locked
Clients not detecting Updates from WSUS RRS feed

  • Question

  • Hi,

    I am aware that there are multiple previous threads addressing the same issue. But as of now none of the solution suggested on those threads have fixed my issue.

    Description of the problem: We have few newly built servers with no previous updates except the self updates. The servers are reporting to WSUS (via Group policy) well and shows that number of updates are pending to be installed.

    I have put this servers in a new group and have approved some patches on them but none of the server gets the updates. The log doesn't show any error code and says:

    2016-04-28 11:33:52:359 332 a38 Agent  * Found 0 updates and 75 categories in search; evaluated appl. rules of 849 out of 1073 deployed entities

    2016-04-28 10:35:57:089 332 91c AU  # 0 updates detected

    Resolution steps taken so far

    1. Stop the "Windows Updates" service
    2. Rename the \Windows\SoftwareDistribution folder
    3. Restart the "Windows Updates" service
    4. Open a Command Prompt and enter wuauclt /resetauthorization followed by wuauclt /detectnow

    Re-registered the below dll's (since it was mentioned in some post)

    regsvr32 c:\windows\system32\vbscript.dll
    regsvr32 c:\windows\system32\mshtml.dll
    regsvr32 c:\windows\system32\msjava.dll
    regsvr32 c:\windows\system32\jscript.dll
    regsvr32 c:\windows\system32\msxml.dll
    regsvr32 c:\windows\system32\actxprxy.dll
    regsvr32 c:\windows\system32\shdocvw.dll

    There were no improvements even after the above steps were performed.

    Any ideas? really stuck here :(

    Thanks in advance,


     

    Thursday, April 28, 2016 7:29 AM

Answers

  • Hi Curious_Techie,

    1. Manually check for update online to verify if the clients could detect updates from Internet.

    2. Is the WSUS server new build, if not, what about other clients, could they update from WSUS server successfully. If the WSUS server is in use for a long time, then run Server Cleanup Wizard on the WSUS server and reindex WSUS database to maintain the WSUS server:

    Reindex the WSUS Database

    https://technet.microsoft.com/en-us/library/dd939795%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    3. >The servers are reporting to WSUS (via Group policy) well and shows that number of updates are pending to be installed.

    When is the last report date, is it recent?

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, April 28, 2016 9:37 AM
  • I have put this servers in a new group and have approved some patches on them but none of the server gets the updates. The log doesn't show any error code and says:

    2016-04-28 11:33:52:359 332 a38 Agent  * Found 0 updates and 75 categories in search; evaluated appl. rules of 849 out of 1073 deployed entities

    2016-04-28 10:35:57:089 332 91c AU  # 0 updates detected

    Is the new group done via server-side targeting or via client-side-targeting? If client-side, verify the client-side group name exactly matches the WSUS group name in the console.

    "0 updates detected" can occur if there are no applicable/approvals for the client/group, or, if there is a missing pre-requisite which blocks further update applicability eg KB2919355 https://support.microsoft.com/en-au/kb/2919355

    Important
    All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require this update to be installed. We recommend that you install this update on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer in order to receive continued future updates.


    Don [doesn't work for MSFT, and they're probably glad about that ;]


    • Edited by DonPick Thursday, April 28, 2016 10:06 AM
    • Marked as answer by Curious_Techie Monday, May 2, 2016 3:07 AM
    Thursday, April 28, 2016 10:04 AM
  • Guys, sorry about the late comeback. Truly appreciate your responses.

    The solution of this problem turned out to be rather silly, but an interesting one.

    While doing checks I noticed that wsusservice.exe was in a stopped state in the server. After I started it the updates were detected by the servers in a short span of time. So basically this small overlook on my part caused a delay in the resolution of the issue. However in my defence I must say that I encountered No error while approving the patches or any other abnormalities in the console with the wsusservice.exe in a stopped state, hence it never came to my mind that the issue can be in the server end, my focus became restricted to client end.

    @DonPick: Thank you for bringing up the point of getting the WSUS server updated with the latest patches, this will be of great use to me because the server is a new built and the updates are necessary.

    Once again, thanks Anne and Don for helping me out on this :)

    Best Regards,

    Monday, May 2, 2016 3:07 AM

All replies

  • Hi Curious_Techie,

    1. Manually check for update online to verify if the clients could detect updates from Internet.

    2. Is the WSUS server new build, if not, what about other clients, could they update from WSUS server successfully. If the WSUS server is in use for a long time, then run Server Cleanup Wizard on the WSUS server and reindex WSUS database to maintain the WSUS server:

    Reindex the WSUS Database

    https://technet.microsoft.com/en-us/library/dd939795%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    3. >The servers are reporting to WSUS (via Group policy) well and shows that number of updates are pending to be installed.

    When is the last report date, is it recent?

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, April 28, 2016 9:37 AM
  • Hi Anne,

    Thank you for your input.

    Please find my response

    1. Since the client machines are production servers, internet is disabled on them so I cannot check if the clients can detect updates from internet.

    2. The WSUS server is a new build, we are trying to push updates to some newly build test servers before we approve them on production. It is these test servers which are not detecting the updates.

    3. The last report date is as recent as today.

    Any other suggestions please?

    Regards,

    Thursday, April 28, 2016 9:52 AM
  • Your newly built servers are which Windows OS? WS2012R2 ?
    The newly built WSUS is which Windows OS? WS2012R2 ?

    Did the newly build "clients" perform self-update via your newly built WSUS ?

    Is the newly built WSUS updated with the latest WSUS updates itself eg KB2938066 ?


    Don [doesn't work for MSFT, and they're probably glad about that ;]

    Thursday, April 28, 2016 10:00 AM
  • I have put this servers in a new group and have approved some patches on them but none of the server gets the updates. The log doesn't show any error code and says:

    2016-04-28 11:33:52:359 332 a38 Agent  * Found 0 updates and 75 categories in search; evaluated appl. rules of 849 out of 1073 deployed entities

    2016-04-28 10:35:57:089 332 91c AU  # 0 updates detected

    Is the new group done via server-side targeting or via client-side-targeting? If client-side, verify the client-side group name exactly matches the WSUS group name in the console.

    "0 updates detected" can occur if there are no applicable/approvals for the client/group, or, if there is a missing pre-requisite which blocks further update applicability eg KB2919355 https://support.microsoft.com/en-au/kb/2919355

    Important
    All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require this update to be installed. We recommend that you install this update on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer in order to receive continued future updates.


    Don [doesn't work for MSFT, and they're probably glad about that ;]


    • Edited by DonPick Thursday, April 28, 2016 10:06 AM
    • Marked as answer by Curious_Techie Monday, May 2, 2016 3:07 AM
    Thursday, April 28, 2016 10:04 AM
  • Guys, sorry about the late comeback. Truly appreciate your responses.

    The solution of this problem turned out to be rather silly, but an interesting one.

    While doing checks I noticed that wsusservice.exe was in a stopped state in the server. After I started it the updates were detected by the servers in a short span of time. So basically this small overlook on my part caused a delay in the resolution of the issue. However in my defence I must say that I encountered No error while approving the patches or any other abnormalities in the console with the wsusservice.exe in a stopped state, hence it never came to my mind that the issue can be in the server end, my focus became restricted to client end.

    @DonPick: Thank you for bringing up the point of getting the WSUS server updated with the latest patches, this will be of great use to me because the server is a new built and the updates are necessary.

    Once again, thanks Anne and Don for helping me out on this :)

    Best Regards,

    Monday, May 2, 2016 3:07 AM