none
Computers are not reporting to WSUS

    Question

  • Hi all,

    I have a WSUS Server (2008 R2 std x64) looking after around 1000 machines.  The client computers all appear to receive updates successfully, but WSUS tells me that most of them haven't reported status for over 2 months.  The machines failing to report are all Server 2008, 2012 or Win 7 enterprise (all mix of x86 and x64 on physical and virtual machines)

    I have flushed out the windows log file and run wuauclt /resetauthorization /detectnow.  The log file from this client is shown below.. any ideas?? 

    Troubleshooting I've tried:

    Solarwinds WSUS Diagnostics program - reported "Error: Forbidden" on WSUS Server Connectivity - Content (Incorrect proxy client configuration - use settings tab to test proxy configuration settings; may also be caused by misconfigured SSL implementation or access rights on WSUS server).  WSUS doesnt go through proxy and no SSL is in use on these servers.

    http://sccm-dp1/selfupdate/AU/x86/NetServer/EN/wuaucomp.cab connects fine and prompts for a file download

    http://sccm-dp1/iuident.cab connects fine and prompts for a file download

    Thanks in advance.  Ben

    2013-03-14    11:23:01:974     796    510    Misc    ===========  Logging initialized (build: 7.6.7600.256, tz: -0000)  ===========
    2013-03-14    11:23:01:974     796    510    Misc      = Process: C:\Windows\system32\svchost.exe
    2013-03-14    11:23:01:974     796    510    Misc      = Module: c:\windows\system32\wuaueng.dll
    2013-03-14    11:23:01:974     796    510    Service    *************
    2013-03-14    11:23:01:974     796    510    Service    ** START **  Service: Service startup
    2013-03-14    11:23:01:974     796    510    Service    *********
    2013-03-14    11:23:01:974     796    510    Agent      * WU client version 7.6.7600.256
    2013-03-14    11:23:01:974     796    510    Agent      * Base directory: C:\Windows\SoftwareDistribution
    2013-03-14    11:23:01:974     796    510    Agent      * Access type: No proxy
    2013-03-14    11:23:01:974     796    510    Agent      * Network state: Connected
    2013-03-14    11:23:11:942     796    1698    Report    CWERReporter::Init succeeded
    2013-03-14    11:23:11:942     796    1698    Agent    ***********  Agent: Initializing Windows Update Agent  ***********
    2013-03-14    11:23:11:942     796    1698    Agent    ***********  Agent: Initializing global settings cache  ***********
    2013-03-14    11:23:11:942     796    1698    Agent      * WSUS server: http://sccm-dp1.domain.com:8530
    2013-03-14    11:23:11:942     796    1698    Agent      * WSUS status server: http://sccm-dp1.domain.com:8530
    2013-03-14    11:23:11:942     796    1698    Agent      * Target group: Servers
    2013-03-14    11:23:11:942     796    1698    Agent      * Windows Update access disabled: No
    2013-03-14    11:23:11:942     796    1698    DnldMgr    Download manager restoring 0 downloads
    2013-03-14    11:23:12:005     796    510    Report    ***********  Report: Initializing static reporting data  ***********
    2013-03-14    11:23:12:005     796    510    Report      * OS Version = 6.1.7601.1.0.196880
    2013-03-14    11:23:12:005     796    510    Report      * OS Product Type = 0x00000007
    2013-03-14    11:23:12:005     796    510    Report      * Computer Brand = VMware, Inc.
    2013-03-14    11:23:12:005     796    510    Report      * Computer Model = VMware Virtual Platform
    2013-03-14    11:23:12:005     796    510    Report      * Bios Revision = 6.00
    2013-03-14    11:23:12:005     796    510    Report      * Bios Name = PhoenixBIOS 4.0 Release 6.0     
    2013-03-14    11:23:12:005     796    510    Report      * Bios Release Date = 2009-03-19T00:00:00
    2013-03-14    11:23:12:005     796    510    Report      * Locale ID = 2057
    2013-03-14    11:23:17:021     796    1574    Report    CWERReporter finishing event handling. (00000000)
