Just setup a WSUS server on Server 2016.  Group policies are set and our test systems are checking in to WSUS just fine.  However, they're not showing any Windows 10 updates as needed by the machines.  If we interactively run Windows Update, they need (For example) June and July's monthly security patches.  WSUS says they're not needed or applicable.

We ARE seeing all Office updates that are needed by the machines.

I've read about the various hotfixes and patches needed to make Windows 10 work properly under WSUS, but those are only for 2012 or 2012R2.  No known hotfixes or patches I can find for WSUS under Server 2016.

Any ideas?

WSUS error: connection error
i can get the console open, but after using it a while i get this error.

this is what it shows in the event log.
The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The operation has timed out

Source
System.Web.Services

Stack Trace:
   at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.ApiRemotingCompressionProxy.GetWebResponse(WebRequest webRequest)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, Int32 publicationState)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, ExtendedPublicationState publicationState)
   at Microsoft.UpdateServices.Internal.BaseApi.Update.SearchUpdates(UpdateScope searchScope, ExtendedPublicationState publicationState, UpdateServer updateServer)
   at Microsoft.UpdateServices.UI.AdminApiAccess.UpdateManager.GetUpdates(ExtendedUpdateScope filter)
   at …

We are a corporate environment with a single WSUS server. We have our main headquarters where the majority of our devices reside, but we also have a few remote offices with slower internet connections. Our issue is that ever since we started deploying Windows 10 to PCs at our remote locations, we started having big bandwidth issues at those remote locations when deploying Windows Updates with WSUS. I see in previous operating systems you could throttle the BITS service with a GPO. That doesn't appear to be an option for Windows 10 devices. Does anyone have any recommendations? Thanks!

.
bgbisapi.msi could not install

We would like to set up a WSUS server in our DMZ (Internet Facing) for our external users to get MS updates.  I believe for licensing (EULA) requirements the users would have to vpn into the network to get the approved updates.
This would be managed separately from our internal WSUS server, so we don't need to 'downstream' updates from the DMZ  WSUS server to our internal WSUS server.
Server:  Windows 2016 Std, WSUS v 10.
Any suggested links, information, certificate requirements, etc., would be greatly appreciated.

Thank you,

I have in the past used registry settings on my Windows 7 clients to get them to report to WSUS on 2008 server and all worked fine.  With my new 2012 r2 WSUS server (with same name and ip) they are not listing themselves in the console.  I had to rebuild the 2008 WSUS server once in the past and the clients just showed up after reporting day and time had passed.  I did a detectnow from one machine and it still didn't show in the console.  Any direction for this.

I have setup a new server and am running WSUS 10.0.14393.0 on Windows Server 2016. Updates will download but will stop after a while.
Current WSUS status is
- Updates needing files : 5928
- Downloaded 45,683.32MB of 258,732.17MB.
It has been stuck at this for more than a week. I can see network activity occasionally which could range to a couple of gigs every 6-8 hours but the WSUS status does not change

On checking the Application event logs, i can see. Event id 364  Errors
 " Content file download failed.
Reason: The connection was closed prematurely.
 Source File: /msdownload/update/software/crup/2013/03/powerpoint-x-none_4334ff5b7aaec52b4bda630dba2aa91a89057782.cab
Destination File: D:\WSUS\WsusContent\82\4334FF5B7AAEC52B4BDA630DBA2AA91A89057782.cab"

Event id 10032 Errors
The server is failing to download some updates.

I have updated BITs to run in the foreground.
the server has been excluded from the internal Firewall, https inspection and Caching.
I have also tried removing and adding the WSUS role and WID database.
Has anyone come across something similar?
cheers

So, we run WSUS on Server 2012 R2 for our environment.

In June, the 15th to be exact, I approved a rollup that contained a two specific patches.  When I search on those two specific patches, I can see the date I approved them since I use deadlines when I approve.  So, I know I approved the rollup and I have confirmed that the two specific KBs are in the rollup.

