Windows Server TechCenter > Windows Server Forums > WSUS > Cannot connect non-domain Server 2003 R2 clients to a domain WSUS 3.0 SP2

Ask a question

Cannot connect non-domain Server 2003 R2 clients to a domain WSUS 3.0 SP2

Friday, October 30, 2009 8:37 PMR Pepper

0
Sign In to Vote
I am setting up WSUS 3.0 SP2 in the DMZ and have some standalone servers which are located there also. I am using GPO to have the domain computers report to the WSUS server and most are now reporting. On the standalone servers I have used the registry settings from the "Windows Servers Update Services 3.0 SP2 Deployment Guide" for the non-active directory environment. The servers not connecting right now are mostly W2K3R2 x64, but I also have an x86 not reporting. When I run the client diag tool I get the following (x64):

WSUS Client Diagnostics Tool
Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is not running. PASS
        Wuaueng.dll version 7.2.6001.788. . . . . . . . . . . . PASS
                This version is WSUS 2.0

Checking AU Settings
        AU Option is 2 : Notify Prior to Download . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . . NONE
                Winhttp local machine ProxyBypass. . . . . . . NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy. . . . . . . . . . . . . . . . . NONE
                User IE ProxyByPass. . . . . . . . . . . . . . NONE
                User IE AutoConfig URL Proxy . . . . . . . . . NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
                WUServer = http://sw100420
                WUStatusServer = http://sw100420
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS

GetAUSettingsRegistry(false, TEXT("SusServerVersion"), &dwSusVersion) failed wit
h hr=0x80070002

The system cannot find the file specified.
Press Enter to Complete

Here is the registry settings I have applied:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate]
"AcceptTrustedPublisherCerts"=dword:00000000
"ElevateNonAdmins"=dword:00000000
"WUServer"="http://sw100420"
"WUStatusServer"="http://sw100420"
"DisableWindowsUpdateAccess"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU]
"AUOptions"=dword:00000002
"NoAutoUpdate"=dword:00000001
"UseWUServer"=dword:00000001
"AutoInstallMinorUpdates"=dword:00000000
"DetectionFrequency"=dword:00000020
"DetectionFrequencyEnabled"=dword:00000001
"NoAutoRebootWithLoggedOnUsers"=dword:00000000

Any suggestions on how to get the standalone servers reporting? I have searched the error on the client diag tool and it brings up pages such as http://support.microsoft.com/default.aspx/kb/920652 which did not fix the issue.
R. Pepper In Valor there is Hope -Tacitus
- Reply
- Quote

Answers

Friday, October 30, 2009 11:36 PMLawrence GarvinMVP, Moderator

0
Sign In to Vote
                WUServer = http://sw100420
                WUStatusServer = http://sw100420
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
GetAUSettingsRegistry(false, TEXT("SusServerVersion"), &dwSusVersion) failed wit
h hr=0x80070002

0x80070002 -2147024894 ERROR_FILE_NOT_FOUND The System cannot find the file specified

This is a failed attempt to read a registry value from the local machine

Possibly complicated by this invalid value in the registry setup:
> "DetectionFrequency"=dword:00000020
> "DetectionFrequencyEnabled"=dword:00000001

The maximum acceptable value for Detection Frequency is 22 hours, which would be dword:0x00000016
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com
- Marked As Answer byR Pepper Monday, November 02, 2009 10:25 PM
- Reply
- Quote
Monday, November 02, 2009 10:07 PMCitizenRon

0
Sign In to Vote
As Lawrence said, your machine is not allowed to use Automatic Updates as per the policy. That prompted me to go back and look at your original registry settings.