    2013-03-14    11:23:29:146     796    510    AU    AU initiates service shutdown
    2013-03-14    11:23:29:146     796    510    AU    ###########  AU: Uninitializing Automatic Updates  ###########
    2013-03-14    11:23:29:146     796    510    Report    CWERReporter finishing event handling. (00000000)
    2013-03-14    11:23:29:192     796    510    Service    *********
    2013-03-14    11:23:29:192     796    510    Service    **  END  **  Service: Service exit [Exit code = 0x240001]
    2013-03-14    11:23:29:192     796    510    Service    *************
    2013-03-14    11:25:34:515     796    14e0    Misc    ===========  Logging initialized (build: 7.6.7600.256, tz: -0000)  ===========
    2013-03-14    11:25:34:515     796    14e0    Misc      = Process: C:\Windows\system32\svchost.exe
    2013-03-14    11:25:34:515     796    14e0    Misc      = Module: c:\windows\system32\wuaueng.dll
    2013-03-14    11:25:34:515     796    14e0    Service    *************
    2013-03-14    11:25:34:515     796    14e0    Service    ** START **  Service: Service startup
    2013-03-14    11:25:34:515     796    14e0    Service    *********
    2013-03-14    11:25:34:562     796    14e0    Agent      * WU client version 7.6.7600.256
    2013-03-14    11:25:34:562     796    14e0    Agent      * Base directory: C:\Windows\SoftwareDistribution
    2013-03-14    11:25:34:562     796    14e0    Agent      * Access type: No proxy
    2013-03-14    11:25:34:562     796    14e0    Agent      * Network state: Connected
    2013-03-14    11:25:35:687     796    1230    Report    CWERReporter::Init succeeded
    2013-03-14    11:25:35:687     796    1230    Agent    ***********  Agent: Initializing Windows Update Agent  ***********
    2013-03-14    11:25:35:687     796    1230    Agent    ***********  Agent: Initializing global settings cache  ***********
    2013-03-14    11:25:35:687     796    1230    Agent      * WSUS server: http://sccm-dp1.domain.com:8530
    2013-03-14    11:25:35:687     796    1230    Agent      * WSUS status server: http://sccm-dp1.domain.com:8530
    2013-03-14    11:25:35:687     796    1230    Agent      * Target group: Servers
    2013-03-14    11:25:35:687     796    1230    Agent      * Windows Update access disabled: No
    2013-03-14    11:25:35:687     796    1230    DnldMgr    Download manager restoring 0 downloads
    2013-03-14    11:25:36:312     796    14e0    Report    ***********  Report: Initializing static reporting data  ***********
    2013-03-14    11:25:36:312     796    14e0    Report      * OS Version = 6.1.7601.1.0.196880
    2013-03-14    11:25:36:312     796    14e0    Report      * OS Product Type = 0x00000007
    2013-03-14    11:25:36:343     796    14e0    Report      * Computer Brand = VMware, Inc.
    2013-03-14    11:25:36:343     796    14e0    Report      * Computer Model = VMware Virtual Platform
    2013-03-14    11:25:36:359     796    14e0    Report      * Bios Revision = 6.00
    2013-03-14    11:25:36:359     796    14e0    Report      * Bios Name = PhoenixBIOS 4.0 Release 6.0     
    2013-03-14    11:25:36:359     796    14e0    Report      * Bios Release Date = 2009-03-19T00:00:00
    2013-03-14    11:25:36:359     796    14e0    Report      * Locale ID = 2057
    2013-03-14    11:25:41:374     796    155c    Report    CWERReporter finishing event handling. (00000000)
    2013-03-14    11:26:08:640     796    1230    AU    ###########  AU: Initializing Automatic Updates  ###########
    2013-03-14    11:26:08:640     796    1230    AU      # WSUS server: http://sccm-dp1.domain.com:8530
    2013-03-14    11:26:08:640     796    1230    AU      # Detection frequency: 22
    2013-03-14    11:26:08:640     796    1230    AU      # Target group: Servers
    2013-03-14    11:26:08:640     796    1230    AU      # Approval type: Scheduled (Policy)
    2013-03-14    11:26:08:640     796    1230    AU      # Scheduled install day/time: Every day at 4:00
