WSUS Patch Approval and Client Detection

I need to demonstrate patch approval on server and installation on client machine.
After approving the patch on WSUS server, I go to client machine, run wuauclt /detectnow. But the client doesn't find the updates immediately. But the client can detect the approved update after a few hours/days. How can I reduce this delay?

Hi,
When you run the wuauclt /detectnow task, you need to wait for the completion of the detection event.
Typically this could take a couple of minutes, but on a healthy, fully patched system, it may complete in a matter of seconds.
Regards.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Similar Messages

Client Stop reporting in WSUS after Approval patches

Hi Team,
Recently i faced lot of issue in my wsus server during patching activity, After approving patches certain client stop reporting in wsus . I have tried all the troubleshooting but no one help.
can any one help me and provide troubleshooting steps which required in this type of cases
Regards, Triyambak

I am facing same issue in one of server , here is the log file
2014-06-24 02:56:11:066
852 c18
PT WARNING: SOAP Fault: 0x00012c
2014-06-24 02:56:11:066
852 c18
PT WARNING: faultstring:Fault occurred
2014-06-24 02:56:11:066
852 c18
PT WARNING: ErrorCode:ServerChanged(4)
2014-06-24 02:56:11:066
852 c18
PT WARNING: Message:Server rolled back since last call to GetCookie
2014-06-24 02:56:11:066
852 c18
PT WARNING: Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/GetCookie"
2014-06-24 02:56:11:066
852 c18
PT WARNING: ID:2f956ab6-fac3-4e68-bffa-48557d580e88
2014-06-24 02:56:11:066
852 c18
PT WARNING: PTError: 0x80244015
2014-06-24 02:56:11:066
852 c18
PT WARNING: GetCookie_WithRecovery failed : 0x80244015
2014-06-24 02:56:11:066
852 c18
PT WARNING: RefreshCookie failed: 0x80244015
2014-06-24 02:56:11:066
852 c18
PT WARNING: RefreshPTState failed: 0x80244015
2014-06-24 02:56:11:066
852 c18
PT WARNING: Sync of Updates: 0x80244015
2014-06-24 02:56:11:066
852 c18
PT WARNING: Cached cookie has expired or new PID is available
2014-06-24 02:56:11:066
852 c18
PT Initializing simple targeting cookie, clientId = 60adbf7d-5194-4cd9-90c7-e00efccedcb7, target group = WSUS 2003 x32 Prod Group 1, DNS name = lpsjcmwbp13.sumcweb.com
2014-06-24 02:56:11:066
852 c18
PT Server URL = http://lpchweb-wsus.sumcweb.com/SimpleAuthWebService/SimpleAuth.asmx
2014-06-24 02:56:30:488
852 c18
Agent * WARNING: Failed to synchronize, error = 0x80244015
2014-06-24 02:56:30:504
852 c18
Report CWERReporter finishing event handling. (00000000)
2014-06-24 02:56:30:504
852 c18
DnldMgr File locations for service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 changed
2014-06-24 02:56:30:504
852 c18
Agent Server changed and need resyncing with server
2014-06-24 02:56:30:895
852 c18
PT +++++++++++ PT: Synchronizing server updates +++++++++++
2014-06-24 02:56:30:895
852 c18
PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://lpchweb-wsus.sumcweb.com/ClientWebService/client.asmx
2014-06-24 02:56:35:692
852 c18
PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2014-06-24 02:56:35:692
852 c18
PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://lpchweb-wsus.sumcweb.com/ClientWebService/client.asmx
an AU detection already in progress
2014-06-24 01:35:37:030
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:37:030
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:37:077
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:37:077
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:37:296
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:37:296
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:37:562
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:37:562
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:37:655
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:37:655
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:37:968
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:37:968
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:38:015
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:38:015
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:38:343
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:38:343
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:38:515
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:38:515
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:38:655
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:38:655
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:38:937
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:38:937
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:38:999
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:38:999
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:39:421
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:39:421
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:39:421
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:39:421
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:39:640
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:39:640
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:39:859
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:39:859
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:39:968
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:39:968
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:40:312
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:40:312
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:40:374
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:40:374
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:40:609
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:40:609
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:40:859
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:40:859
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:41:030
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:41:030
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:41:202
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:41:202
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:41:374
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:41:374
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:41:515
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:41:515
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:41:796
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:41:796
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:41:952
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:41:952
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:42:077
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:42:077
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:42:374
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:42:374
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:42:499
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:42:499
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:42:671
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:42:671
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:42:952
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:42:952
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:43:062
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:43:062
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:43:327
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:43:327
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:43:499
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:43:499
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:43:624
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:43:624
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:43:859
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:43:859
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:43:984
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:43:984
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:44:218
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:44:218
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:44:343
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:44:343
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:44:687
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:44:687
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:44:859
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:44:859
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:44:984
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:44:984
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:45:281
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:45:281
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:45:343
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:45:343
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:45:749
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:45:749
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:45:749
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:45:749
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:45:984
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:45:984
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:46:281
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:46:281
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:46:452
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:46:452
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:46:593
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:46:593
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:46:765
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:46:765
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:46:968
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:46:968
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:47:124
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:47:124
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:47:343
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:47:343
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:47:515
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:47:515
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:47:734
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:47:734
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:48:015
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:48:015
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:48:109
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:48:109
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:48:327
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:48:327
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:48:499
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:48:499
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:48:702
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:48:702
832 1378
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:48:906
832 700
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:48:906
832 700
AU Piggybacking on an AU detection already in progress
2014-06-24 01:35:49:234
832 1378
AU Triggering AU detection through DetectNow API
2014-06-24 01:35:49:234
832 1378
AU Piggybacking on an AU detection already
Regards, Triyambak

