WSUS clients reporting, but not recignizing that they need updates
Ok, so here we go. This issue is affecting all of my clients.
What I am running:
WSUS v3.2.7600.226 on Server 2008-R2
Clients are
Server 2008-R2
Server 2008-SP2
Windows 7
All of my clients are reporting to the WSUS server. Updates have been approved for all of them.
The WSUS control panel is showing that each client is in need updates, each client needs between 65-85 updates.
This WSUS server is not connected to the internet, so all of the updates were imported from one that is connected to the internet and they are stored locally.
I’ve checked the WindowsUpdate.log and what I think I am seeing is that the clients are checking in with the WSUS server, but are not seeing that they need any updates.
The log file is below.
I ran the “Solarwinds WSUS Diagnostic’s Tool”, and everything came back as good, except the “CONTENT”.
The error that is displayed is “Incorrect proxy client configuration – use settings tab to test proxy configuration settings; may also be caused by misconfigured SSL implementation or access rights on WSUS Server.”
- I am not using any sort of proxy settings.
- I am not using an sort of SSL
- As far as misconfigured access rights on WSUS server… I don’t think they are set incorrectly.
If I browse to http://SRV-WSUS-E3/selfupdate/wuident.cab I am able to download the wuident.cab.
Hopefully I didn’t cause this with conflicting group policy, my group policy settings related to WSUS are as follows:
Allow automatic Updates immediate installation – Enabled
Allow non-administrators to receive update notifications – Enabled
Automatic Updates detection frequency – Enabled, 4 hour interval (I plan to change it to 24 hours once things are working)
Configure Automatic updates
Configure automatic updating – 4 – Autodownload and schedule the install
Scheduled install day – 0 Every day
Scheduled install time – 1900
No auto-restart with logged on users for scheduled automatic updates installations – Disabled
Reschedule Automatic Updates Scheduled instllations – Enabled
Wait after system startup (minutes) – 1
Specify intranet Microsoft Update service location – Enabled
Set the intranet update service for detecting updates –
http://SRV-WSUS-E3
Set the intranet statistics server – http://SRV-WSUS-E3
Turn on recommended updates via Automatic Updates – Enabled.
Any help or advice would be appreciated! Also, if more info is need to diagnose please let me know!
Here is most recent entry in the WindowsUpdate.log files from one of my Windows 7 clients. Another Windows 7 client's log was virtually identical.
2012-07-20 06:58:22:028 564 1364 AU #############
2012-07-20 06:58:22:028 564 1364 AU ## START ## AU: Search for updates
2012-07-20 06:58:22:028 564 1364 AU #########
2012-07-20 06:58:22:028 564 1364 AU <<## SUBMITTED ## AU: Search for updates [CallId = {959F3D4B-3A35-4F96-91F8-7995EF6AC8CE}]
2012-07-20 06:58:22:028 564 8ec Agent *************
2012-07-20 06:58:22:028 564 8ec Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2012-07-20 06:58:22:028 564 8ec Agent *********
2012-07-20 06:58:22:028 564 8ec Agent * Online = Yes; Ignore download priority = No
2012-07-20 06:58:22:028 564 8ec Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1
or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2012-07-20 06:58:22:028 564 8ec Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2012-07-20 06:58:22:028 564 8ec Agent * Search Scope = {Machine}
2012-07-20 06:58:22:043 564 8ec Setup Checking for agent SelfUpdate
2012-07-20 06:58:22:043 564 8ec Setup Client version: Core: 7.5.7601.17514 Aux: 7.5.7601.17514
2012-07-20 06:58:22:043 564 8ec Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
2012-07-20 06:58:22:059 564 8ec Misc Microsoft signed: Yes
2012-07-20 06:58:24:352 564 8ec Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
2012-07-20 06:58:24:368 564 8ec Misc Microsoft signed: Yes
2012-07-20 06:58:24:368 564 8ec Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
2012-07-20 06:58:24:368 564 8ec Misc Microsoft signed: Yes
2012-07-20 06:58:24:368 564 8ec Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
2012-07-20 06:58:24:383 564 8ec Misc Microsoft signed: Yes
2012-07-20 06:58:24:399 564 8ec Setup Determining whether a new setup handler needs to be downloaded
2012-07-20 06:58:24:399 564 8ec Setup SelfUpdate handler is not found. It will be downloaded
2012-07-20 06:58:24:399 564 8ec Setup Evaluating applicability of setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.4.7600.226"
2012-07-20 06:58:25:475 564 8ec Setup Setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.4.7600.226" is already installed.