    2013-03-14    11:26:08:640     796    1230    AU      # Auto-install minor updates: Yes (Policy)
    2013-03-14    11:26:08:640     796    1230    AU      # Will interact with non-admins (Non-admins are elevated (User preference))
    2013-03-14    11:26:08:765     796    1230    AU    Setting AU scheduled install time to 2013-03-15 04:00:00
    2013-03-14    11:26:08:765     796    1230    AU    Successfully wrote event for AU health state:0
    2013-03-14    11:26:08:765     796    1230    AU    Initializing featured updates
    2013-03-14    11:26:08:765     796    1230    AU    Found 0 cached featured updates
    2013-03-14    11:26:08:765     796    1230    AU    Successfully wrote event for AU health state:0
    2013-03-14    11:26:08:765     796    1230    AU    Successfully wrote event for AU health state:0
    2013-03-14    11:26:08:765     796    1230    AU    AU finished delayed initialization
    2013-03-14    11:26:08:765     796    1230    AU    Triggering AU detection through DetectNow API
    2013-03-14    11:26:08:765     796    1230    AU    Triggering Online detection (non-interactive)
    2013-03-14    11:26:08:765     796    14e0    AU    #############
    2013-03-14    11:26:08:765     796    14e0    AU    ## START ##  AU: Search for updates
    2013-03-14    11:26:08:765     796    14e0    AU    #########
    2013-03-14    11:26:08:780     796    14e0    AU    <<## SUBMITTED ## AU: Search for updates [CallId = {0B2A3F8E-AD03-4F02-AB65-A034D12C5FBD}]
    2013-03-14    11:26:08:780     796    155c    Agent    *************
    2013-03-14    11:26:08:780     796    155c    Agent    ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2013-03-14    11:26:08:780     796    155c    Agent    *********
    2013-03-14    11:26:08:780     796    155c    Agent      * Online = Yes; Ignore download priority = No
    2013-03-14    11:26:08:780     796    155c    Agent      * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
    2013-03-14    11:26:08:780     796    155c    Agent      * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
    2013-03-14    11:26:08:780     796    155c    Agent      * Search Scope = {Machine}
    2013-03-14    11:26:08:780     796    155c    Setup    Checking for agent SelfUpdate
    2013-03-14    11:26:08:780     796    155c    Setup    Client version: Core: 7.6.7600.256  Aux: 7.6.7600.256
    2013-03-14    11:26:08:780     796    155c    Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
    2013-03-14    11:26:08:843     796    155c    Misc     Microsoft signed: Yes
    2013-03-14    11:26:08:874     796    155c    Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
    2013-03-14    11:26:08:874     796    155c    Misc     Microsoft signed: Yes
    2013-03-14    11:26:08:905     796    155c    Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
    2013-03-14    11:26:08:921     796    155c    Misc     Microsoft signed: Yes
    2013-03-14    11:26:08:921     796    155c    Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
    2013-03-14    11:26:08:937     796    155c    Misc     Microsoft signed: Yes
    2013-03-14    11:26:08:999     796    155c    Setup    Determining whether a new setup handler needs to be downloaded
    2013-03-14    11:26:08:999     796    155c    Setup    SelfUpdate handler is not found.  It will be downloaded
    2013-03-14    11:26:08:999     796    155c    Setup    Evaluating applicability of setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256"
    2013-03-14    11:26:09:015     796    155c    Setup    Setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
    2013-03-14    11:26:09:015     796    155c    Setup    Evaluating applicability of setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
    2013-03-14    11:26:09:030     796    155c    Setup    Setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
    2013-03-14    11:26:09:030     796    155c    Setup    Evaluating applicability of setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
