Switching WSUS server and Windows 8.1/Server2008/Server2012 clients won't connect, Windows 7/Server2003 is fine
I need to split the load of my WSUS on to another site because the amount of computers is straining the internet connection in the amount of uploads performed.
However I'm having an issue at the second WSUS where only Windows 7 and Server 2003 clients will update...
Windows 8.1 and Server 2008 and Server2012 won't update giving the following error codes: 8024400A and 80072EE2
The WSUS is a Server 2012 with Local Update Publisher 1.1 installed. It works fine locally at the site but not across our WAN.
The clients appear in the WSUS console but fail to check for updates.
I've tried it with the firewall turned off...
Both WSUS servers are using Microsoft SCEP 2012.
Has anyone out there experienced this? Or have any suggestions to fix?
Cheers.
Hi there,
I spoke too soon, I think I got one Windows 8 client to update yesterday by fluke. Now today it won't.
There's not much different between the W7 and W8 systems they both use the same antivirus. Same software but updated on W8.
Here is the windows update.log:
2014-06-05 10:44:14:561
976 954
Misc =========== Logging initialized (build: 7.9.9600.17093, tz: +1000) ===========
2014-06-05 10:44:14:639
976 954
Misc = Process: C:\Windows\system32\svchost.exe
2014-06-05 10:44:14:639
976 954
Misc = Module: c:\windows\system32\wuaueng.dll
2014-06-05 10:44:14:561
976 954
Service *************
2014-06-05 10:44:14:639
976 954
Service ** START ** Service: Service startup
2014-06-05 10:44:14:639
976 954
Service *********
2014-06-05 10:44:15:311
976 954
IdleTmr Non-AoAc machine. Aoac operations will be ignored.
2014-06-05 10:44:15:311
976 954
Agent * WU client version 7.9.9600.17093
2014-06-05 10:44:15:326
976 954
Agent WARNING: SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.
2014-06-05 10:44:15:326
976 954
Agent * Base directory: C:\Windows\SoftwareDistribution
2014-06-05 10:44:15:326
976 954
Agent * Access type: No proxy
2014-06-05 10:44:15:326
976 954
Service UpdateNetworkState Ipv6, cNetworkInterfaces = 1.
2014-06-05 10:44:15:326
976 954
Service UpdateNetworkState Ipv4, cNetworkInterfaces = 1.
2014-06-05 10:44:15:326
976 954
Agent * Network state: Connected
2014-06-05 10:44:15:326
976 954
Service UpdateNetworkState Ipv6, cNetworkInterfaces = 1.
2014-06-05 10:44:15:326
976 954
Service UpdateNetworkState Ipv4, cNetworkInterfaces = 1.
2014-06-05 10:44:16:123
976 954
Agent *********** Agent: Initializing global settings cache ***********
2014-06-05 10:44:16:123
976 954
Agent * Endpoint Provider: 00000000-0000-0000-0000-000000000000
2014-06-05 10:44:16:123
976 954
Agent * WSUS server: http://10.155.194.59:8530
2014-06-05 10:44:16:123
976 954
Agent * WSUS status server: http://10.155.194.59:8530
2014-06-05 10:44:16:123
976 954
Agent * Target group: Test Group
2014-06-05 10:44:16:123
976 954
Agent * Windows Update access disabled: No
2014-06-05 10:44:16:170
976 954
WuTask WuTaskManager delay initialize completed successfully..
