WSUS

830

Solutions

3

Articles & Videos

974

Contributors

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers.

Share tech news, updates, or what's on your mind.

Sign up to Post

TL;DR: Microsoft Updates are failing with 0x8024002e using WSUS or straight from Microsoft. We run Windows 10, and it is affecting most of our 150 workstations.
-----------------------------------------------
We have been running (with spotty success) a WSUS server for several years, and it periodically blows up. Fine. This most recent time I set a new one up from scratch, synced and let the GPO do its thing. At some point in time, I'm not sure exactly which Patch Tuesday, people got  0x8024002e error across the board. It wouldn't even try on the workstation, if you hit "Update" it would immediately return the error.

So, I changed the GPO to let people download MS Updates from MS, and eliminated WSUS. Well, people get a list of waiting updates, but they are basically failing with the same error.

I'm familiar with Update blowouts, and all the byzantine steps you're supposed to take to rectify it, and most of the time it fails and I've wasted 45 minutes going through all the various suggestions online...which usually link back to the same two or three solutions (stop the services, rename SoftwareDistribution and catroot2, pray, reset security contexts, blah blah blah).  0x8024002e seems to be a pretty nebulous error. My feeling is WSUS corrupted the updates somehow, and now they can't get the updates from MS either.

So, not only have the solutions really not worked, but even if that were a solution, it would take roughly a week to do that on every …
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

OK this seems shocking to me.  I've just started a new sys admin role (my 1st sys admin role) and I am looking after a clients SBS2011 server which has over 35000 updates waiting to be approved/installed.  I've got the number down a bit by removing superseded updates but I'm after some advice.  I'll be starting with Critical and then Security updates 1st by trickling them in but should I be looking at installing all of them or can I get by on just the Critical/Security updates?

A bit of extra background.  The current sys admin is leaving and the only other guy here is more 1st/2nd line so isn't much help.  Google has been my only friend so far.  That being said, advice is definitely required so feel free to chip in with your thoughts.
0
Hello all,
I have a brand new Windows 2016 Standard server with WSUS installed on it.  This has been working great for the past two months.  The WSUS is using WID for it's database.
We had to install SQL server 2016 on the same server and since then the WSUS will not come up.
Every time I try to run it I get an error that it is not responding.
I have no idea what to do on this.
Please help.
Thanks,
Kelly W.
0
We currently run WSUS for updating our client systems across all our sites.
It's a single WSUS server at head office with all clients set to receive and install updates through the night.

We have an issue were laptop users visit other sites and connect to the WIFI, because their laptop has not been on through out the night they start downloading all the updates at the remote site over our MPLS. This causes a strain on our bandwidth that we can't have.

Is there any way that I can setup laptop users to only download updates when they are connected to our head office network (VLAN)?
0
If a security patch in declined in WSUS, will it be removed automatically on my client's workstation ?

Thx
0
Hi,

Considering to use WSUS...
Every once in a while I get a new computer to install windows, I have a lan network with no internet access.
If I connect WSUS to the internet once a week to get updated from microsoft - can I than use it to update computers that are not in my domain... ? I do not want them in my domain,
Just to connect the lan and have them pull the updates from WSUS and then pass them to other network?
0
A security patch can't be applied to a Exchange server and the server is repoerted as 99% completed. On the Window update of the Exchnage server, it is reported as up-to-date.

Any idea why the patch can't be updated ? Is it possible to remove the update for this server only such that it will reported the status as 100%

Thx
C--temp-WSUSUpdate.png
0
All our windows 7 (32 bit)  clinets don't get  pateches kb4012212 and 4012212 installed when we pushed out on WSUS.
report sayas it's not applicable ? They do get KB3024777 which we never apporved on wSUS . So why kb4012212 and 4012212 not getting instllaed. WSUS syasy in a report says   "Not applicable" whay does it mean ? and why KB3024777 getting isntalled even we don't apporve it? our 64 bit windows 7 cients are getting both patches installed with not problem , its just a 32 bit have problem.

WSUSWSUS
0
Hello

The D drive of WSUS server is almost full because of "Wsuscontent" folder.

Kindly let me know any suitable solution to fix this problem without affecting the server (Windows Server 2012 Standard).