    2013-03-14    11:26:09:077     796    155c    Setup    Setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
    2013-03-14    11:26:09:077     796    155c    Setup    SelfUpdate check completed.  SelfUpdate is NOT required.
    2013-03-14    11:26:17:202     796    155c    PT    +++++++++++  PT: Synchronizing server updates  +++++++++++
    2013-03-14    11:26:17:202     796    155c    PT      + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://sccm-dp1.domain.com:8530/ClientWebService/client.asmx
    2013-03-14    11:26:17:234     796    155c    PT    Initializing simple targeting cookie, clientId = 34b0dadd-92c0-40dc-921d-89251f2560c1, target group = Servers, DNS name = cletus.loucoll.ac.uk
    2013-03-14    11:26:17:234     796    155c    PT      Server URL = http://sccm-dp1.domain.com:8530/SimpleAuthWebService/SimpleAuth.asmx
    2013-03-14    11:26:25:171     796    155c    PT    +++++++++++  PT: Synchronizing extended update info  +++++++++++
    2013-03-14    11:26:25:171     796    155c    PT      + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://sccm-dp1.domain.com:8530/ClientWebService/client.asmx
    2013-03-14    11:26:26:827     796    155c    Agent      * Found 0 updates and 67 categories in search; evaluated appl. rules of 748 out of 1053 deployed entities
    2013-03-14    11:26:26:937     796    155c    Agent    *********
    2013-03-14    11:26:26:937     796    155c    Agent    **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2013-03-14    11:26:26:937     796    155c    Agent    *************
    2013-03-14    11:26:26:999     796    155c    Report    CWERReporter finishing event handling. (00000000)
    2013-03-14    11:26:26:999     796    1624    AU    >>##  RESUMED  ## AU: Search for updates [CallId = {0B2A3F8E-AD03-4F02-AB65-A034D12C5FBD}]
    2013-03-14    11:26:26:999     796    1624    AU      # 0 updates detected
    2013-03-14    11:26:26:999     796    1624    AU    #########
    2013-03-14    11:26:26:999     796    1624    AU    ##  END  ##  AU: Search for updates [CallId = {0B2A3F8E-AD03-4F02-AB65-A034D12C5FBD}]
    2013-03-14    11:26:26:999     796    1624    AU    #############
    2013-03-14    11:26:26:999     796    1624    AU    Successfully wrote event for AU health state:0
    2013-03-14    11:26:26:999     796    1624    AU    Featured notifications is disabled.
    2013-03-14    11:26:26:999     796    1624    AU    AU setting next detection timeout to 2013-03-15 06:23:29
    2013-03-14    11:26:26:999     796    1624    AU    Setting AU scheduled install time to 2013-03-15 04:00:00
    2013-03-14    11:26:26:999     796    1624    AU    Successfully wrote event for AU health state:0
    2013-03-14    11:26:26:999     796    1624    AU    Successfully wrote event for AU health state:0
    2013-03-14    11:26:31:937     796    155c    Report    REPORT EVENT: {18DC5EDE-B146-45E9-832B-1B29565CD1A5}    2013-03-14 11:26:26:937-0000    1    147    101    {00000000-0000-0000-0000-000000000000}    0    0    AutomaticUpdates    Success    Software Synchronization    Windows Update Client successfully detected 0 updates.
    2013-03-14    11:26:31:937     796    155c    Report    REPORT EVENT: {2763A4B0-A266-4D05-ACB3-B62F08BD8D3C}    2013-03-14 11:26:26:937-0000    1    156    101    {00000000-0000-0000-0000-000000000000}    0    0    AutomaticUpdates    Success    Pre-Deployment Check    Reporting client status.
    2013-03-14    11:26:31:937     796    155c    Report    CWERReporter finishing event handling. (00000000)
    2013-03-14    12:02:29:925     796    14e0    AU    ###########  AU: Uninitializing Automatic Updates  ###########
    2013-03-14    12:02:31:128     796    14e0    Report    CWERReporter finishing event handling. (00000000)
    2013-03-14    12:02:31:160     796    14e0    Service    *********
    2013-03-14    12:02:31:160     796    14e0    Service    **  END  **  Service: Service exit [Exit code = 0x240001]
    2013-03-14    12:02:31:160     796    14e0    Service    *************