2014-06-05 10:44:16:170
976 954
AU Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2014-06-05 00:24:13, not idle-only, not network-only
2014-06-05 10:44:16:170
976 954
AU Timer: CF1ABEC6-7887-4964-BB93-B2E21B31CEC1, Expires 2014-06-05 05:36:25, not idle-only, not network-only
2014-06-05 10:44:16:170
976 954
AU Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2014-06-05 05:36:25, not idle-only, not network-only
2014-06-05 10:44:16:170
976 954
Report CWERReporter::Init succeeded
2014-06-05 10:44:16:170
976 954
Agent *********** Agent: Initializing Windows Update Agent ***********
2014-06-05 10:44:16:170
976 954
DnldMgr Download manager restoring 0 downloads
2014-06-05 10:44:16:170
976 954
AU ########### AU: Initializing Automatic Updates ###########
2014-06-05 10:44:16:170
976 954
AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Scheduled} added to AU services list
2014-06-05 10:44:16:170
976 954
AU AIR Mode is disabled
2014-06-05 10:44:16:170
976 954
AU # Policy Driven Provider: http://10.155.194.59:8530
2014-06-05 10:44:16:170
976 954
AU # Detection frequency: 22
2014-06-05 10:44:16:170
976 954
AU # Target group: Test Group
2014-06-05 10:44:16:170
976 954
AU # Approval type: Scheduled (Policy)
2014-06-05 10:44:16:170
976 954
AU # Auto-install minor updates: Yes (Policy)
2014-06-05 10:44:16:170
976 954
AU # ServiceTypeDefault: Service 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 Approval type: (Scheduled)
2014-06-05 10:44:16:170
976 954
AU # Will interact with non-admins (Non-admins are elevated (Policy))
2014-06-05 10:44:16:186
976 954
AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80070032
2014-06-05 10:44:16:186
976 954
AU AU finished delayed initialization
2014-06-05 10:44:16:202
976 954
AU Adding timer:
2014-06-05 10:44:16:202
976 954
AU Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2014-06-05 03:47:12, not idle-only, not network-only
2014-06-05 10:44:16:217
976 99c
DnldMgr Asking handlers to reconcile their sandboxes
2014-06-05 10:45:17:562
976 954
AU ReAttemptDownloadsAsUserIfNecessary, No calls in download progress.
2014-06-05 10:45:31:453
976 778
IdleTmr Incremented idle timer priority operation counter to 1
2014-06-05 10:45:34:562
976 778
AU Triggering AU detection through DetectNow API
2014-06-05 10:45:34:562
976 778
AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Scheduled} added to AU services list
2014-06-05 10:45:34:562
976 778
AU Triggering Online detection (interactive)
2014-06-05 10:45:34:562
976 778
AU Adding timer:
2014-06-05 10:45:34:562
976 778
AU Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2014-06-05 00:45:34, not idle-only, not network-only
2014-06-05 10:45:34:609
976 954
AU #############
2014-06-05 10:45:34:609
976 954
AU ## START ## AU: Search for updates
2014-06-05 10:45:34:609
976 954
AU #########
2014-06-05 10:45:34:609
976 954
AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Scheduled} added to AU services list
2014-06-05 10:45:34:609
976 954
IdleTmr WU operation (CSearchCall::Init ID 1) started; operation # 15; does use network; is not at background priority
2014-06-05 10:45:34:609
976 954
IdleTmr Incremented idle timer priority operation counter to 2
2014-06-05 10:45:34:797
976 954
Report *********** Report: Initializing static reporting data ***********
2014-06-05 10:45:34:797
976 954
Report * OS Version = 6.3.9600.0.0.65792
2014-06-05 10:45:34:797
976 954
Report * OS Product Type = 0x00000004
2014-06-05 10:45:34:813
976 954
Report * Computer Brand = Microsoft Corporation
2014-06-05 10:45:34:813
976 954
Report * Computer Model = Virtual Machine
2014-06-05 10:45:34:813
976 954
Report * Platform Role = 1
2014-06-05 10:45:34:813
976 954
Report * AlwaysOn/AlwaysConnected (AOAC) = 0
2014-06-05 10:45:34:813
976 954
Report * Bios Revision = 090004
2014-06-05 10:45:34:813
976 954
Report * Bios Name = BIOS Date: 03/19/09 22:51:32 Ver: 09.00.04
2014-06-05 10:45:34:813
976 954
Report * Bios Release Date = 2009-03-19T00:00:00
2014-06-05 10:45:34:813
976 954
Report * Bios Sku Number unavailable.