Thanks & regards

Yousuf
0
We have recently installed a new WSUS server and also migrated to some Windows 10.   We have noticed that there are allot of updates for Windows 10 machines that are For Language packs.  But they are not getting installed on the machines.  They just sit on the server showing 110 updates needed but don't get installed.  All other types of updates are working normally.   Any ideas on how to get these installed?
0
[Webinar] How Hackers Steal Your Credentials
LVL 9
[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Hello, I have been working on trying to repair a WSUS server role on my SCCM2012 server and I ended up uninstalling and reinstalling the WSUS role from the Server 2012 R2 server. I am having problems with getting client computers to access and report into the server. I have run the Solar Winds WSUS diag tool and I keep getting these three errors. But, as I research it looks to me that these are all false positives. I am not sure what to do at this point as I have over 800 machines that have been in a Not Reported status for 4 days. I have looked at the GPO and everything looks correct. I have them pointing to http://SERVER:8530. I am not really sure what else I can look at. I feel this is more of an issue with IIS and the machines can't report back? Looking forward to any help.

Thank you!
-Mike
0
Hello,

I have a WSUS server which the WSUS content is under d:\wsus.

I want to copy the entire d:\wsus to the new E drive and delete d:\wsus.  What do I need to do to have make the WSUS server to recognize the new location?

Thanks.
0
hi guys

We're trying to update the systems on our network. I am looking at WSUS, but so far that I see, it doesn't provide the ability to see what computers have had which updates or some sort of comprehensive reporting? Maybe it does.

So it's between WSUS or perhaps an application that can install updates, it can also install applications etc and give you decent reporting?

Thanks for your help
Yashy
0
Hey Guys,

Long term WSUS user, find the console horrendous and the system completely unreliable compared to manually patching a workstation from the windows update website.

My company is now too big for manual patching, currently we have WSUS patching desktops and not important servers, unfortunately it is doing a terrible job and I just cannot rely on it.

I am looking for the best way to update my systems.

I pulled a random desktop machine WSUS said was "fully patched" "7500 updates installed/not applicable"
Checked it against the windows update website and it is missing all kinds of updates, 80+ on first check against windows update website.

So the best idea I have right now is
1. Use this script to possibly auto update all desktops off the windows update website in a controlled fashion.(https://community.spiceworks.com/topic/433260-managing-windows-updates-on-servers)
2. Then managing monthly checking the list manually and approving/monitoring
3. Same for not important servers, wiht the importance of my companies big servers they will continue to be patched manually.
4. FWIW I think reporting in WSUS is a complete joke, and yes I have all my computers reporting and checking succesfully.
5. Would like to make a final complaint on WSUS console, an absolute pile of garbage, not one improvement since the 2003 version and it badly needs it, Microsoft we need a system as reliable as the windows update website. I iknow WSUS is renowned for its awful …
0
Hi there,
I am trying to update a Windows 10 laptop and am getting this error:
Security update for Microsoft visual c++ 2008 redistributable package (KB973924) – Error 0x80246003
I have tried downloading it manually and installing it.
I have tried deleting the windows update software cache
does anyone have any ideas?
Thanks for your help,
Shaun
0
I am trying to figure out why some workstations have the Anniversary Update and others do not. I assume it was pushed out with WSUS but I cannot find that update.

Can someone tell me what that update is named in WSUS.

I also want to know what the update for Version 1703 - Creators Update is.
0
Okay, this is a 2012 R2 server, acting as a domain controller, and running WSUS version 6.3.9600.16384.  I've got about two dozen computers in two different locations that update from it.  MOST are contacting the server and are receiving updates, however I have two which are not.  They show as Not Yet Reported regardless of what I've tried.

WSUS is configured to use group policy, and here are the settings for my update GPO:update GPO settings
Trying to manually update the client computer results in a LOOOONG wait, followed by error 0x800705b4, and I have tried several different "fixes" for this, form stopping the service, deleting the software distribution folder, and restarting the service, to this fix from Microsoft: https://support.microsoft.com/en-us/help/10164/fix-windows-update-errors, up to but not including their final solution, reset and reinstall windows.

Can anybody offer a workable solution to this problem?

Thank you.
0
Hi, just looking for a better way of managing WSUS v 6.3.9600.18228
We automatically approve Critical, Definition and Security updates
We sync Critical, Definition, Feature Packs, Security Updates, Service Packs, Updates roll ups, and Updates.