"NoAutoUpdate"=dword:00000001

"NoAutoUpdate" being on means "Turn Automatic Updates OFF"

You need to change that to
"NoAutoUpdate"=dword:00000000

That should help tremendously. Try that before running the script. There's a WSUS Client Diagnostic Tool available that would have found this. You can find it here:
http://technet.microsoft.com/en-us/wsus/bb466192.aspx
- Marked As Answer byR Pepper Monday, November 02, 2009 10:25 PM
- Edited byCitizenRon Monday, November 02, 2009 10:09 PMAdded ClientDiag tool location
- Reply
- Quote
Tuesday, November 03, 2009 4:55 PMCitizenRon

0
Sign In to Vote
It sounds like things are progressing then. I was able to find a blog post describing a workaround for the errors you're having if you want to try it out.

http://blogs.technet.com/emeasetup/archive/2009/03/17/eehndlr-warning-failed-to-populate-servicestartup-entries-in-cache-error-0x80070002.aspx
- Marked As Answer byLawrence GarvinMVP, ModeratorWednesday, November 04, 2009 2:48 PM
- Reply
- Quote

All Replies

Friday, October 30, 2009 10:38 PMCitizenRon

0
Sign In to Vote
The way I configured my Standalone computers for WSUS was to export the entire [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate] registry branch from a machine that is IN the Domain. The [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft] section of the registry is where Group Policy actually configures the registry of the Domain computer so basically, you need to set the same registry entries on your Standalone computers as Group Policy is setting on your Domain computers. With REGEDIT, it's really easy to export that branch of the registry to a .REG file that you can Merge into your standalone computers.

Also, you may want to double-check your "WUServer" and "WUStatusServer" entries. Depending on how you set up WSUS, those entries may need to be configured to use port 8530 like this:

"WUServer"="http://sw100420:8530"
"WUStatusServer"="http://sw100420:8530"

I've had LOTS of troubles with getting computers (domain and standalone) to talk and update with WSUS but I've compiled a list of things to do on a non-cooperative client computer that pretty much always works. Here's a Batch file that you can use to do all of this automatically that has comments (::) that tell you what it does:
```
@Echo Off

::Stop Windows Update Service

NET STOP WUAUSERV

::Stop Background Intelligent Transfer Service

NET STOP BITS

::Delete WU Software Distribution Directory

RD %SYSTEMROOT%\SoftwareDistribution /s /q

::Delete Temporary Internet Files 

::Works with IE 7+ ONLY!!!  Earlier versions must be done manually if you see an error message

::Temporary Internet File Cache

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8

::Cookies

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2

::History

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1

Pause
::Flush the DNS Cache

IPCONFIG /FLUSHDNS

::Delete Windows Temporary Files

DEL %TEMP%\*.* /F /S /Q

DEL %SYSTEMROOT%\Temp\*.* /F /S /Q

::Delete WSUS Client ID Registry Keys

REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /va /f

::Backup the Windows Update log file and rename the original in order to get a clean log file

If Exist %SYSTEMROOT%\WindowsUpdate.log.bkp Del %SYSTEMROOT%\WindowsUpdate.log.bkp

Rename %SYSTEMROOT%\WindowsUpdate.log WindowsUpdate.log.bkp

::Start Background Intelligent Transfer Service

NET START BITS

::Start Windows Update Service

NET START WUAUSERV

::Force run WSUS Client authentication and detection

WUAUCLT /resetauthorization /detectnow

Pause
```
Since I wrote it, this has worked in 99% of all my WSUS client communication problems that were not network hardware related. The one instance where this did not work, I had to forcefully reinstall the WSUS Client software. You can do this by downloading and installing the proper Windows Update Agent standalone redistributable installer from the links in the "Resolution" section of this page:

http://support.microsoft.com/default.aspx/kb/932494

But if you get a message saying the Windows Update Agent software is already installed, try running the software install from a command line using the /WUFORCE switch like this: WindowsUpdateAgent30-x86.exe /wuforce This will force it to install it over top of the Windows Update Agent that is already there and that fixed my problem.
- Edited byCitizenRon Friday, October 30, 2009 10:41 PMTypo and formatting errors
- Edited byCitizenRon Friday, October 30, 2009 10:45 PMFix typo, grammar and formatting errors
- Reply
- Quote
Friday, October 30, 2009 11:36 PMLawrence GarvinMVP, Moderator

0
Sign In to Vote
                WUServer = http://sw100420
                WUStatusServer = http://sw100420
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
GetAUSettingsRegistry(false, TEXT("SusServerVersion"), &dwSusVersion) failed wit
h hr=0x80070002

0x80070002 -2147024894 ERROR_FILE_NOT_FOUND The System cannot find the file specified