WSUS Server settings and Migrating SCCM 2007 Clients to SCCM 2012 R2

I am in the process of migrating a site from SCCM 2007 to SCCM 2012 R2.
Whilst doing this I came across the following issue:
The first issue is the workstations are woefully out of date, patch and update-wise, some have never had a patch applied as the branch IT staff are building them from the original disk. The policy is set in the SCCM 2007 client to point the machines at
the 2007 WSUS server, which is not set to deliver any updates to 2007 clients and hasn't been for a while. So as soon as the client is installed they lose the ability to get updates from Microsoft and don't get them from the 2007 WSUS server either.
Issue number 2 is the machines are a mixture of hand-built machines to SCCM 2007 delivered images, the SCCM image is patch using offline patching so they are somewhat up-to-date, but the hand-built machines are not and as there is no standardization on
the Microsoft Update client settings, the IT person on-site sets it to whatever he/she feels like, as it makes no difference once the client is installed and the policy applied.
So, when I come to update the client from 2007 to 2012, the following occurs
The Client uninstalls, and the GPO policy settings for Windows Update are removed.
Depending on the setup of the client initially, some machines are then going to Microsoft for their updates (literally 100s) and although the new client is installed the policy update does not fire to update the Windows Update Policy settings, sometimes
for hours after the install finishes. My thoughts are that it just can't run the policy as it is bogged down by patches updating and, in some cases, rebooting and then updating some more.
As a workaround I have had to go in an physically disable Microsoft Update on these machines, which stops the downloading and eventually allows the policy to apply, after which the machine then begins to receive patches from WSUS in a controlled method during
maintenance windows.
I have tried a number of approaches, even setting the Global Group Policy for Windows Update, but the install still removes the keys and basically sets Windows updates back to whatever it was set before the policy was applied and stays that way until the
new client is installed and the Machine policy reapplied. This can be speeded up by initiating it on the client obviously, but that would mean going to each client or using right-click tools on each machine, which is not an option.
What I would like to know is if there is something I am missing from my methods or is it just that I have never been on a site with such out of date workstations built in such different ways.
Any help would be appreciated.