2014-06-05 10:45:34:813
976 954
Report * Bios Vendor = American Megatrends Inc.
2014-06-05 10:45:34:813
976 954
Report * Bios Family unavailable.
2014-06-05 10:45:34:828
976 954
Report * Bios Major Release unavailable.
2014-06-05 10:45:34:828
976 954
Report * Bios Minor Release unavailable.
2014-06-05 10:45:34:828
976 954
Report * Locale ID = 3081
2014-06-05 10:45:35:578
976 954
Agent *** START *** Queueing Finding updates [CallerId = AutomaticUpdatesWuApp Id = 1]
2014-06-05 10:45:35:609
976 954
AU <<## SUBMITTED ## AU: Search for updates [CallId = {CDA6DEA2-9874-4DB5-AAA7-9A05D933C012} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]
2014-06-05 10:45:35:609
976 fc4
Agent *** END *** Queueing Finding updates [CallerId = AutomaticUpdatesWuApp Id = 1]
2014-06-05 10:45:35:609
976 fc4
Agent *************
2014-06-05 10:45:35:609
976 fc4
Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdatesWuApp Id = 1]
2014-06-05 10:45:35:609
976 fc4
Agent *********
2014-06-05 10:45:35:609
976 fc4
Agent * Online = Yes; Ignore download priority = No
2014-06-05 10:45:35:609
976 fc4
Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0
and DeploymentAction='Uninstallation' and RebootRequired=1"
2014-06-05 10:45:35:609
976 fc4
Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2014-06-05 10:45:35:609
976 fc4
Agent * Search Scope = {Machine & All Users}
2014-06-05 10:45:35:609
976 fc4
Agent * Caller SID for Applicability: S-1-5-21-1323361640-3159480285-1943353560-1532
2014-06-05 10:45:35:609
976 fc4
Agent * RegisterService is set
2014-06-05 10:45:35:625
976 fc4
EP Got WSUS Client/Server URL: "http://10.155.194.59:8530/ClientWebService/client.asmx"
2014-06-05 10:45:35:641
976 fc4
Setup Checking for agent SelfUpdate
2014-06-05 10:45:35:641
976 fc4
Setup Client version: Core: 7.9.9600.17093 Aux: 7.9.9600.17093
2014-06-05 10:45:35:641
976 fc4
EP Got WSUS SelfUpdate URL: "http://10.155.194.59:8530/selfupdate"
2014-06-05 10:45:35:672
976 fc4
Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2014-06-05 10:45:35:734
976 fc4
Misc Microsoft signed: NA
2014-06-05 10:45:35:734
976 fc4
Misc Infrastructure signed: Yes
2014-06-05 10:45:35:734
976 fc4
Misc WARNING: Cab does not contain correct inner CAB file.
2014-06-05 10:45:35:734
976 fc4
Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2014-06-05 10:45:35:734
976 fc4
Misc Microsoft signed: NA
2014-06-05 10:45:35:750
976 fc4
Misc Infrastructure signed: Yes
2014-06-05 10:45:35:766
976 fc4
Setup Skipping SelfUpdate check based on the /SKIP directive in wuident
2014-06-05 10:45:35:766
976 fc4
Setup SelfUpdate check completed. SelfUpdate is NOT required.
2014-06-05 10:45:35:907
976 fc4
PT +++++++++++ PT: Synchronizing server updates +++++++++++
--continued--
Similar Messages
-
Disconnect WSUS server and Process of Approving Updates via Metadata.
Hi Folks:
I have recently setup 2 WSUS servers. The first one has connectivity to the Internet and of course has access to Microsoft updates. The second WSUS server is part of a disconnected network. Both WSUS servers are supporting client workstations
of various operating system versions. The connected WSUS server is fairly easy, from a management viewpoint. I simply check to see what updates are "Needed" and I approve them for download. However, the disconnected WSUS server
is the one that I need some advice on. I want to have a fairly simply procedure for the disconnected WSUS server, but here is the procedure that I think would work:
Transfer metadata and updates via disc from the connected WSUS server to the disconnected WSUS server (using documented export/import procedure).