This is a failed attempt to read a registry value from the local machine

Possibly complicated by this invalid value in the registry setup:
> "DetectionFrequency"=dword:00000020
> "DetectionFrequencyEnabled"=dword:00000001

The maximum acceptable value for Detection Frequency is 22 hours, which would be dword:0x00000016
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com
- Marked As Answer byR Pepper Monday, November 02, 2009 10:25 PM
- Reply
- Quote
Monday, November 02, 2009 9:17 PMCitizenRon

0
Sign In to Vote
Nice catch Lawrence, I missed that the first time.

R Pepper, in case you need to know why it's invalid, the "DetectionFrequency" value is a DWORD value of how many hours the workstation waits between checking for updates. Since it's DWORD, that means it's a Hexadecimal value. 20 in Hex is actually 32 hours which exceeds the maximum value of 24.

If you want machines to wait 20 hours (minus zero to twenty percent) you'll want to use a hex value of 00000014

"DetectionFrequency"=dword:00000014
- Reply
- Quote
Monday, November 02, 2009 9:30 PMR Pepper

0
Sign In to Vote
Thanks for the help on the registry error. I have changed the key, and went a step further and copied the key straight from my WSUS server and placed it on the non domain client. I also confirmed the ports were open just to make sure. I have about 44 of the domain servers in the DMZ reporting but still cannot get about 10 standalone reporting. I have tried this on 2 servers which are both x64. Should I have a key in the Wow6432Node? I tried the client diag tool again and got the same error even after restarting services and updating the local policies. Here is the log from todays windowsupdate.log:

2009-11-02 15:29:08:281 1072 85c AU ########### AU: Uninitializing Automatic Updates ###########
2009-11-02 15:29:08:281 1072 85c Service *********
2009-11-02 15:29:08:281 1072 85c Service ** END ** Service: Service exit [Exit code = 0x240001]
2009-11-02 15:29:08:281 1072 85c Service *************
2009-11-02 15:29:09:609 1072 101c Misc =========== Logging initialized (build: 7.2.6001.788, tz: -0500) ===========
2009-11-02 15:29:09:609 1072 101c Misc   = Process: C:\WINDOWS\System32\svchost.exe
2009-11-02 15:29:09:609 1072 101c Misc   = Module: C:\WINDOWS\system32\wuaueng.dll
2009-11-02 15:29:09:609 1072 101c Service *************
2009-11-02 15:29:09:609 1072 101c Service ** START ** Service: Service startup
2009-11-02 15:29:09:609 1072 101c Service *********
2009-11-02 15:29:09:625 1072 101c Agent   * WU client version 7.2.6001.788
2009-11-02 15:29:09:625 1072 101c Agent   * Base directory: C:\WINDOWS\SoftwareDistribution
2009-11-02 15:29:09:625 1072 101c Agent   * Access type: No proxy
2009-11-02 15:29:09:625 1072 101c Agent   * Network state: Connected
2009-11-02 15:29:54:625 1072 101c Agent *********** Agent: Initializing Windows Update Agent ***********
2009-11-02 15:29:54:625 1072 101c Agent *********** Agent: Initializing global settings cache ***********
2009-11-02 15:29:54:625 1072 101c Agent   * WSUS server: http://sw100420
2009-11-02 15:29:54:625 1072 101c Agent   * WSUS status server: http://sw100420
2009-11-02 15:29:54:625 1072 101c Agent   * Target group: (Unassigned Computers)
2009-11-02 15:29:54:625 1072 101c Agent   * Windows Update access disabled: Yes
2009-11-02 15:29:54:843 1072 101c DnldMgr Download manager restoring 0 downloads
2009-11-02 15:29:54:843 1072 101c AU ########### AU: Initializing Automatic Updates ###########
2009-11-02 15:29:54:843 1072 101c AU   # AU disabled through Policy
2009-11-02 15:29:54:843 1072 101c AU AU finished delayed initialization
2009-11-02 15:29:54:906 1072 101c Report *********** Report: Initializing static reporting data ***********
2009-11-02 15:29:54:906 1072 101c Report   * OS Version = 5.2.3790.2.0.196882
2009-11-02 15:29:54:968 1072 101c Report   * Computer Brand = IBM
2009-11-02 15:29:54:968 1072 101c Report   * Computer Model = IBM System x3650 -[7979AC1]-
2009-11-02 15:29:54:968 1072 101c Report   * Bios Revision = -[GGE143AUS-1.14]-
2009-11-02 15:29:54:968 1072 101c Report   * Bios Name = Default System BIOS
2009-11-02 15:29:54:968 1072 101c Report   * Bios Release Date = 2009-01-29T00:00:00
2009-11-02 15:29:54:968 1072 101c Report   * Locale ID = 1033
2009-11-02 15:31:57:875 1072 101c AU ########### AU: Uninitializing Automatic Updates ###########
2009-11-02 15:31:57:906 1072 101c Service *********
2009-11-02 15:31:57:906 1072 101c Service ** END ** Service: Service exit [Exit code = 0x240001]
2009-11-02 15:31:57:906 1072 101c Service *************
2009-11-02 15:31:59:203 1072 754 Misc =========== Logging initialized (build: 7.2.6001.788, tz: -0500) ===========
2009-11-02 15:31:59:203 1072 754 Misc   = Process: C:\WINDOWS\System32\svchost.exe
2009-11-02 15:31:59:203 1072 754 Misc   = Module: C:\WINDOWS\system32\wuaueng.dll
2009-11-02 15:31:59:203 1072 754 Service *************
2009-11-02 15:31:59:203 1072 754 Service ** START ** Service: Service startup
2009-11-02 15:31:59:203 1072 754 Service *********
2009-11-02 15:31:59:218 1072 754 Agent   * WU client version 7.2.6001.788
2009-11-02 15:31:59:218 1072 754 Agent   * Base directory: C:\WINDOWS\SoftwareDistribution
2009-11-02 15:31:59:218 1072 754 Agent   * Access type: No proxy
2009-11-02 15:31:59:218 1072 754 Agent   * Network state: Connected
2009-11-02 15:32:44:218 1072 754 Agent *********** Agent: Initializing Windows Update Agent ***********
2009-11-02 15:32:44:218 1072 754 Agent *********** Agent: Initializing global settings cache ***********
2009-11-02 15:32:44:218 1072 754 Agent   * WSUS server: http://sw100420
2009-11-02 15:32:44:218 1072 754 Agent   * WSUS status server: http://sw100420
2009-11-02 15:32:44:218 1072 754 Agent   * Target group: (Unassigned Computers)
2009-11-02 15:32:44:218 1072 754 Agent   * Windows Update access disabled: Yes
2009-11-02 15:32:44:421 1072 754 DnldMgr Download manager restoring 0 downloads
2009-11-02 15:32:44:421 1072 754 AU ########### AU: Initializing Automatic Updates ###########
2009-11-02 15:32:44:421 1072 754 AU   # AU disabled through Policy
2009-11-02 15:32:44:421 1072 754 AU AU finished delayed initialization
2009-11-02 15:32:44:484 1072 754 Report *********** Report: Initializing static reporting data ***********
2009-11-02 15:32:44:484 1072 754 Report   * OS Version = 5.2.3790.2.0.196882
2009-11-02 15:32:44:531 1072 754 Report   * Computer Brand = IBM
2009-11-02 15:32:44:531 1072 754 Report   * Computer Model = IBM System x3650 -[7979AC1]-
2009-11-02 15:32:44:531 1072 754 Report   * Bios Revision = -[GGE143AUS-1.14]-
2009-11-02 15:32:44:531 1072 754 Report   * Bios Name = Default System BIOS
2009-11-02 15:32:44:531 1072 754 Report   * Bios Release Date = 2009-01-29T00:00:00
2009-11-02 15:32:44:531 1072 754 Report   * Locale ID = 1033
2009-11-02 16:18:19:171 1072 754 AU ########### AU: Uninitializing Automatic Updates ###########
2009-11-02 16:18:19:171 1072 754 Service *********
2009-11-02 16:18:19:171 1072 754 Service ** END ** Service: Service exit [Exit code = 0x240001]
2009-11-02 16:18:19:171 1072 754 Service *************
2009-11-02 16:18:20:500 1072 868 Misc =========== Logging initialized (build: 7.2.6001.788, tz: -0500) ===========
2009-11-02 16:18:20:500 1072 868 Misc   = Process: C:\WINDOWS\System32\svchost.exe
2009-11-02 16:18:20:500 1072 868 Misc   = Module: C:\WINDOWS\system32\wuaueng.dll
2009-11-02 16:18:20:500 1072 868 Service *************
2009-11-02 16:18:20:500 1072 868 Service ** START ** Service: Service startup
2009-11-02 16:18:20:500 1072 868 Service *********
2009-11-02 16:18:20:515 1072 868 Agent   * WU client version 7.2.6001.788
2009-11-02 16:18:20:515 1072 868 Agent   * Base directory: C:\WINDOWS\SoftwareDistribution
2009-11-02 16:18:20:515 1072 868 Agent   * Access type: No proxy
2009-11-02 16:18:20:515 1072 868 Agent   * Network state: Connected
2009-11-02 16:19:05:515 1072 868 Agent *********** Agent: Initializing Windows Update Agent ***********
2009-11-02 16:19:05:515 1072 868 Agent *********** Agent: Initializing global settings cache ***********
2009-11-02 16:19:05:515 1072 868 Agent   * WSUS server: http://sw100420
2009-11-02 16:19:05:515 1072 868 Agent   * WSUS status server: http://sw100420
2009-11-02 16:19:05:515 1072 868 Agent   * Target group: (Unassigned Computers)
2009-11-02 16:19:05:515 1072 868 Agent   * Windows Update access disabled: Yes
2009-11-02 16:19:05:734 1072 868 DnldMgr Download manager restoring 0 downloads
2009-11-02 16:19:05:734 1072 868 AU ########### AU: Initializing Automatic Updates ###########
2009-11-02 16:19:05:734 1072 868 AU   # AU disabled through Policy
2009-11-02 16:19:05:734 1072 868 AU AU finished delayed initialization
2009-11-02 16:19:05:796 1072 868 Report *********** Report: Initializing static reporting data ***********
2009-11-02 16:19:05:796 1072 868 Report   * OS Version = 5.2.3790.2.0.196882
2009-11-02 16:19:05:859 1072 868 Report   * Computer Brand = IBM
2009-11-02 16:19:05:859 1072 868 Report   * Computer Model = IBM System x3650 -[7979AC1]-
2009-11-02 16:19:05:859 1072 868 Report   * Bios Revision = -[GGE143AUS-1.14]-
2009-11-02 16:19:05:859 1072 868 Report   * Bios Name = Default System BIOS
2009-11-02 16:19:05:859 1072 868 Report   * Bios Release Date = 2009-01-29T00:00:00
2009-11-02 16:19:05:859 1072 868 Report   * Locale ID = 1033

