none
WSUS downstream server not syncing some updates

    Question

  • I have updates that are failing to sync from the upstream server. They seem to no longer exist on the upstream server but I am not 100% sure

    I need to find out how to identify them on the upstream server and then decline them. Is there a way to compare the updates on both servers?

    I think if I can compare the two I will be able to fine the ones I need to get shot of...

     

    thanks in advance



    • Edited by Webbeye Wednesday, September 04, 2013 10:18 AM
    Wednesday, September 04, 2013 10:18 AM

Answers

  • I have updates that are failing to sync from the upstream server. They seem to no longer exist on the upstream server but I am not 100% sure

    This scenario is certainly possible. Have you used the Server Cleanup Wizard on the upstream server and not on the downstream server? Deletion of updates does not replicate. If the SCW deleted updates from the upstream server and the downstream server is trying to synchronize them, this could be problematic.

    I need to find out how to identify them on the upstream server and then decline them.

    Well, if the downstream server can't find them, then presumably they don't even exist on the upstream server, which would make it particularly difficult to decline.
    Is there a way to compare the updates on both servers?
    I'd start with a simple comparison of counts. How many updates (total) on each server? How many Security Updates? How many Critical Updates? How many Approved Updates? How many Declined Updates? All of those counts are easily obtainable from a console session.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Wednesday, September 04, 2013 5:26 PM

All replies

  • Hi Webbeye,

    It would be interesting to know as I though the downstream server was taking updates from the upstream by the database on it.

    By the way, it would take all updates defined as available by the upstream server.

    But maybe you didn't set it as a replica and you are using SSL ?

    TiGrOu.

    Wednesday, September 04, 2013 1:17 PM
  • Thanks for the response TiGrOu

    I am looking for a way to compare the data in both databases..

    It is set as a replica

    Example error is

    2013-07-24 17:34:17.219 UTC Warning w3wp.16 SoapUtilities.CreateException ThrowException: actor = http://wsus-server.com/ServerSyncWebService/ServerSyncWebService.asmx, ID=03088898-d90a-4d80-a06a-a5416997974f, ErrorCode=FileDigestsMissing, Message=C471C01828902764DB25A7FC9B54150006E91281|, Client=?



    • Edited by Webbeye Wednesday, September 04, 2013 4:02 PM
    Wednesday, September 04, 2013 4:02 PM
  • I have updates that are failing to sync from the upstream server. They seem to no longer exist on the upstream server but I am not 100% sure

    This scenario is certainly possible. Have you used the Server Cleanup Wizard on the upstream server and not on the downstream server? Deletion of updates does not replicate. If the SCW deleted updates from the upstream server and the downstream server is trying to synchronize them, this could be problematic.

    I need to find out how to identify them on the upstream server and then decline them.

    Well, if the downstream server can't find them, then presumably they don't even exist on the upstream server, which would make it particularly difficult to decline.
    Is there a way to compare the updates on both servers?
    I'd start with a simple comparison of counts. How many updates (total) on each server? How many Security Updates? How many Critical Updates? How many Approved Updates? How many Declined Updates? All of those counts are easily obtainable from a console session.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Wednesday, September 04, 2013 5:26 PM
  • Really appreciate the comments..

    I am gathering the information



    • Edited by Webbeye Thursday, September 05, 2013 8:49 AM
    Thursday, September 05, 2013 8:49 AM
  • Apologies its taken time to get the data.. What do you make if the differences? This should be the same numbers right?

    USS

    All Updates

    Approved Updates =  1326 with a status of any.

    Declined = 671 with a status of any.

    Critical Updates

    Approved Updates =  1326 with a status of any.

    Declined = 671 with a status of any.

    Security Updates

    Approved Updates =  1326 with a status of any.

    Declined = 671 with a status of any.

    DSS

    All Updates

    Approved Updates =  980 with a status of any.

    Declined = 493 with a status of any.

     Critical Updates

    Approved Updates =  26 with a status of any.

    Declined = 41 with a status of any.

     Security Updates

    Approved Updates =  916 with a status of any.

    Declined = 427 with a status of any.



    • Edited by Webbeye Tuesday, September 17, 2013 8:17 AM
    Tuesday, September 17, 2013 8:17 AM
  • What I make of this is that the downstream server is signficantly out of sync with the upstream server... But then that was the original premise of the thread, eh? :)

    What's unknown, still, is to what extent and in which fashion it is out of sync. Certainly we can see that it's missing almost 350 approved updates, almost 180 declined updates, and who knows about the not-approved/not-declined updates.

    The good news is that since the downstream server is intended to be a replica of the upstream server, the simple fix is just to (re)make the downstream server a replica of the existing upstream server.

    1. Uninstall WSUS from the replica, keep the content store, trash the database.
    2. Install WSUS with a new database and replicate.
    3. After replication (and the completion of any additional file transfers), run the Server Cleanup Wizard on the replica server with the "Delete files..." option to remove any unneeded files.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Tuesday, September 17, 2013 7:23 PM