Check to see what is "Needed" updates on the disconnected WSUS server, once the WSUS server has had a chance to absorb all the imported metadata and updates. This means that the disconnected WSUS server has determined from it's supported
client workstations, what updates are required.
Generate a list of those "Needed" updates in some form, so that I can now approve those updates on the CONNECTED WSUS server for download.
Once those updates have been downloaded to the connected WSUS server, transfer the updates and metadata again to the disconnected WSUS server. Approve those updates, so that they can now be sent out to the client workstations on the disconnected
network.
If that is my procedure (can someone like Lawrence Garvin), please let me know, if that sounds correct. I'm concerned about the double export/import of the metadata and updates.
Also, I'm wondering if it would be better to have separate connected WSUS server for supporting the disconnected WSUS to keep things straight.
For example:
One connected WSUS servers supporting the set of client workstations, that are on the connect WSUS server's network.
One disconnected WSUS server supporting the set of client workstations that are on the disconnected WSUS server's network.
One more connected WSUS server, that would be used to download and transfer metadata and updates to the disconnect WSUS server. The advantage in keeping this separate, is that you would never confuse approved updates between the connected network
client workstations and the disconnected network client workstations. Especially, if they have different versions of software, that require updating.
Any input would be appreciated.You will likely also want to configure your WSUS server to "Download express installation files." under the "Update Files and Languages," setting on your options.
I will unequivocally disagree with this statement, for several reasons:
First, there's nothing that needs to be deployed that would use Express Installation Files anyway. Express Installation Files were designed to facilitate the deployment of Very Large Updates (read: SERVICE PACKS) across slow-speed links by significantly
reducing the size of the binary that must be downloaded by the CLIENT. There are NO service packs in the catalog that won't already be installed on any client system.
Second, in exchange for that ability of clients to download less, it significantly increased the size of the binary that must be downloaded by the SERVER from Microsoft. Express Installation Files will cause hundreds of gigabytes of extra binaries to be
downloaded, which will need to be transferred to the disconnected server. None of which will actually ever be used.
Third, most disconnected networks do not include WAN links, so the primary purpose of Express Installation File is contra-indicated by the very scenario being discussed.
Otherwise by default you might get just an installer downloaded onto the WSUS server and clients might still need internet access to download the actual package contents.
It would seem that you do not correctly understand Express Installation Files.
There is an in-depth explanation of Express Installation Files in the WSUS Deployment Guide. For additional information see
https://technet.microsoft.com/en-us/library/dd939908(v=ws.10).aspx#express
I also would not recommend a internet facing WSUS server just to provide updates to the disconnected WSUS server as that will also need to download a full copy of the content to that server when it is likely already downloaded onto your internet
/ production WSUS server anyway.
Seemingly you are also not actually familiar with the documented guidance for how to manage disconnected networks. An Internet-facing (connected) WSUS server is *exactly* how this is done.
You may also find this part of the Deployment Guide to be useful reading:
Configure a Disconnected Network to Receive Updates
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds. -
VPN between ASA5505 Easy VPN Server and 881G Router as Easy VPN Client
Hello,
I have problem in VPN between ASA5505 Easy VPN Server and 881G Router as Easy VPN Client. ASA 5505 have 7.2.3 software and 881G router have 15.1 software.
881G is configured as hardware client in network exstention mode, and it is placed behind NAT. ASA5505 is working as server. Same VPN Group works correctly from VPN software clients.
When I send traffic from 881G client side, in show cryto sessin detail I see encrypted packets. But with same command I dont see decrypted packet on ASA5505 side. On both devices Phase 1 and Phase 2 are UP.
VPN is working when I replace ASA5505 with ASA5510 correctly with have 8.4.6 software. But problem is that i need to do this VPN between ASA5505 and 881G.