Any further help would be greatly appreciated
R. Pepper In Valor there is Hope -Tacitus
- Edited byR Pepper Monday, November 02, 2009 9:45 PM
- Reply
- Quote
Monday, November 02, 2009 9:36 PMLawrence GarvinMVP, Moderator

0
Sign In to Vote
2009-11-02 15:31:59:203 1072 754 Service *************
2009-11-02 15:31:59:203 1072 754 Service ** START ** Service: Service startup
2009-11-02 15:31:59:203 1072 754 Service *********

2009-11-02 15:32:44:218 1072 754 Agent * Windows Update access disabled: Yes

2009-11-02 15:32:44:421 1072 754 AU # AU disabled through Policy

2009-11-02 16:18:19:171 1072 754 Service *********
2009-11-02 16:18:19:171 1072 754 Service ** END ** Service: Service exit [Exit code = 0x240001]
2009-11-02 16:18:19:171 1072 754 Service *************

Looks like you still have some policy configuration issues to resolve.

The Automatic Updates service won't stay running because a Group Policy is blocking it's execution.
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com
- Reply
- Quote
Monday, November 02, 2009 9:49 PMR Pepper

0
Sign In to Vote
CitizenRon,

I have run your .bat file and still no resolution. I am going to try the WSUS Client software reinstall in the morning. I will let you know if I have any luck. Thanks for your input!
R. Pepper In Valor there is Hope -Tacitus
- Reply
- Quote
Monday, November 02, 2009 10:07 PMCitizenRon

0
Sign In to Vote
As Lawrence said, your machine is not allowed to use Automatic Updates as per the policy. That prompted me to go back and look at your original registry settings.