So, after I have run thru all of my patching, I run Computer Tabular Status for Approved Updates and it looks like all but one or two of my servers are all compliant.

Then I go back and I search on the two specific KBs and I do a detailed report and I find that over 100 servers do not have the patch in question.  

The patch was approved in the rollup.  The rollup was installed.  The Computer Tabular Status for Approved Updates report does not show any servers missing approved updates, yet my detailed report shows that the two specific KBs are needed on over 100 computers.  

This discrepancy in reporting is killing me!

So, if the KB is in the rollup, will it not show up in a report looking for the specific KB?  Or, another way to put it, will the specific KB only show in a report looking for that specific KB if the KB was installed standalone and not in a rollup?

I logged into some of the servers and I do not see the KB and that is matching up pretty well with the detailed report.

I'm just confused on why the reporting discrepancies.

Thanks

Cliff

So, I have this rollup I pushed on 6/15 to all of my servers.  Inside that rollup is a KB - 4021903.  For reasons too long to explain, I need to know if that specific KB is installed on my servers.  I have figured out how to tell that.

My question is, if the KB is installed as part of a rollup, will it still show if I do a separate search for the KB?

Here's what's going on...I pushed out the rollup to ALL of my computers.  I know I did...I can look for the rollup in the approved patch list and it's there.  However, I ran a powershell, and a detailed report in WSUS and it looks like the KB is NOT installed on a large number of my servers.

When I run a report on all approved and installed updates, ALL of my servers except two are compliant.  BUT, when I run the detailed reports, and the powershell scripts, I see a large number of servers that do not have the KB in question.

So, I was thinking that since the KB is in the rollup, it might not show up as in a search for the standalone KB.

Am I right or wrong?

Thanks

Cliff

Except for one client computer that recently joined the domain,  none of the 65+ clients are showing up in the WSUS 'all computers' list.   Tried  wuaclt.exe /detectnow and gpupdate /force.   No Joy.   Wsus has collected updates, 130gb worth, and seems ready to serve.   What do I do?

I've just installed and activated Server 2016, and learned that I need to use the sconfig utility to set my Windows Update preferences, as download only mode and manual mode aren't exposed in the new GUI.

When I launch sconfig, the "Windows Update Settings" setting is set to custom.  However, whenever I try to switch to manual mode (option 5, then the letter M), the console displays "Setting updates to Manual...", and a separate alert appears, "Windows Update set to Custom.  System has custom configuration for updates."  After I dismiss the alert, the sconfig main menu reappears, and the setting is still "custom".  Here's a screenshot of what I'm referring to:


Why won't sconfig accept the manual setting?  This server doesn't participate in WSUS, and all of the WU settings in local policy (Computer Config-->Admin Templates-->Windows Components-->Windows Update) show as "Not Configured".

Can WSUS be located on a separate server and still be integrated with SCCM in pushing out updates?

We have a server running SERVER 2012 R2 with 40GB RAM and lots of disc space. We use Yosemite Server Backup.

We recently replaced our QNAP NAS with more storage space. Previously on the older 12TB QNAP unit we backed up nightly via an iScsi connection to the NAS and this worked very well for a number of years.

With the new NAS I switched to using a UNC path (\\qnap\backup) for the nightly backup process, it works well and the throughput, at its highest, is around 3gb/min. I choose this method so that I didn't have a permanent connection to the NAS backup folder as a precaution against encryption viruses hitting the backup device.

However once the backup has finished, a number of services start to fail on the server and it becomes sluggish. When trying to restart the services results in Not Enough Storage available to complete the process. WSUS, DHCP, etc. Rebooting the server is the only option.

I have disabled tonights backup to see if this is what is causing the issue as it is the only thing I have changed in the last few weeks.

Does anyone else have knowledge of this. I have also not yet tweaked the irpstacksize registry value which doesn't exist on Server 2012 R2. I have read mixed messages as to whether this is necessary.

All network connections run at a 1000mbps. Server is domain controller and file server with Office 365 for Exchange email. The QNAP is connected to the domain.