2012-07-20 06:58:25:475 564 8ec Setup Evaluating applicability of setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.4.7600.226"
2012-07-20 06:58:25:491 564 8ec Setup Setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.4.7600.226" is already installed.
2012-07-20 06:58:25:491 564 8ec Setup Evaluating applicability of setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.4.7600.226"
2012-07-20 06:58:25:522 564 8ec Setup Setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.4.7600.226" is already installed.
2012-07-20 06:58:25:522 564 8ec Setup SelfUpdate check completed. SelfUpdate is NOT required.
2012-07-20 06:58:26:349 564 8ec PT +++++++++++ PT: Synchronizing server updates +++++++++++
2012-07-20 06:58:26:349 564 8ec PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =
http://SRV-WSUS-E3/ClientWebService/client.asmx
2012-07-20 06:58:26:364 564 8ec PT WARNING: Cached cookie has expired or new PID is available
2012-07-20 06:58:26:364 564 8ec PT Initializing simple targeting cookie, clientId = 979ef33c-422e-4e3e-bd90-2cca494df7c3, target group = , DNS name = mtc-lwk-audit.ftrileymtc.army.mil
2012-07-20 06:58:26:364 564 8ec PT Server URL =
http://SRV-WSUS-E3/SimpleAuthWebService/SimpleAuth.asmx
2012-07-20 06:58:32:573 564 8ec Agent WARNING: Failed to evaluate Installed rule, updateId = {189A8F50-0C3A-4FDF-8BC2-BC23A3EB11FB}.101, hr = 80242013
2012-07-20 06:58:35:615 564 8ec PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2012-07-20 06:58:35:615 564 8ec PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =
http://SRV-WSUS-E3/ClientWebService/client.asmx
2012-07-20 06:58:35:958 564 8ec Agent * Found 0 updates and 68 categories in search; evaluated appl. rules of 1621 out of 2568 deployed entities
2012-07-20 06:58:35:958 564 8ec Agent *********
2012-07-20 06:58:35:958 564 8ec Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2012-07-20 06:58:35:958 564 8ec Agent *************
2012-07-20 06:58:35:990 564 15e0 AU >>## RESUMED ## AU: Search for updates [CallId = {959F3D4B-3A35-4F96-91F8-7995EF6AC8CE}]
2012-07-20 06:58:35:990 564 15e0 AU # 0 updates detected
2012-07-20 06:58:35:990 564 15e0 AU #########
2012-07-20 06:58:35:990 564 15e0 AU ## END ## AU: Search for updates [CallId = {959F3D4B-3A35-4F96-91F8-7995EF6AC8CE}]
2012-07-20 06:58:35:990 564 15e0 AU #############
2012-07-20 06:58:35:990 564 15e0 AU Successfully wrote event for AU health state:0
2012-07-20 06:58:35:990 564 15e0 AU Featured notifications is disabled.
2012-07-20 06:58:35:990 564 15e0 AU AU setting next detection timeout to 2012-07-20 15:47:50
2012-07-20 06:58:35:990 564 15e0 AU Setting AU scheduled install time to 2012-07-21 00:00:00
2012-07-20 06:58:35:990 564 15e0 AU Successfully wrote event for AU health state:0
2012-07-20 06:58:35:990 564 15e0 AU Successfully wrote event for AU health state:0
2012-07-20 06:58:40:966 564 8ec Report REPORT EVENT: {3B1D017A-79E4-4C32-9E52-C34EC8A019A3} 2012-07-20 06:58:35:958-0500 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Software
Synchronization Windows Update Client successfully detected 0 updates.
2012-07-20 06:58:40:966 564 8ec Report REPORT EVENT: {AAF1D880-2A74-44B3-9360-7BE1363E8545} 2012-07-20 06:58:35:958-0500 1 156 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Pre-Deployment
Check Reporting client status.
2012-07-20 06:58:40:966 564 8ec Report CWERReporter finishing event handling. (00000000)
2012-07-20 07:08:52:986 564 8ec Report Uploading 2 events using cached cookie, reporting URL =
http://SRV-WSUS-E3/ReportingWebService/ReportingWebService.asmx
2012-07-20 07:08:53:001 564 8ec Report Reporter successfully uploaded 2 events.
Ken
I ran the “Solarwinds WSUS Diagnostic’s Tool”, and everything came back as good, except the “CONTENT”.
The error that is displayed is “Incorrect proxy client configuration – use settings tab to test proxy configuration settings; may also be caused by misconfigured SSL implementation or access rights on WSUS Server.”