First note that clients do *not* get updates from WSUS in ConfigMgr. The Windows Update Agent (WUA) must point to the WSUS integrated into ConfigMgr (by virtue of having the SUP installed on it) but this is only to make the update catalog/metadata available
to it. Approving updates in WSUS is unsupported for ConfigMgr.
What you've described above is all working as designed although these clients are falling into a gap between the 2007 and 2012 configuration and thus they are reaching out to Windows Update during this gap and installing updates. To prevent this, you
need to disable automatic updates via a domain group policy. This will prevent all automated WUA activity including installing updates from any source automatically. This will not interfere with ConfigMgr Software Updates in any way though.
Jason | http://blog.configmgrftw.com | @jasonsandys

Adding system and client specific TMS approval steps

Hello,
In defining QA approval steps, how to define a step which is not system and client wide?
When adding a new step, it is automaticaly defined with * in the client and system fields, and when changing the steps, these fields are not editable. However, there are several approval steps for which a specific system and client are entered, but this was done by a consultant, who was here some years ago.
Does anyone know how to do this?
Thanks in advance,
A

Hi Aleksandra,
Did you ever find a solution to this issue. I too have multiple QA systems in our landscape (4 system landscape), and yet I can not defined system/client specific approval procedures in STMS.
The system and client options don't even appear when I go into change mode, yet table TMSQASTEPS has the options available. Direct table update works fine, but it would be nice to know the "SAP standard" way of doing this.
Cheers
Shaun

6i with patch 10 and get FRM-92150: WEB CLient Version too new...

I have a form 6i and I installed patch 10 and after I do that, I have a error...
FRM-92150: WEB CLient Version too new...
I check both my jinitiator and the config file in the server are the same... any advices?
Thanks

1. Telling you to move this isn't helping you. I understand why you want you want to keep your forum clean, but I see this all the time and all it does is create dead end links.
Why don't you move it and e-mail the person having an issue??
2. Your solution might be to clear the Jar Cache. On Windows this would be in the JInitiator Control Panel.
3. If you ran an update and then rebuilt the server back to the prevoius version you might create this error. In my humble opinion Application Server - General isn't that far off when you don't know the cause.
Thanks!
Michael Seberg

WSUS server and client configuration issues

I just inherited WSUS from my predecessor (it was turned off because of a full disk) so I’m still learning how to use it. Turning it back on I changed where updates should come from, they were stored locally and now I’m pulling them down off of the Microsoft
Update location. What I’m seeing is that I have a bunch of computers that WSUS “sees” but are showing “Failed or Needed” status. Unless I visit each machine and manually do the updates this status does not change. Additionally I have some client computers
(Windows 7) that are not showing up as managed by WSUS. If I reading this right I’m running version Update Services 6.2.9200.16384 on Management Console 3.0 Version 6.2 (build 9200) on Windows Server 2012.
How can I force WSUS to automatically update the “Failed and Needed” devices?
How can I get those clients that are not being managed by WSUS to be managed?
Some of the things that I have done so far on the server and clients are:
Create a GPO (see attached for WSUS)
wuauclt
/detectnow
wuauclt /reportnow
wuauclt.exe /detectnow
gpupdate /force after
modifying the GPO
I even ran the SolarWinds WSUS diagnostic (as a non-administrator) and got this as the output:
# Solarwinds® Diagnostic Tool for the WSUS Agent # 1/23/2015
Machine state
User rights: User does not have administrative rights (Administrator rights are not available)
Update service status: Running
Background Intelligent Transfer service status:
Running
OS Version: Windows 8.1 Pro
Windows update agent version:   7.9.9600.17489 (WU Agent is OK)
Windows Update Agent configuration settings
Automatic Update:    Enabled
Options: Automatically download and notify of installation
Use WSUS Server: Not found (There is no such key)
Windows Update Server: Not found (There is no such key)
Windows Update Status Server: Not found (There is no such key)
WSUS URLs are identical: Values are empty
WSUS Server Connectivity -- Connectivity check is impossible
So, my questions are:
What tool do I use to configure the client machine?
How do I get WSUS to update my clients?
Thanks
Sam

Steven,
I'm pretty sure that this is not the right forum to discuss this in but just so we can close this case.
On my computer I ran the command gpupdate /force I
then rebooted my computer to make sure that the group policy would be updated. The first screen shot is from my domain controller and the second is from my computer. As you can see the Domain Controller has the correct settings but the local machine doesn't.
Other parts of the DC GPO settings have worked so I'm somewhat comfortable that it is being propagated properly.