    Thursday, March 14, 2013 12:27 PM

Answers

  • Hi Ben,

    The log file above doesn't seem to show any problems it detects 0 applicable updates; and — as you say — the clients appear to receive updates successfully.

    So the problem seems to be the reporting of the PCs to WSUS. How were your clients built? Were they based from a cloned image?

    What may be happening is that the clients all have the same WSUS ID, whereas it should be unique; I've seen it a couple of times in our environment where we cloned a VM. It can happen also if the PCs have not been sysprepped.

    The solution in our case was to reset the WSUS ID on the client, there's a script here to that http://www.paolofiorani.it/Lists/Posts/Post.aspx?ID=89

    I did a similar thing, but I had a script that I could run remotely using the psexec tool from SysInternals, I pass the target PC as a parameter to the command file.

    ResetWSUS.cmd

    psexec \\%1 net stop wuauserv
    psexec \\%1 reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f >nul 2>nul
    psexec \\%1 reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f >nul 2>nul
    psexec \\%1 REG delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIdValidation /f >nul
    psexec \\%1 REG delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f  >nul
    psexec \\%1 net start wuauserv
    psexec \\%1 wuauclt.exe /resetauthorization /detectnow


    Ian Broadbent


    Thursday, March 14, 2013 11:56 PM
  • Hi Maxim, We do not use SCCM to distribute windows updates - its just a naming coincidence which predates my time with the company.  We don't use SCCM at all (yet).

    Ian:

    Clients were imaged using WDS and were sysprep'd.  Some were also scratch built using Windows DVD's and a manual setup - all have the same problem.I have been informed the problem kicked in shortly after migrating to a new WDS Server.  I have been told that the database was moved from a local DB to a dedicated SQL server and then attached to a fresh install of WSUS.

    Also, thanks for that link.  Before running the script, i checked the registry manually.  The SusClientID's ae different, and the PingID and AccountDomainSid don't exist.

    Ben

    Hmmm... Siniy and Ian have covered all of the known scenarios that could cause the symptoms you report. Otherwise, the WindowsUpdate.log shows us a perfectly functioning client.

    Any chance that this client ==cletus.loucoll.ac.uk== is actually one that IS showing up in WSUS, and maybe we should look at the WindowsUpdate.log for one of the systems that is NOT showing up in WSUS?

    Regarding the SolarWinds Diagnostic Tool...

    SolarWinds WSUS Diagnostics program - reported "Error: Forbidden" on WSUS Server Connectivity - Content (Incorrect proxy client configuration - use settings tab to test proxy configuration settings; may also be caused by misconfigured SSL implementation or access rights on WSUS server).

    This message on a Server 2008 R2 (IIS7) WSUS Server is actually indicative that the server has the "Directory Browsing" module installed in IIS. When that module is installed, and the client issuing the GET command (in this case the DiagTool) does not have directory browsing permissions (they're blocked via NTFS ACLs), IIS returns an HTTP 403.14. However, inside the Diag Tool we did not anticipate this particular error, so we're trapping all HTTP 403 errors as proxy errors. In this case it is not a proxy error,but a normal (albeit, unanticipated) indication given the actual configuration of the server.

    If the server hosting WSUS requires Directory Browsing to be enabled, then this is just a message you'll have to accept. However, generally speaking, Directory Browsing should not be enabled, and I would recommend removing the Directory Browsing module from IIS. And then, having noted that at least one module is installed that is not required for WSUS, it begs the question of whether there are any other modules installed that are not needed.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Thursday, March 21, 2013 12:37 AM

All replies

  • Hi Ben,

    The log file above doesn't seem to show any problems it detects 0 applicable updates; and — as you say — the clients appear to receive updates successfully.

    So the problem seems to be the reporting of the PCs to WSUS. How were your clients built? Were they based from a cloned image?

    What may be happening is that the clients all have the same WSUS ID, whereas it should be unique; I've seen it a couple of times in our environment where we cloned a VM. It can happen also if the PCs have not been sysprepped.

    The solution in our case was to reset the WSUS ID on the client, there's a script here to that http://www.paolofiorani.it/Lists/Posts/Post.aspx?ID=89

    I did a similar thing, but I had a script that I could run remotely using the psexec tool from SysInternals, I pass the target PC as a parameter to the command file.

    ResetWSUS.cmd

    psexec \\%1 net stop wuauserv
    psexec \\%1 reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f >nul 2>nul
    psexec \\%1 reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f >nul 2>nul
    psexec \\%1 REG delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIdValidation /f >nul
    psexec \\%1 REG delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f  >nul
    psexec \\%1 net start wuauserv
    psexec \\%1 wuauclt.exe /resetauthorization /detectnow


    Ian Broadbent


    Thursday, March 14, 2013 11:56 PM
  • At first

    >>http://sccm-dp1/selfupdate/AU/x86/NetServer/EN/wuaucomp.cab<<

    Do you use sccm for updating your clients? If so, there is no need to use WSUS console, use SCCM console for checking clients update status, also you can run standard or create customized reports about updating clients.

    When you install SUP role, default install option - "Don't create WSUS report events", after that if you decide to use only WSUS for updating clients and remove SUP, this setting will save on your client and they won't report to WSUS server, in this case reinstall SUP with option "Create All WSUS Report events" wait until you sccm clients update policy, and then remove SUP.