Can you help me, how can I debug or troubleshoot this problem ?
I am unable to update software on ASA5505 side.Hello,
Hire is what my config look like:
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 40 set pfs
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 60 set pfs
crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 80 set pfs
crypto dynamic-map outside_dyn_map 80 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 100 set pfs
crypto dynamic-map outside_dyn_map 100 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 120 set pfs
crypto dynamic-map outside_dyn_map 120 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 140 set pfs
crypto dynamic-map outside_dyn_map 140 set transform-set ESP-AES-128-SHA
crypto dynamic-map outside_dyn_map 160 set pfs
crypto dynamic-map outside_dyn_map 160 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 180 set pfs
crypto dynamic-map outside_dyn_map 180 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 200 set pfs
crypto dynamic-map outside_dyn_map 200 set transform-set ESP-AES-256-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 2
authentication pre-share
encryption 3des
hash sha
group 1
lifetime 86400
crypto isakmp policy 3
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
tunnel-group HW-CLIENT-GROUPR type ipsec-ra
tunnel-group HW-CLIENT-GROUP general-attributes
address-pool HW-CLIENT-GROUP-POOL
default-group-policy HW-CLIENT-GROUP
tunnel-group HW-CLIENT-GROUP ipsec-attributes
pre-shared-key *******
group-policy HW-CLIENT-GROUP internal
group-policy HW-CLIENT-GROUP attributes
password-storage enable
split-tunnel-policy tunnelspecified
split-tunnel-network-list value cisco_splitTunnelAcl
nem enable -
WSUS server and client configuration issues
I just inherited WSUS from my predecessor (it was turned off because of a full disk) so I’m still learning how to use it. Turning it back on I changed where updates should come from, they were stored locally and now I’m pulling them down off of the Microsoft
Update location. What I’m seeing is that I have a bunch of computers that WSUS “sees” but are showing “Failed or Needed” status. Unless I visit each machine and manually do the updates this status does not change. Additionally I have some client computers
(Windows 7) that are not showing up as managed by WSUS. If I reading this right I’m running version Update Services 6.2.9200.16384 on Management Console 3.0 Version 6.2 (build 9200) on Windows Server 2012.
How can I force WSUS to automatically update the “Failed and Needed” devices?
How can I get those clients that are not being managed by WSUS to be managed?
Some of the things that I have done so far on the server and clients are:
Create a GPO (see attached for WSUS)
wuauclt
/detectnow
wuauclt /reportnow
wuauclt.exe /detectnow
gpupdate /force after
modifying the GPO
I even ran the SolarWinds WSUS diagnostic (as a non-administrator) and got this as the output:
# Solarwinds® Diagnostic Tool for the WSUS Agent # 1/23/2015
Machine state
User rights: User does not have administrative rights (Administrator rights are not available)
Update service status: Running
Background Intelligent Transfer service status:
Running
OS Version: Windows 8.1 Pro
Windows update agent version: 7.9.9600.17489 (WU Agent is OK)
Windows Update Agent configuration settings
Automatic Update: Enabled
Options: Automatically download and notify of installation
Use WSUS Server: Not found (There is no such key)
Windows Update Server: Not found (There is no such key)
Windows Update Status Server: Not found (There is no such key)
WSUS URLs are identical: Values are empty
WSUS Server Connectivity -- Connectivity check is impossible
So, my questions are:
What tool do I use to configure the client machine?
How do I get WSUS to update my clients?
Thanks
SamSteven,
I'm pretty sure that this is not the right forum to discuss this in but just so we can close this case.
On my computer I ran the command gpupdate /force I
then rebooted my computer to make sure that the group policy would be updated. The first screen shot is from my domain controller and the second is from my computer. As you can see the Domain Controller has the correct settings but the local machine doesn't.
