoft.UpdateServices.Internal.BaseApi.Update.SearchUpdates(UpdateScope searchScope, ExtendedPublicationState publicationState, UpdateServer updateServer)
   at Microsoft.UpdateServices.UI.AdminApiAccess.UpdateManager.GetUpdates(ExtendedUpdateScope filter)
   at …
0
Hi all,

We have a setup, where all computers are connected to the Head Office WSUS server so that we have a better visibility of all computers and we control which updates need to be downloaded.

Some of the computers are at our remote sites (connected via VPN) and we would like to reduce the bandwidth. Thus, we were thinking of having a physical server at our remote site which downloads the updates that we at the Head Office authorise and the clients download from the local WSUS site server.

The administrator still needs to control everything from the Head Office and authorise updates from 1 location (HO).

Thanks.
0
We are a corporate environment with a single WSUS server. We have our main headquarters where the majority of our devices reside, but we also have a few remote offices with slower internet connections. Our issue is that ever since we started deploying Windows 10 to PCs at our remote locations, we started having big bandwidth issues at those remote locations when deploying Windows Updates with WSUS. I see in previous operating systems you could throttle the BITS service with a GPO. That doesn't appear to be an option for Windows 10 devices. Does anyone have any recommendations? Thanks!
0
Hi

I have recently installed and started running WSUS on Windows Server Std 2012 R2.
I have got all the computers on our network connecting to it.
It keep crashing and giving the following error information:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The request failed with HTTP status 503: Service Unavailable.

Source
System.Web.Services

Stack Trace:
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPGetConfiguration()
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPGetConfiguration()
   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServerConfiguration.Load()
   at Microsoft.UpdateServices.Internal.ClassFactory.CreateWellKnownType(Type type, Object[] args)
   at Microsoft.UpdateServices.Internal.ClassFactory.CreateInstance(Type type, Object[] args)
   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServer.GetConfiguration()
   at
0

WSUS

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers.

Top Experts In
WSUS
<
Monthly
>