"NoAutoUpdate"=dword:00000001

"NoAutoUpdate" being on means "Turn Automatic Updates OFF"

You need to change that to
"NoAutoUpdate"=dword:00000000

That should help tremendously. Try that before running the script. There's a WSUS Client Diagnostic Tool available that would have found this. You can find it here:
http://technet.microsoft.com/en-us/wsus/bb466192.aspx
- Marked As Answer byR Pepper Monday, November 02, 2009 10:25 PM
- Edited byCitizenRon Monday, November 02, 2009 10:09 PMAdded ClientDiag tool location
- Reply
- Quote
Monday, November 02, 2009 10:22 PMR Pepper

0
Sign In to Vote
OK, some good news. I have done all but the reinstall so far due to the registry issues. I have changed the registry and keys read as follows:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate]
"WUServer"="http://sw100420"
"WUStatusServer"="http://sw100420"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU]
"UseWUServer"=dword:00000001
"DetectionFrequencyEnabled"=dword:00000001
"DetectionFrequency"=dword:00000014
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000002
"ScheduledInstallDay"=dword:00000007
"ScheduledInstallTime"=dword:00000015

I can now see the server on my WSUS Admin Console. However the diag tool still shows:

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is running. . . PASS
        Wuaueng.dll version 7.4.7600.226. . . . . . . . . . . . PASS
                This version is WSUS 2.0

Checking AU Settings
        AU Option is 2 : Notify Prior to Download . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . . NONE
                Winhttp local machine ProxyBypass. . . . . . . NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy. . . . . . . . . . . . . . . . . NONE
                User IE ProxyByPass. . . . . . . . . . . . . . NONE
                User IE AutoConfig URL Proxy . . . . . . . . . NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
                WUServer = http://sw100420
                WUStatusServer = http://sw100420
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS

GetAUSettingsRegistry(false, TEXT("SusServerVersion"), &dwSusVersion) failed wit
h hr=0x80070002

The system cannot find the file specified.

Sooo... Here is the log as it reads now:

2009-11-02 17:06:25:250 1072 12b8 Agent *********** Agent: Initializing Windows Update Agent ***********
2009-11-02 17:06:25:250 1072 12b8 Agent *********** Agent: Initializing global settings cache ***********
2009-11-02 17:06:25:250 1072 12b8 Agent   * WSUS server: http://sw100420
2009-11-02 17:06:25:250 1072 12b8 Agent   * WSUS status server: http://sw100420
2009-11-02 17:06:25:250 1072 12b8 Agent   * Target group: (Unassigned Computers)
2009-11-02 17:06:25:250 1072 12b8 Agent   * Windows Update access disabled: No
2009-11-02 17:06:25:250 1072 12b8 DnldMgr Download manager restoring 0 downloads
2009-11-02 17:06:25:250 1072 12b8 AU ########### AU: Initializing Automatic Updates ###########
2009-11-02 17:06:25:250 1072 12b8 AU AU setting next detection timeout to 2009-11-02 22:06:25
2009-11-02 17:06:25:250 1072 12b8 AU AU setting next sqm report timeout to 2009-11-02 22:06:25
2009-11-02 17:06:25:250 1072 12b8 AU AU setting next featured software notification timeout to 2009-11-02 22:06:25
2009-11-02 17:06:25:250 1072 12b8 AU AU featured software notification sequence number is 2746, Generation Time:2009-11-02 22:06:25
2009-11-02 17:06:25:250 1072 12b8 AU   # WSUS server: http://sw100420
2009-11-02 17:06:25:250 1072 12b8 AU   # Detection frequency: 20
2009-11-02 17:06:25:250 1072 12b8 AU   # Approval type: Pre-download notify (Policy)
2009-11-02 17:06:25:250 1072 12b8 AU Initializing featured updates
2009-11-02 17:06:25:250 1072 12b8 AU Found 0 cached featured updates
2009-11-02 17:06:25:250 1072 12b8 AU AU finished delayed initialization
2009-11-02 17:06:25:250 1072 12b8 AU #############
2009-11-02 17:06:25:250 1072 12b8 AU ## START ## AU: Search for updates
2009-11-02 17:06:25:250 1072 12b8 AU #########
2009-11-02 17:06:25:250 1072 12b8 AU <<## SUBMITTED ## AU: Search for updates [CallId = {5C7B3BAE-AF42-4070-AEE3-CB8398F287DA}]
2009-11-02 17:06:25:250 1072 954 Agent *************
2009-11-02 17:06:25:250 1072 954 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-11-02 17:06:25:250 1072 954 Agent *********
2009-11-02 17:06:25:250 1072 954 Agent   * Online = Yes; Ignore download priority = No
2009-11-02 17:06:25:250 1072 954 Agent   * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1"
2009-11-02 17:06:25:250 1072 954 Agent   * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2009-11-02 17:06:25:250 1072 954 Agent   * Search Scope = {Machine}
2009-11-02 17:06:25:250 1072 954 Setup Agent skipping selfupdate check following a successful selfupdate
2009-11-02 17:06:25:343 1072 954 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2009-11-02 17:06:25:343 1072 954 PT   + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://sw100420/ClientWebService/client.asmx
2009-11-02 17:06:27:671 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:27:703 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:27:812 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:27:843 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:27:875 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:27:968 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:28:171 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:28:484 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:28:625 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:29:171 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:29:250 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:29:437 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:29:671 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:29:734 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:29:843 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:30:031 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:30:218 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:30:421 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:30:718 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:30:765 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:30:843 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:31:234 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:31:375 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:31:484 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:31:562 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:31:593 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:31:625 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:32:359 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:32:359 1072 954 EEHndlr WARNING: Failed to populate ServiceStartup entries in Cache: error 0x80070002