This particular issue is discussed in a couple of other threads, and I think I also posted it back to the SolarWinds Thwack forum for the tool. This is caused because your WSUS server has the "Directory Browsing" role service enabled in the Web Server role.
If this is a dedicated WSUS server, then that is an erroneous configuration, causing IIS to return an HTTP 403.14 error to the Diagnostic Tool, and it's displaying the standard error text for detecting an HTTP 403 error. This is a defect in your WSUS server,
and the fix is to disable the Directory Browsing role service in the Web Server role. If this is not a dedicated WSUS server, then the question is whether there are any other web applications or web services that require Directory Browsing to be enabled. If
not, then you should remove the role service. If so, then this is a normal indication for your implementation because IIS is returning an error to the Diagnostic Tool.
2012-07-20 06:58:32:573 564 8ec Agent WARNING: Failed to evaluate Installed rule, updateId = {189A8F50-0C3A-4FDF-8BC2-BC23A3EB11FB}.101, hr = 80242013
This message is generated because you have an update on your WSUS server that needs to go away. Typically this is caused by an expired (read: defective) update that still has an active approval. Find the update, decline it.
2012-07-20 06:58:35:958 564 8ec Agent *
Found 0 updates and 68 categories in search; evaluated appl. rules of 1621 out of 2568 deployed entities
And that defective update is most likely blocking this client from being able to scan the rest of the available updates and successfully detect any needed updates.
Also, btw, I note that this server does not yet have KB2720211 installed.
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Product Manager, SolarWinds
Microsoft MVP - Software Distribution (2005-2012)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
Similar Messages
-
Help needed I have a canon 40D. I am thinking of buying a canon 6D.But not sure that my len
Hi all help needed I have a canon 40D. I am thinking of buying a canon 6D.
But not sure that my lenses will work.
I have a 170mm/ 500mm APO Sigma.
A 10/20 ex Sigma HSM IF.
And a 180 APO Sigma Macro or do I have to scrap them and buy others.
ALL Help will be greatly received. Yours BRODIEIn short, I love it. I was going to buy the 5DMark III. After playing with it for a while at my local Fry's store where they put 5DMII, 5DMIII and 6D next to each other, using the same 24-105L lens, I decided to get the 6D and pocket the different for lens later.
I'm upgrading from the 30D. So I think you'll love it. It's a great camera. I have used 5DMII extensively before (borrowing from a close friend).
Funny thing is at first I don't really care about the GPS and Wifi much. I thought they're just marketing-gimmick. But once you have it, it is actually really fun and helpful. For example, I can place the 6D on a long "monopod", then use the app on the phone to control the camera to get some unique perspective on some scenes. It's fun and great. GPS is also nice for travel guy like me.
Weekend Travelers Blog | Eastern Sierra Fall Color Guide -
I have already set up and Itunes account, but it says that i need to reveiw the account. I guess i have not finished setting it up yet. But when i go into the payment information it says that i need to fill out the type of credit/debit card that i have. Well, i don't have one! How do i put that i have 'none?' it doesnt even have a 'none' button. PLLEEAAASseeee help me!!! Please:)
If the amount of the purchase is close to $21.07, then you need to take into account taxes may be added.
If you go beyond the credit from a gift card the balance will be billed to your credit card account. -
i have a macbook pro 13" early 2011 version and what to install windows 7 on it via bootcamp but not sure that whether to install x64 or x86 version? which one will work better
There is no need for anyone to use 32-bit version anymore.
Retail comes with both. Or you can save on just buying 64-bit System Builder disc.
Better support for today's hardware with larger video graphic memory and systems.
Better memory management. -
I'm not sure if my iPhoto library is being backed up by Time Machine. I am backing up to a LaCie external hard drive. I can open photos ont the hard drive that are in folders but not those that are in iPhoto.
Do a restore from Time Machine. That will tell you.
-
Hello I thought that I had ordered a photo book in aperture this morning but not sure that the order has gone through as I have not had a confirmation email,
t I am currently in canada and trying to get the book sent to Australia. Im not sure if apple is picking up my location and that is having any affect on it?
The AppleID you are using to buy the book, must be tied to the location of the store where you are ordering the book from. Is your AppleID associated with an australian address? And are you placing the order at the Australian store? The Canadian store will not shiptoAustralia, see these policies: http://www.apple.com/internetservices/terms/sales_policies.html
Also set the "Region" in the language & Text preferences to "Australia", while you are ordering.
Regards
Léonie -
I'm from the uk and I'm trying to send a message to someone who lives in the US, however it does not recognise that they have an iPhone so it won't send as an iMessage, any solutions?