Other parts of the DC GPO settings have worked so I'm somewhat comfortable that it is being propagated properly. -
WSUS server and Microsoft Online Catalog Inconsistency
Hello, after a full sync, my WSUS server is showing the update for system center endpoint protection 2012 client 4.6.305.0 (KB2998627) and a few others, but I cannot find this update in Microsoft's online catalog for updates, is there a reason to that? (http://catalog.update.microsoft.com/v7/site/home.aspx).
How do I check for consistencies?Hello, after a full sync, my WSUS server is showing the update for system center endpoint protection 2012 client 4.6.305.0 (KB2998627) and a few others, but I cannot find this update in Microsoft's online catalog for updates, is there a reason to that?
Not everything is published in all sources, and this update is not documented in KB894199 so there's no way to really know.
How do I check for consistencies?
What exactly do you mean by this? What "consistencies" are you wanting to check for?
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds. -
Hello,
Environment : 1. Server 2008 R2 Main Upstream server, hosts update content locally, SQL DB on another system.
2. 2 - Server 2008 R2 downstream servers, host update and sql content locally.
We had our Main Upstream WSUS server crash after applying KB2734608-x64 on a Server 2008 R2 box. Our database resides on a different SQL server on the same domain. When we tried to launch the WSUS interface the mmc console
it would crash. ( MMC has detected an error in a snap in and will unload it. was the error). Looked at the logs and it seems like it could not connect to the database. Anyways after trying many fixes, i decided to re-install WSUS until it got to the point
where it would not allow me to re-install got errors in the log of " InstallWsus: MWUS installation failed ( error 0x80070643: fatal error during installation with other ones like CInstallDriver and CSetupDriver:.....blah blah). I was messing with the
back end database and accidentally deleted it, so i had to restore the latest backup from a month ago ( we typically back on a weekly basis with incrementals, but our backups where failing and we didn't know of this because of a complicated situation
with our client..anyways). My question is once i get the WSUS connected backup what can i expect from the downstream servers in terms of Synchronization? I am assuming initially we will have re approve all updates on the upstream server, before the downstream
server successfully sync? I know i have to recycle the WSUS application pool and reset the update content, anything else? Also any advice on installing that patch? We initially tried to install it because some clients were not reporting into the console properly.
( I know we are on a downward spiral here, any help is appreciated. Will probably end up rebuilding the VM from scratch re-installing WSUS )
Server 2008 - MCITP, Server 2012 - MCSABecause you had previously attempted the installation of KB2734608 on the WSUS server, it's likely that the database schema has already been modified, making it impossible to connect a downlevel WSUS server to that database. It's unfortunate that you uninstalled
WSUS (probably not necessary and notably complicates the situation), but c'est la vie.
Of course, apparently all that is also irrelevant since you also trashed the back-end database and restored it, so now that database does not have the schema mods imposed by KB2734608.
So, once you get this new WSUS server installed to the restored database, the downstream servers (where I presume you have not yet installed KB2734608 since this update must be installed from the top down) will just keep on truckin'. The only updates you'll
need to approve are the ones that were approved since the last database backup (which hopefully was after you approved this month's Patch Tuesday updates, otherwise you'll likely have a fair amount of work to be done).
Successful synchronization is not a function of the state of the approvals on the upstream server, but if there are any updates NotApproved on the upstream server that were previously approved, a replica server will lose those approvals and client systems
won't get the update until it is (re)approved, the replica resynchronized, and the client performs another detection to (re)find that (new) approval.
I don't know where the "recycle the app pool and reset the update content" stuff is coming from. You're installing a new front-end WSUS server onto an existing database that's already functional. No other actions are required.
As regards successfully installing KB2734608, I suggest thoroughly reading the KB article for starters... TWICE!
First requirement of successfulling installing this update is having a healthy
WSUS server. Not sure why your particular installation failed (installation failures of KB2734608 are pretty rare, as opposed to those encountered by KB2720211), but they're almost always related to existing dysfunctions within the WSUS server.