2009-11-02 17:06:34:343 1072 954 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2009-11-02 17:06:34:343 1072 954 PT   + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://sw100420/ClientWebService/client.asmx
2009-11-02 17:06:34:750 1072 954 Agent   * Found 0 updates and 48 categories in search; evaluated appl. rules of 384 out of 703 deployed entities
2009-11-02 17:06:34:750 1072 954 Agent *********
2009-11-02 17:06:34:750 1072 954 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2009-11-02 17:06:34:750 1072 954 Agent *************
2009-11-02 17:06:34:750 1072 6f4 AU >>## RESUMED ## AU: Search for updates [CallId = {5C7B3BAE-AF42-4070-AEE3-CB8398F287DA}]
2009-11-02 17:06:34:750 1072 6f4 AU   # 0 updates detected
2009-11-02 17:06:34:750 1072 6f4 AU #########
2009-11-02 17:06:34:750 1072 6f4 AU ## END ## AU: Search for updates [CallId = {5C7B3BAE-AF42-4070-AEE3-CB8398F287DA}]
2009-11-02 17:06:34:750 1072 6f4 AU #############
2009-11-02 17:06:34:750 1072 6f4 AU Featured notifications is disabled.
2009-11-02 17:06:34:750 1072 6f4 AU AU setting next detection timeout to 2009-11-03 17:42:30
2009-11-02 17:06:39:750 1072 954 Report REPORT EVENT: {5A5E56E4-D540-4617-85F8-3A522E8EA2A5} 2009-11-02 17:06:34:750-0500 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 0 updates.
2009-11-02 17:06:39:750 1072 954 Report REPORT EVENT: {316E6798-ED9D-4A11-8482-81B767B47C93} 2009-11-02 17:06:34:750-0500 1 156 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Pre-Deployment Check Reporting client status.
2009-11-02 17:14:44:687 1072 954 Report Uploading 3 events using cached cookie, reporting URL = http://sw100420/ReportingWebService/ReportingWebService.asmx
2009-11-02 17:14:44:703 1072 954 Report Reporter successfully uploaded 3 events.