    So give some clarification about your patch mechanism


    Maxim Sinel'nikov

    Friday, March 15, 2013 6:28 AM
  • Hi Maxim, We do not use SCCM to distribute windows updates - its just a naming coincidence which predates my time with the company.  We don't use SCCM at all (yet).

    Ian:

    Clients were imaged using WDS and were sysprep'd.  Some were also scratch built using Windows DVD's and a manual setup - all have the same problem.I have been informed the problem kicked in shortly after migrating to a new WDS Server.  I have been told that the database was moved from a local DB to a dedicated SQL server and then attached to a fresh install of WSUS.

    Also, thanks for that link.  Before running the script, i checked the registry manually.  The SusClientID's ae different, and the PingID and AccountDomainSid don't exist.

    Ben

    Friday, March 15, 2013 9:00 AM
  • Hi Maxim, We do not use SCCM to distribute windows updates - its just a naming coincidence which predates my time with the company.  We don't use SCCM at all (yet).

    Ian:

    Clients were imaged using WDS and were sysprep'd.  Some were also scratch built using Windows DVD's and a manual setup - all have the same problem.I have been informed the problem kicked in shortly after migrating to a new WDS Server.  I have been told that the database was moved from a local DB to a dedicated SQL server and then attached to a fresh install of WSUS.

    Also, thanks for that link.  Before running the script, i checked the registry manually.  The SusClientID's ae different, and the PingID and AccountDomainSid don't exist.

    Ben

    Hmmm... Siniy and Ian have covered all of the known scenarios that could cause the symptoms you report. Otherwise, the WindowsUpdate.log shows us a perfectly functioning client.

    Any chance that this client ==cletus.loucoll.ac.uk== is actually one that IS showing up in WSUS, and maybe we should look at the WindowsUpdate.log for one of the systems that is NOT showing up in WSUS?

    Regarding the SolarWinds Diagnostic Tool...

    SolarWinds WSUS Diagnostics program - reported "Error: Forbidden" on WSUS Server Connectivity - Content (Incorrect proxy client configuration - use settings tab to test proxy configuration settings; may also be caused by misconfigured SSL implementation or access rights on WSUS server).

    This message on a Server 2008 R2 (IIS7) WSUS Server is actually indicative that the server has the "Directory Browsing" module installed in IIS. When that module is installed, and the client issuing the GET command (in this case the DiagTool) does not have directory browsing permissions (they're blocked via NTFS ACLs), IIS returns an HTTP 403.14. However, inside the Diag Tool we did not anticipate this particular error, so we're trapping all HTTP 403 errors as proxy errors. In this case it is not a proxy error,but a normal (albeit, unanticipated) indication given the actual configuration of the server.

    If the server hosting WSUS requires Directory Browsing to be enabled, then this is just a message you'll have to accept. However, generally speaking, Directory Browsing should not be enabled, and I would recommend removing the Directory Browsing module from IIS. And then, having noted that at least one module is installed that is not required for WSUS, it begs the question of whether there are any other modules installed that are not needed.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Thursday, March 21, 2013 12:37 AM
  • I have a similar problem, with the same SolarWinds error, but directory Browsing is not enabled, nor has it ever been.
    Tuesday, July 23, 2013 12:52 PM
  • I have a similar problem, with the same SolarWinds error, but directory Browsing is not enabled, nor has it ever been.

    The message is not displayed because Directory Browsing is enabled .. in fact, it's created because it's not enabled... but the IIS7 MODULE is installed.

    Open Server Manager. Select the Roles->Web Server node.

    Scroll down to the list of Role Services.

    On the fifth line, what is the state of "Directory Browsing" .. Installed or Not installed?

    My guess is that the state is "Installed", and that's why the 403.14 is returned to the SolarWinds diagnostic tool when it tries to query the /content v-dir.

    This is actually a design defect in the Web Server role installer, which installs "Directory Browsing" by default (but should not). When you install the Web Server role, in the section "Common HTTP Features", you get "Static Content", "Default Document" "Directory Browsing" and "HTTP Errors" selected by default. The WSUS documentation fails to note that "Directory Browsing" is not required (and actually is not desirable).

    Providing that no other web applications/services installed on the server require directory browsing (very few actually do), you can Remove that role service and the SolarWinds diagnostic error will go away.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Tuesday, July 23, 2013 3:00 PM