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds. -
Hi,
We have successfully configured network policy server on windows server 2012 and all wireless clients could connect to our network except windows 7 and xp non domain clients.The clients that are successfully authenticated includes windows 8,mobile users
(andriod + iOS) domain as well as non domain clients.If we join windows 7 pc to the domain it successfully connects but non domain clients could not connect.We have large number of windows 7 users that have their own laptop machines and we dont want
each laptop to join the domain.
On server event 6273 generated with reason code 265 "The certificate chain was issued by an authority that is not trusted".Plz help how to resolve this issue.I have searched on the internet but no proper solution found.Hi,
According to the error message, it seems that you used certificate-based authentication methods and the non-domain computers has no Trusted Root Certificate for the CA that enrolled the certificate for the NPS.
For more detailed information, please refer to the links below:
Certificates and NPS
Manage Trusted Root Certificates
Best regards,
Susie
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
Server 2012 R2 Hyper-V Client won't connect to Host.
Hi I have a server with 2012 R2 and Hyper-V is installed. I have set my VM's up and everything on the server is working perfectly. I installed the hyper-v role on my Win 7 x64 machine and it will not connect to my server. I ended up calling in to microsoft
and they have determined it's a bug. I really need a work around does anyone know of a work around?
Thanks,
DBHi,
You can install the Windows Management Framework 4.0, then use PowerShell to manage the Hyper-V.
More information:
Windows Management Framework 4.0
http://www.microsoft.com/en-us/download/details.aspx?id=40855
Hyper-V Cmdlets in Windows PowerShell
http://technet.microsoft.com/en-us/library/hh848559.aspx
The third party related article:
How to install Windows PowerShell 4.0
http://blog.powershell.no/category/windows-server-2012-r2/
Hope this helps.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
I have a Macbook Air running OS-X Yosemite and an iPhone 5s running IOS version 8.1. Every time I try to connect the devices via bluetooth is won't connect saying my Macbook Air isn't supported when in actuality it is. Anyone know how to fix this issue? I have restarted both my Mac/Iphone and have turned bluetooth on/off and nothing seems to help. Bluetooth pairing didn't work before I updated to IOS 8.1 so I doubt that is the issue here.
Pairing an iPhone to a computer (Mac or Windows) is only supported for personal hotspot (sharing the iPhone's cellular internet connection) and then only if your cellular plan supports it. More information: Bluetooth: Why can't I pair my iPhone or iPad with my computer?
-
Lion server shows up in Finder "Shared" section but won't connect
My Lion server iMac shows up both on my home LAN and from work in the Finder Shared section.
Other Shared servers show up (just Lion not Lion Server) and work fine, as usual.
When clicking on the Lion server icon the Finder tries to connect and then is unable (no password entered). Connect As doesn't do anything. Also, removed the original entry in Keychain so there's no password every requested nor given, just fails.
Any ideas ?Well, after much fumbling, I checked out ifelix' site again, and the trick was to select "shared" instead of "open" in Authentication Mode on the PC. I am not sure what the setup on my PC is now, but it works, and thats the main thing
mini dual core Mac OS X (10.4) -
Windows XP MCE sees network but won't connect
Hello
I've managed to get my AAEB working with two of my computers, one is a regular desktop which is connected through the wired outputs, this works like a charm.
The other is my personal laptop, an Acer Ferrari with Windows XP pro, this now also works perfectly on the wireless system.
Now I'm trying to get my brothers laptop to connect to our network and internetconnection through the AAEB. His laptop sees the network but when I try to connect to it it's not possible, I never even get to the part where I have to enter the password.
I'm using WPA/WPA2 for security and as stated having no problems on my own computer that's running WinXP Pro, but this one that runs WinXP MCE can't connect.
I've tryed disabling the security on the AAEB and when I do that it's possible to connect with the WinXP MCE.
Please help :'(Thank you very much for your suggestion.
It might be me who doesn't understand fully what you mean but my problem is that I can't get the PC to connect to the wireless network.