It is reporting to my console but still have the error on the diag tool... I will check further into it, but for now thanks for all the help on at least getting it reporting and checking in with the console.
R. Pepper In Valor there is Hope -Tacitus
- Reply
- Quote
Tuesday, November 03, 2009 1:09 AMCitizenRon

0
Sign In to Vote
Let's leave those errors alone for now as they may be misleading.
2009-11-02 17:06:25:250 1072 12b8 Agent * Target group: (Unassigned Computers)
Do you have any updates assigned to the "Unassigned Computers" group in the WSUS Console? How are you managing your computer groups on the domain computers? If you're using "Client-Side Targeting" in your Group Policy for the domain computers, you'll have to enable that on your standalone machines as well. Here's the registry keys for that:
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroupEnabled REG_DWORD 0x00000001 (1)
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroup REG_SZ <name of group>
Regardless of the errors, from the WindowsUpdate.log it looks like your WSUS Client may be working correctly and just not finding any updates since "WARNING" messages aren't always critical. If there ARE updates assigned to "Unassigned Computers" then you'll need to find out why the WSUS Client is not seeing them as it can now obviously see and talk to the WSUS Server:

2009-11-02 17:14:44:687 1072 954 Report Uploading 3 events using cached cookie, reporting URL = http://sw100420/ReportingWebService/ReportingWebService.asmx
2009-11-02 17:14:44:703 1072 954 Report Reporter successfully uploaded 3 events .
- Edited byCitizenRon Tuesday, November 03, 2009 1:10 AMfixed formatting errors
- Reply
- Quote
Tuesday, November 03, 2009 2:48 PMR Pepper

0
Sign In to Vote
I am not using 'Client Side Targeting' on the DMZ infrastructure due to it being small and everchanging. With only approx. 60 servers in it and the way patches get applied at different maintenance windows I am managing from the console using multiple groups. I do not have any patches approved in the 'Unassigned Computers' but it is reporting to the console now and showing what is needed. The client servers have the latest Windows Update Agent on them. I will continue with the rollout to the standalone boxes and see if I have any more issues. The error still remains on the client diag tool, but they are working.
R. Pepper___ In Valor there is Hope -Tacitus
- Reply
- Quote
Tuesday, November 03, 2009 4:55 PMCitizenRon

0
Sign In to Vote
It sounds like things are progressing then. I was able to find a blog post describing a workaround for the errors you're having if you want to try it out.

http://blogs.technet.com/emeasetup/archive/2009/03/17/eehndlr-warning-failed-to-populate-servicestartup-entries-in-cache-error-0x80070002.aspx
- Marked As Answer byLawrence GarvinMVP, ModeratorWednesday, November 04, 2009 2:48 PM
- Reply
- Quote
Wednesday, November 04, 2009 2:48 PMLawrence GarvinMVP, Moderator

0
Sign In to Vote

                WUServer = http://sw100420
                WUStatusServer = http://sw100420
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
GetAUSettingsRegistry(false, TEXT("SusServerVersion"), &dwSusVersion) failed wit
h hr=0x80070002

0x80070002 -2147024894 ERROR_FILE_NOT_FOUND The System cannot find the file specified

This is a failed attempt to read a registry value from the local machine

Thanks to CitizenRon for finding the blog post from March, 2009, on the EMEA Core Team technet blog that specifically addresses the cause and resolution of this particular error code. In the interest of getting it into mainstream forum content, I'm reposting the relevant sections here, edited for subject and tense:

======================================
Cause:
When the Windows Update service starts up, the WUAgent looks to see whether there’s a registry key named
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\ServiceStartup.

If that key doesn’t exist, then everything is fine, and there’s nothing to copy.

If that key does exist, the WUAgent looks to see whether it contains any keys.

- If it doesn’t, then everything is fine, and there’s nothing to copy.
- If it does, then the WUAgent expects each of those keys to contain two string values, one named CacheFile and one named TargetFile.

Then:

- If a given key contains the CacheFile and TargetFile values as expected, then the WUAgent uses those values to determine what file copy operations needs to be done.
- If a given key is missing, either the CacheFile or the TargetFile key or both, then the WUAgent throws the 0x80070002 error.

So this is only a problem if there actually has been a self-update, and the WUAgent actually does need to copy some files and can’t because a key has somehow gotten created in the ServiceStartup key that does not contain the CacheFile and TargetFile values we’re looking for.

Resolution:

If you delete the ServiceStartup key, [or the defective subkey which is missing the two required values,] you should see the 0x80070002 warnings go away, with no effect on the system’s operation.
======================================

Apparently this is problematic on x64 machines, where a WOW64 subkey is created lacking the requisite values.
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com
- Reply
- Quote