locked
Server not conecting to WSUS server RRS feed

  • Question

  • Hi all,

    I am working for a Company which tries to use WSUS to update servers and client computers.

    Some servers are not appearing in WSUS console.

    I have looked in to Windowsupdate.log but I am not able to see any error.

    I paste a connection log at the end of the post and hope anyone can tell me whats wrong.

    Thank you very much 

    David

    

    2017-07-26         11:34:20:107      976        1e70      Misc      ===========  Logging initialized (build: 7.9.9600.18696, tz: +0200)  ===========

    2017-07-26         11:34:20:107      976        1e70      Misc        = Process: C:\Windows\system32\svchost.exe

    2017-07-26         11:34:20:107      976        1e70      Misc        = Module: c:\windows\system32\wuaueng.dll

    2017-07-26         11:34:20:107      976        1e70      Service *************

    2017-07-26         11:34:20:107      976        1e70      Service ** START **  Service: Service startup

    2017-07-26         11:34:20:107      976        1e70      Service *********

    2017-07-26         11:34:20:107      976        1e70      IdleTmr                Non-AoAc machine.  Aoac operations will be ignored.

    2017-07-26         11:34:20:107      976        1e70      Agent     * WU client version 7.9.9600.18696

    2017-07-26         11:34:20:107      976        1e70      Agent   WARNING: SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.

    2017-07-26         11:34:20:107      976        1e70      Agent     * Base directory: C:\Windows\SoftwareDistribution

    2017-07-26         11:34:20:107      976        1e70      Agent     * Access type: No proxy

    2017-07-26         11:34:20:107      976        1e70      Service UpdateNetworkState Ipv6, cNetworkInterfaces = 0.

    2017-07-26         11:34:20:107      976        1e70      Service UpdateNetworkState Ipv4, cNetworkInterfaces = 1.

    2017-07-26         11:34:20:107      976        1e70      Agent     * Network state: Connected

    2017-07-26         11:34:20:107      976        1e70      Service UpdateNetworkState Ipv6, cNetworkInterfaces = 0.

    2017-07-26         11:34:20:107      976        1e70      Service UpdateNetworkState Ipv4, cNetworkInterfaces = 1.

    2017-07-26         11:34:20:123      976        1e70      Agent   ***********  Agent: Initializing global settings cache  ***********

    2017-07-26         11:34:20:123      976        1e70      Agent     * Endpoint Provider: 00000000-0000-0000-0000-000000000000

    2017-07-26         11:34:20:123      976        1e70      Agent     * WSUS server: http://tpfewsus

    2017-07-26         11:34:20:123      976        1e70      Agent     * WSUS status server: http://tpfewsus

    2017-07-26         11:34:20:123      976        1e70      Agent     * Target group: (Unassigned Computers)

    2017-07-26         11:34:20:123      976        1e70      Agent     * Windows Update access disabled: No

    2017-07-26         11:34:20:123      976        1e70      Misc      WARNING: Network Cost is assumed to be not supported as something failed with trying to get handles to wcmapi.dll

    2017-07-26         11:34:20:138      976        1e70      WuTask               WuTaskManager delay initialize completed successfully..

    2017-07-26         11:34:20:138      976        1e70      AU             Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2017-07-26 12:22:52, not idle-only, not network-only

    2017-07-26         11:34:20:138      976        1e70      AU             Timer: 143FB093-8AA1-4DBC-A582-8806F8F4C1F7, Expires 2017-07-26 20:18:56, not idle-only, not network-only

    2017-07-26         11:34:20:138      976        1e70      AU             Timer: CF1ABEC6-7887-4964-BB93-B2E21B31CEC1, Expires 2017-07-27 06:10:51, not idle-only, not network-only

    2017-07-26         11:34:20:138      976        1e70      AU             Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2017-07-27 06:10:51, not idle-only, not network-only

    2017-07-26         11:34:20:138      976        1e70      Report  WARNING: CSerializationHelper:: InitSerialize failed : 0x80070002

    2017-07-26         11:34:20:138      976        1e70      Report  CWERReporter::Init succeeded

    2017-07-26         11:34:20:138      976        1e70      Agent   ***********  Agent: Initializing Windows Update Agent  ***********

    2017-07-26         11:34:20:138      976        1e70      DnldMgr              Download manager restoring 0 downloads

    2017-07-26         11:34:20:138      976        1e70      AU         ###########  AU: Initializing Automatic Updates  ###########

    2017-07-26         11:34:20:138      976        1e70      AU         AIR Mode is disabled

    2017-07-26         11:34:20:138      976        1e70      AU           # Policy Driven Provider: http://tpfewsus

    2017-07-26         11:34:20:138      976        1e70      AU           # Detection frequency: 22

    2017-07-26         11:34:20:138      976        1e70      AU           # Approval type: Pre-install notify (User preference)

    2017-07-26         11:34:20:138      976        1e70      AU           # Auto-install minor updates: No (User preference)

    2017-07-26         11:34:20:138      976        1e70      AU           # Will interact with non-admins (Non-admins are elevated (User preference))

    2017-07-26         11:34:20:138      976        1e70      AU         WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037

    2017-07-26         11:34:20:138      976        1e70      AU         WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

    2017-07-26         11:34:20:154      976        1e70      AU         AU finished delayed initialization

    2017-07-26         11:34:20:154      976        1e70      AU         Currently AUX is enabled - so not show any WU Upgrade notifications.

    2017-07-26         11:34:20:154      976        1e70      AU         WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

    2017-07-26         11:34:20:154      976        1e70      AU         WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

    2017-07-26         11:34:20:154      976        1e70      AU         Adding timer:

    2017-07-26         11:34:20:154      976        1e70      AU             Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2017-07-26 12:22:52, not idle-only, not network-only

    2017-07-26         11:34:21:310      976        1504      DnldMgr              Asking handlers to reconcile their sandboxes

     

     

     

    Wednesday, July 26, 2017 9:51 AM

All replies

  • Hi,

    how do you apply WSUS settings on this server? your log does not show wsus server port "WSUS server: http://tpfewsus".

    can you check if WSUS settings have been applied correctly?

    Thanks

    Wednesday, July 26, 2017 10:17 AM
  • Hi Manoj,

    Thank you for your answer. 

    WSUS settings are applied as long as it is user logging in server belongs to OU where GPO is applied. For other Servers in the same OU it has worked.

    WSUS server is configured in http port and it's working for other servers, so I guess settings are ok.

    Thank you

    Best regards

    David


    Wednesday, July 26, 2017 11:56 AM
  • Hello David,

    Please follow below troubleshooting steps, one at a time. Not sure if you have already tried.

    1) Stop Windows update Service, delete Software Distribution folder in C:\Windows and start Windows update service

    2) Download latest Windows Update client from below URL
    https://support.microsoft.com/en-gb/kb/949104   Install latest Windows update client and try to install update again.

    Wednesday, July 26, 2017 7:43 PM
  • Hi,

    Solution A:

    0) Be sure you are in the right OU with the correct Wsus GPO (GPRESULT /R | MORE)

    1) At the command prompt: net stop wuauserv

    2) At the command prompt: del %windir%\softwaredistribution

    3) At the command prompt: net start wuauserv

    4) At the command prompt: gpupdate /force

    5) At the command prompt: wuauclt /resetauthorization /detectnow 

    If the solution A didn’t work you must do these command: 

    0) Be sure you are in the right OU with the correct Wsus GPO (GPRESULT /R | MORE)

    1) At the command prompt: net stop wuauserv

    2) At the command prompt: del %windir%\softwaredistribution

    3) Use the Regedit to delete the entry below: HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate 

    4) At the command prompt: net start wuauserv 

    Remarks:

    All commands have to be launched as admin

    Client should not take more than 10 minutes to reappear 

    Hope it helps

    Wednesday, July 26, 2017 8:13 PM
  • Hi,

    I have tried both solutions and servers still not appear on WSUS server.

    I have also tried to download and install latest Windows update version, but didn't work neither.

    I am thinking GPOs might not be configured properly, I am not sure. Is there anyway to get the settings GPOs do in these servers? I mean from the server side, because I have no Access to DCs or GPOs settings.

    Is there any other thing I could try?

    Thank you very much.

    Regards,

    David.

    Thursday, July 27, 2017 10:08 AM
  • Hi David, are you able to share all the registry keys for below from your client that has issue? 

    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate

    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU

    Thursday, July 27, 2017 11:25 AM
  • Hi Manoj,

    Yes, of course, you can find it at botton of the post.

    Thank you

    regards

    David.

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate]
    "LastTaskOperationHandle"=dword:00000007

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Power]
    "Firmware-Final"=dword:0000001e
    "OfferInstallAtShutdown-Final"=dword:00000028
    "ContinueInstallAtShutdown-Final"=dword:0000000a
    "FirmwareForcedInstall-Final"=dword:00000023

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\UAS]
    "UpdateCount"=dword:00000000

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting]
    "SamplingValue2"=dword:000002ad

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache.v2]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache.v2\Legacy]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\RebootWatch]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending]
    "ValidatedPreWsus3RegistrationRequests"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup]
    "SelfUpdateStatus"=dword:00000000
    "SelfupdateUnmanaged"=dword:00000000

    Thursday, July 27, 2017 11:40 AM
  • You can get your settings doing rsop command.

    Runas admin cmd prompt and type : rsop

    You will get the GPO settings.

    Thursday, July 27, 2017 3:09 PM
  • Hi,

    Thank you for your answers,

    I made a change to GPOs, something wasn't fine, and 3 new servers appear now in the WSUS console, but anyway there are still some other servers that are not appearing.

    Any further idea?

    Thank you

    regards,

    David.

    Friday, July 28, 2017 11:35 AM
  • Were these server's cloned? You may have duplicate SusClientId's. On the affected servers run this:

    net stop bits
    net stop wuauserv
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
    rd /s /q "%WinDir%\SoftwareDistribution"
    net start bits
    net start wuauserv
    wuauclt /resetauthorization /detectnow


    My cleanup script may also fix your issues as it runs the proper maintenance for WSUS.

    Have a peek at my Adamj Clean-WSUS script. It is the last WSUS Script you will ever need.

    http://community.spiceworks.com/scripts/show/2998-adamj-clean-wsus

    What it does:

    1. Remove all Drivers from the WSUS Database.
    2. Shrink your WSUSContent folder's size by declining superseded updates.
    3. Remove declined updates from the WSUS Database.
    4. Clean out all the synchronization logs that have built up over time (configurable, with the default keeping the last 14 days of logs).
    5. Compress Update Revisions.
    6. Remove Obsolete Updates.
    7. Computer Object Cleanup (configurable, with the default of deleting computer objects that have not synced within 30 days).
    8. Application Pool Memory Configuration to display the current private memory limit and easily increase it by any configurable amount.
    9. Run the Recommended SQL database Maintenance script on the actual SQL database.
    10. Run the Server Cleanup Wizard.

    It will email the report out to you or save it to a file, or both.

    Although the script is lengthy, it has been made to be super easy to setup and use. There are some prerequisites and instructions at the top of the script. After installing the prerequisites and configuring the variables for your environment, simply run:

    .\Clean-WSUS.ps1 -FirstRun

    and then

    .\Clean-WSUS.ps1 -InstallTask

    If you wish to view or increase the Application Pool Memory Configuration, you must run it with the required switch. See Get-Help .\Clean-WSUS.ps1 -Examples

    If you're having trouble, there's also a -HelpMe option that will create a log so you can send it to me for support.


    Adam Marshall, MCSE: Security
    http://www.adamj.org

    Saturday, July 29, 2017 3:12 AM
  • it is registry setting on client computer that point to WSUS server. The registry that you posted does not seem to be correct? Can you compare the registry setting from work client?

    Registry paths in my previous post.

    • Proposed as answer by Yan Li_ Tuesday, August 1, 2017 5:59 AM
    Monday, July 31, 2017 1:53 PM
  • Hello,

    You may run gpresult /z command to get your group policy settings applied to check whether proper GPO and settings are applied. 

    Regards,

    Yan 


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 1, 2017 6:02 AM