If I plug in a ethernet cable everything works like a charm however. But I just get an error when trying to connect to the Wlan that the network might not be available anymore, eventhough I'm using it on my personal laptop at this very moment.
edit in response to your post also, I never get far enough for it to even try to recieve an IP
Message was edited by: Dennis Hampe -
My Verizon hotspot on my Iphone won't connect to my Ipad and hasn't for a few weeks..
Have tried re-booting the system, holding down keys etc.
I have no idea what to do now as I am 100% technically challenged.
Thank you for any very simple instructions on how to proceedIt's in recovery mode and can't be used until you connect to a computer and restore it through iTunes.
-
Can I export a PDF in InDesign Server and return it to the calling client?
Using Java/CORBA between a client machine and InDesign Server, I would like to:
1. Make a remote call to InDesign server to create a document, passing IDML as a parameter on the call
2. Make another remote call to InDesign server to export a PDF, returning the PDF on the call return.
Is this possible? I notice that the doExport method does not return a PDF to the calling client. Instead, it saves the PDF on the server. I don't see any apis which would allow me to do the above.
The use case here is a web application which need to "preview" an image. The image consists of a template and some variable data which is sent to an InDesign server for composition and is returned as an image.
Thanks for any help.I fail to see the issue. You have added crop marks, have you not? For all intents and purposes those are marks that are supposed to be visible and printable for cutting in the real world. If you don't want them, don't use them. Acrobat can generate them on the fly for printing, anyway.
Mylenium -
Have just loaded iOS7 and now I cannot send or receive mail . Device message is : cannot open mail cannot connect with server. Any ideas?
Had the same problem. Deleted my account and readded it...still didn't work. Had a call with Apple, and they couldn't figure out why the Exchange server wouldn't work. They had me set up mail through Gmail, and that finally worked. There must be a bug they need to fix for the Exchange Server.
-
Windows 7 client won't connect with 802.1x security
Having issues connecting a windows 7 dell laptop with cisco unified wireless infrastructure. Currently running 4 4402 WLCs and 1 wism. The client in question is trying to connect to an AP that sits on one of the controllers on the wism. WLC code running is 6.0.199. If I configure the windows 7 client to an ssid with wpa2 with preshared key it works with no issue. It's really problematic with 802.1x, wondering if there is addition settings on the adapter in win 7 that I'm missing or have overlooked.
Thank you in advance for any suggestions to a solution to my problem
Regards,
izzyWindows is going to want to use the credentials that you login to the machine. SO if you logged is as "administrator" but you need to authenticated as domain\John.Smith you need to manipulate the credentials.
If you are logging in to the machine with valid domain credentiasl though, it becomes a bit more difficult.
So, is this the only type of machine having an issue? What is the driver version and chipset type?
you can run debug client < cliet ma address > and watch what is happening from the controllers persepctive. You can also see what username is being sent to the AAA server.
Cheers,
Steve
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
Maybe you are looking for
-
How can I configure my IP Camera for remote access
Hi All, I hope you can help. I bought one of these http://www.wansview.com/Products/NCB-541W29654.html which seems to be a pretty common camera, made by I think Foscam (as the link on the site for setup links you to http://foscam.us/blog/foscamipcame
-
Is there a way to make the bookmarks panel appear only when bookmarks are actually present? As in, I'm looking for a global setting so that I don't always have to update the properties in each document.
-
I have pages made with two FW templates. The rollovers for one set is working fine, but those for the other do not. The templates are nearly identical, so I'm baffled. When I preview from FW into the browser, everything looks fine, but it doesn't wor
-
Removing a song that isn't on the "iPod Selection" list - but its on iPod!
Firstly, let me say - I am a technocripple!! I don't know how I managed this one, but I am trying to delete a song from the iPod itself... However it is not listed in the "iPod Selection" playlist (or another playlist for that matter) the only time I
-
Calling a function in Flash via JavaScript
My project is in Flash CS3 ActionScript 2. I am using JavaScript elements in my project that are called within Flash. The following code placed on frame 1 of my main timeline goes to frame 2 and displays the JavaScript element = that works. Here's th