Hi Will_medlock,
If you are having issues sending iMessages to a specific person overseas, you may find the following article helpful:
iOS: Troubleshooting Messages
http://support.apple.com/kb/ts2755
Regards,
- Brenden -
I have an image that I removed from its back ground and I would like to scale the bottom portion of the image because its to wide but not have that effect the top portion of the image which is the correct width. but also keep the aspect ratio correct, keep it looking as natural as possible (its a piece of jewlery) ? how can I begin to do this.
The area circled in red is to wide (the width) the necklace's width is as wide as the models entire chest. And also the length of the necklace it's to long it should come down to the clevage area on the model/woman.
-
i have iphone 4 but not purchase that from airtel or aircel in india does that void my apple warrenty, i have purchase from grey market
Only iPhones sold by authorized resellers in India will be serviced by Airtel or Aircel. If you purchased from an unauthorized source, it's quite possible that the iPhone came from some other country, and would be serviced only in that country. Discovering what country the iPhone was originally sold it will be quite difficult unless the place you purchased it from can tell you.
So in practical terrms, it's probable that you have no warranty.
Regards. -
I have just deleted a set of very important photos from a shared folder on my iphone 5 not realising that they would also be deleted from my photostream on all devices - is there any way I can retrieve them?
No.
-
I can not get apps that cost $. I can get songs and free aps but not those that cost $. I have funded iTunes account. When I try to buy an app it refers me to this chat/community site. Can anyone help.
Does it refere you to this site, or iTunes store support? I would think you need to contact iTunes store support, not other users in this user-to-user forum. Click the Contact Us link at the bottom right on this page.
-
I am unable to download music that I purchased from itunes. I can download recent purchases, but not ones that I made last year or earlier.
Cdadd,
If by any chance you have made purchases with more than one account, you must check for past purchases separately for each account. -
I backed up my phone before it was replaced. My apps have disappeared altogether, and my music is there but it indicates that I need to download (not pay for) each track again. It's only small stuff, but my ringtones and photos and background etc have all gone, too. What have I missed?
How to BackUp > http://support.apple.com/kb/ht1766
What gets Backed Up
iTunes http://support.apple.com/kb/ht4946
iCloud http://support.apple.com/kb/PH2584
Restore from Backup > http://support.apple.com/kb/ht1766 -
Wanted to load an app onto my wife's ipad. BUT, the program keeps saying I've already purchsaed it and will not let me purchase again. I've tried everything I can think of. Now looking at wiping ipad competely and starting over but not sure that'll help. Between the time I purchased the app and now, I had to change password's w/Apple (Stupid system in the first place IMO) and it doesn;t liek new password
I can find the app, but the free version only. I paid for the upgrade ($1.99) on my ipad and now I want to add it (or buuy it) for my wife's ipda, but it will not allow me
-
HT4061 I AM ASKING THAT I TRIED TO UPDATE MY iPHONE 4 BUT NOT RESPONDING PLEASE I NEED MORE HELPING
I AM ASKING THAT I TRIED TO UPDATE MY iPHONE 4 BUT NOT RESPONDING PLEASE I NEED MORE HELPING
If you are rying to update an iPhone 4 that now has iOS 4.3, you must connect to a computer with iTunes, start iTunes and select the iPhone from the list of Devices on the left side of the window. Then in the main Summary window select Software Update. The process will take a rather long time, up to half an hour depending on the speed of your internet connection.
Maybe you are looking for
-
Account Merge gives an error"Define realignment task"
Dear Gurus, We have implemented BP CRM 2007(sup pack 2.0). I have a problem in account merge. Initially the account merge was working but it never triggered the batch job and so in the slave account no arciving indicator was set. Also I could never s
-
Import Meta Data from CSV - Export Meta Data to CSV
Ability to import meta data into selected images from CSV file containing a number of fields, one of which is file name. The other fields would be selected tags to import. Import logic would be, Where file name in column 1 matches current selected fi
-
Additional fields in FI Document - BAdI FI_HEADER_SUB_1300
Hi, I need to add some additional fields in FI document via transaction F-43. I added them in an append structure in BKPF, implemented BADI FI_HEADER_SUB_1300 and programmed the screen with the corresponding fields. But it didn´t work with my new fi
-
Program, transaction or anything for query analyzer in abap
is there any program o txn like SQL query analyzer but in SAP? i read something in recently udates, but im not sure. tks in advance
-
HT201412 Where is the restore button on iTunes?
To restore my phone, it says I have to select and click the Restore button on the Summary pane on iTunes. Where is that?