We get an email notification once a week of the synchronised updates, we have 3 different sites each running its own WSUS server, and its a constant struggle trying to wade through the print outs, as the print outs (synchronised report) contain all the updates that are automatically approved as well as ones which need checking to see if we want them or not.

This wastes time as we are checking updates unnecessarily. Is there a report that could be run instead that prints out just the items that aren't automatically approved and require attention?
We also find updates on the printout that are only a few days old, have already been superseded, again wasting time.

There must be a better way of doing this?
regards
Rick
0
1.  How can I download a specific patch to WSUS
2.  How can I push this patch to specific servers using WSUS
3. Also, how can I get the report for the patches applied.

Will appreciate the specific steps. Thank you.

(OS is Windows Server 2008 R2)
0
Free Tool: Site Down Detector
LVL 9
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Have a client with a network where the original SBS Server running WSUS has passed away.

Group Policy is still locking down the Windows Update settings on each Domain Workstation.  I can individually switch Workstations to pull updates from the Microsoft via the Internet, but can't change the settings with respect to auto-updating, time of update, etc.

I assume there is one or more (Domain) Group Policies that need to be modified to remove all memory of WSUS and return workstations to being self-managed.  Can someone please advise?

Thanks,

Nathan
0
We have about 400 servers and we use WSUS for patching.  

I need to generate a report that shows me if the wannacry patch is installed.  

IN WSUS, I can search on MS17-010 and that patch shows up, and when I click on it, it shows me the groups that it's approved for (all groups) but I'm being asked for a report.  That MS17-010 also ONLY shows me the Server 2008 patch.  When I search on the specific KB for each OS, I can "see" that the patch is installed, but I need a report of some sort to show the powers that be that the patch is either on or not on all servers.

I'm thinking powershell and the get-hotfix, but I need some help here on syntax and even if that's the right cmdlet.

Thanks

Cliff
0
Hello all,
I have a Windows 2008 R2 server that is a domain controller and is running WSUS with no problems.
I setup a Windows 2016 server to be a domain controller in the network.  These are the only two servers in the forest/domain.
I will be keeping the Windows 2008 R2 server in the domain but want to move the WSUS over to the new more powerful server.
What is the best way to do this?
Thanks,
Kelly W.
0
TL;DR: Updates no work. WSUS no work. Direct from Microsoft no work. 8024002e error everywhere. 150 Windows 10 1607 workstations. Tried Troubleshooter and Manual fix for Updates, no work. Please help. Centralized solution needed. Can't fix 150 workstations' Updates individually.
----------------------------------------------------------------------------------------------------------------------
For those who have an attention span greater than the half-life of Hydrogen-7:

Background:

I support about 150 workstations and laptops combined, all running Windows 10 1607. Through GP, we've always pointed people to our WSUS server, which has crashed/gotten corrupted at least three times. Once as V3 and twice as V4. The last time, instead of going through all the repairs, I just said f it and launched a new VM and re-set the thing up.

Last weekend my co-worker said WSUS was causing an 8024002e error (that VERY specific error with the thousand ways of fixing, and none of them work), so he turned off the GP and sent everyone straight to Microsoft. The pressing issue was getting the WillCry updates (which were released in March, I think).

That's the background. My problem is, when I started going around to workstations to confirm the updates were received, everything is inconsistent (when I say everything, I mean, a number of workstations I checked). Some reported KB4019472 was successfully installed. Others said it failed, but in history it was successful. Some …
1
Has anyone seen anything on managing 2016 servers in 2012 R2 WSUS?  I "see" the servers in there, but they are showing as 2008 Standard Edition (full install) and of course, that's not right.

Also, I have the 2016 servers in auto patch OUs and they are not auto patching.  When I log into the 2016 servers, the update screen reflects that the servers are set to pull updates from MS and auto install, so clearly, my GP isn't working, even though it's applying to other machines in the same OU.

So, just checking to see if I can manage 2016 servers with 2012 R2 WSUS and if there are any tricks I need to know about.

Thanks

Cliff
0
hi,

Right now as there are more and more zero day attack and security patch sometime is too slow to apply.

what is the way you guy used to deploy patch asap ? WSUS ? any robust way to do it ?

link/resource on how to setup the method is welcome .
0

WSUS

830

Solutions

3

Articles & Videos

974

Contributors

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers.