none
WSUS Server Cleanup Wizard not removing alot of computers older than 30 days RRS feed

  • Question

  • Hi,

    My WSUS 3.0 SP2 servers are reporting xxx (100) of computers have not reported status for more than 30 days. When I go to run the WSUS Server Cleanup Wizard I am only seeing 3 or 4 computers being removed. I concede its possible I don't know some of the inner workings of WSUS. What is a good explanation as to why more computers are not being removed when this is being run? Other functions specific to WSUS Server Clean Wizard appear to be working. The other thing worth mentioning is we are presently in a XP to W7 migration and probably on average 80 computers are changing in a given week. 40 retired computers being replaced with 40 new ones. So I would like to tweak that 30 days to something else like maybe 14 days.

    Any thoughts/criticisms on this article:

    http://gallery.technet.microsoft.com/scriptcenter/fd39c7d4-05bb-4c2d-8a99-f92ca8d08218

    Thanks.



    • Edited by Briandr73 Tuesday, November 20, 2012 7:40 PM
    Tuesday, November 20, 2012 6:23 PM

Answers

  • What is a good explanation as to why more computers are not being removed when this is being run?

    The criteria for status is not that the clients "have not reported status for more than 30 days", which is an entirely different problem; but that the clients "have not contacted the server for more than 30 days".

    I would suggest that your system ARE contacting the server but they are NOT reporting, and that's a major malfunction.

    The value in the TechNet Gallery script is that you can schedule that script to run. The Server Cleanup Wizard UI in the WSUS Console is interactive and modal. Both the script, and the UI, call exactly the same methods in the WSUS API, and will produce exactly the same results.

    The 30 days cannot be changed using the UI; it can be changed via the API. This would require you to modify the script to change that particular property before executing the CleanupObsoleteComputers method.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Tuesday, November 20, 2012 11:15 PM
    Moderator
  • I began to wonder do I need KB2720211.

    Well, regardless of anything else.. YES, you need to install KB2720211. It's not really an optional update.

    2012-11-20    19:20:38:834    1112    e60    Misc    WARNING: Digital Signatures on file C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab are not trusted: Error 0x800b0001

    And that is the reason you have clients not reporting.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Wednesday, November 21, 2012 10:53 PM
    Moderator

All replies

  • What is a good explanation as to why more computers are not being removed when this is being run?

    The criteria for status is not that the clients "have not reported status for more than 30 days", which is an entirely different problem; but that the clients "have not contacted the server for more than 30 days".

    I would suggest that your system ARE contacting the server but they are NOT reporting, and that's a major malfunction.

    The value in the TechNet Gallery script is that you can schedule that script to run. The Server Cleanup Wizard UI in the WSUS Console is interactive and modal. Both the script, and the UI, call exactly the same methods in the WSUS API, and will produce exactly the same results.

    The 30 days cannot be changed using the UI; it can be changed via the API. This would require you to modify the script to change that particular property before executing the CleanupObsoleteComputers method.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Tuesday, November 20, 2012 11:15 PM
    Moderator
  • Hi,

    Thanks for replying. I do appreciate the help. I hope I am on the right track with a little help from the good folks here and my own research.I am pasting in a windowsupdate.log file from a client that appears to be having this issue. After doing a little research based upon the errors in the windowsupdate.log I began to wonder do I need KB2720211.

    http://social.technet.microsoft.com/Forums/en-US/winserverwsus/thread/289b8c58-0896-4a5e-8488-208600828608/

    Would that correct my issues? Any gotchas to watch out for when installing, if in fact I need the patch.

    2012-11-20    19:20:38:099    1112    684    AU    #############
    2012-11-20    19:20:38:099    1112    684    AU    ## START ##  AU: Search for updates
    2012-11-20    19:20:38:099    1112    684    AU    #########
    2012-11-20    19:20:38:099    1112    684    AU    <<## SUBMITTED ## AU: Search for updates [CallId = {22AE83F8-E621-486F-A490-BC67C13DB187}]
    2012-11-20    19:20:38:099    1112    e60    Agent    *************
    2012-11-20    19:20:38:099    1112    e60    Agent    ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2012-11-20    19:20:38:099    1112    e60    Agent    *********
    2012-11-20    19:20:38:099    1112    e60    Agent      * Online = Yes; Ignore download priority = No
    2012-11-20    19:20:38:099    1112    e60    Agent      * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1"
    2012-11-20    19:20:38:099    1112    e60    Agent      * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
    2012-11-20    19:20:38:099    1112    e60    Agent      * Search Scope = {Machine}
    2012-11-20    19:20:38:740    1112    e60    Misc    Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab:
    2012-11-20    19:20:38:834    1112    e60    Misc     Microsoft signed: Yes
    2012-11-20    19:20:38:834    1112    e60    Misc    WARNING: Digital Signatures on file C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab are not trusted: Error 0x800b0001
    2012-11-20    19:20:38:834    1112    e60    Setup    FATAL: IsUpdateRequired failed with error 0x800b0001
    2012-11-20    19:20:38:849    1112    e60    Setup    WARNING: SelfUpdate: Default Service: IsUpdateRequired failed: 0x800b0001
    2012-11-20    19:20:38:849    1112    e60    Setup    WARNING: SelfUpdate: Default Service: IsUpdateRequired failed, error = 0x800B0001
    2012-11-20    19:20:38:849    1112    e60    Agent      * WARNING: Skipping scan, self-update check returned 0x800B0001
    2012-11-20    19:20:38:912    1112    e60    Agent      * WARNING: Exit code = 0x800B0001
    2012-11-20    19:20:38:912    1112    e60    Agent    *********
    2012-11-20    19:20:38:912    1112    e60    Agent    **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
    2012-11-20    19:20:38:912    1112    e60    Agent    *************
    2012-11-20    19:20:38:912    1112    e60    Agent    WARNING: WU client failed Searching for update with error 0x800b0001
    2012-11-20    19:20:38:912    1112    818    AU    >>##  RESUMED  ## AU: Search for updates [CallId = {22AE83F8-E621-486F-A490-BC67C13DB187}]
    2012-11-20    19:20:38:912    1112    818    AU      # WARNING: Search callback failed, result = 0x800B0001
    2012-11-20    19:20:38:912    1112    818    AU      # WARNING: Failed to find updates with error code 800B0001
    2012-11-20    19:20:38:912    1112    818    AU    #########
    2012-11-20    19:20:38:912    1112    818    AU    ##  END  ##  AU: Search for updates [CallId = {22AE83F8-E621-486F-A490-BC67C13DB187}]
    2012-11-20    19:20:38:912    1112    818    AU    #############
    2012-11-20    19:20:38:912    1112    818    AU    AU setting next detection timeout to 2012-11-21 05:20:38
    2012-11-20    19:20:38:912    1112    818    AU    Setting AU scheduled install time to 2012-11-21 12:00:00
    2012-11-20    19:20:43:850    1112    e60    Report    REPORT EVENT: {7AA0F27D-6DA8-4906-B818-D30F4FE6E940}    2012-11-20 19:20:38:849-0500    1    148    101    {D67661EB-2423-451D-BF5D-13199E37DF28}    0    800b0001    SelfUpdate    Failure    Software Synchronization    Windows Update Client failed to detect with error 0x800b0001.
    2012-11-20    19:28:00:812    1112    e60    PT    WARNING: Cached cookie has expired or new PID is available
    2012-11-20    19:28:00:812    1112    e60    PT    Initializing simple targeting cookie, clientId = 12955623-8014-4d3c-a0bf-98cda807dc27, target group = XP Workstations, DNS name = tslhrad12.southcoast.org
    2012-11-20    19:28:00:812    1112    e60    PT      Server URL = http://slh-sus-server.southcoast.org/SimpleAuthWebService/SimpleAuth.asmx
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING: GetCookie failure, error = 0x8024400D, soap client error = 7, soap error code = 300, HTTP status code = 200
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING: SOAP Fault: 0x00012c
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING:     faultstring:Fault occurred
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING:     ErrorCode:ServerChanged(4)
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING:     Message:Server rolled back since last call to GetCookie
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/GetCookie"
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING:     ID:d904483b-48b3-487b-89ae-c7fa4f492c97
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING: PTError: 0x80244015
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING: GetCookie_WithRecovery failed : 0x80244015
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING: RefreshCookie failed: 0x80244015
    2012-11-20    19:28:00:859    1112    e60    PT    WARNING: RefreshPTState failed: 0x80244015
    2012-11-20    19:28:01:094    1112    e60    PT    WARNING: Cached cookie has expired or new PID is available
    2012-11-20    19:28:01:094    1112    e60    PT    Initializing simple targeting cookie, clientId = 12955623-8014-4d3c-a0bf-98cda807dc27, target group = XP Workstations, DNS name = tslhrad12.southcoast.org
    2012-11-20    19:28:01:094    1112    e60    PT      Server URL = http://slh-sus-server.southcoast.org/SimpleAuthWebService/SimpleAuth.asmx
    2012-11-20    19:28:08:563    1112    e60    Report    Uploading 1 events using cached cookie, reporting URL = http://slh-sus-server.southcoast.org/ReportingWebService/ReportingWebService.asmx
    2012-11-20    19:28:08:563    1112    e60    Report    Reporter successfully uploaded 1 events.




    • Edited by Briandr73 Wednesday, November 21, 2012 12:53 AM
    Wednesday, November 21, 2012 12:02 AM
  • I began to wonder do I need KB2720211.

    Well, regardless of anything else.. YES, you need to install KB2720211. It's not really an optional update.

    2012-11-20    19:20:38:834    1112    e60    Misc    WARNING: Digital Signatures on file C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab are not trusted: Error 0x800b0001

    And that is the reason you have clients not reporting.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Wednesday, November 21, 2012 10:53 PM
    Moderator