WSUS updates download to Client but do not Install immediately

Hi All,
Need your help to understand and resolve below WSUS related issue?
Client workstation has been configured with below WSUS group polices.
We have more than 2000 workstation which are part of same OU and same WSUS group policy.
This workstations has customize windows XP and 7 OS and its use as cash counter pc like in Mall.
We found 60% workstation has been patched with latest update automatically and rest of not patches.
We have created script for which remove old
C:\winnt\softwaredistribution folder and and run
wuauclt.exe / detectnow command.
Now we can see patches are downloading on system but not Install immediately. In event viewer we
can see event 17 which say “
Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt
with further instructions: “ As this all workstation has customize OS and use command service account for login.
Also no pop us for as notification and no chance to install patches by user.
What we can do to install patches immediately without modifying GPO policy.
Does 3 - Auto download and notify for install gpo setting prevent us to install patches immediately After running script.
What is main reason on patches not install on workstation.
What will happens if system down during schedule install time.
Why always 40% workstation display as 99% install in WSUS console even after patches with latest month update.
Please suggest any new way to make 100% workstation compliance with patch update.
Windows Components/Windows Update Policy Setting
Allow Automatic Updates immediate installation Disable
Automatic Updates detection frequency 22 hrs
Configure Automatic Updates Enabled
Configure automatic updating: 3 - Auto download and notify for install
The following settings are only required and applicable if 4 is selected.
Scheduled install day: 0 - Every day Scheduled install time: 03:00
Policy Setting
Delay Restart for scheduled installations 5 min
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box Enabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box Enabled
Enable client-side targeting Enabled
Target group name for this computer workstations
Policy Setting Specify
intranet Microsoft update service location Enabled
Set the intranet update service for detecting updates: XYZ
Set the intranet statistics server: XYX

@JJJdavidson...
Thanks for sharing this valuable information.
Request you to please check below comment with respect of your suggestion and please suggest.
As you say with automatic update set to option 3 computer will never automatically install update But what will happens if we configure schedule install date and time setting along with automatic update option 3. Will it allow computer to install
update on given date or we have to configure this setting only with automatic update option 4.
Is it true that with automatic update option 3 computer only download update and user attention require to install update on computer.
As I say.. our workstations are customize with windows xp and 7 and it wont any user to install update.
No doubt on point number 4.
With respect of your explanation in point 5. Please suggest on below point.
On which condition system will decide whether approve patches are applicable or not.
If any workstation are newly format then will it download all approve patches for that workstation.
With respect of above question. If I format windows 7 workstation and in WSUS 100 patches has been approved since last year. Will it go and download all patches. In same case what will happens if any patches are replace with other patches .
I am asking all above request because i am majorly facing issue with 99% system status in WSUS and want to resolve this.

Error 0x8024000B during client detection

Hi There,
Recently, we have faced a issue where drive holding WSUS content folder is went to offline due to storage issue. After doing the Reactivation of disk, Every thing looks good. But after few days we have done patching on server with different sub net other
the WSUS server subnet .We are not able to detect the patches in the Wsus client even after running the commands of Detect now and authorization by stopping the au service. But when we open the status report of WSUS client from Wsus console,it is showing
40 patches need to install. I have gone through WSUS log file and getting the below error first and later no error reporting just saying 0 updates downloaded. Any help on this is much appreciated.
WARNING: WU client failed Searching for update with error 0x8024000b
Agent * WARNING: Failed to filter search results, error = 0x8024000B
CltUI AU client got new directive = 'None', serviceId = {00000000-0000-0000-0000-000000000000}, return = 0x80010108
CltUI FATAL: Failed to show client UI, directive=7, hr=80010108
Thanks
Suri

We'll probably need to see a complete detection event in order to do any useful diagnostics.
The error codes presented here simply tell us that the connection was aborted, but they provide no information as to why that might have happened.
Please do the following on this client:
Reboot the system.
Run this command: wuauclt /resetauthorization /detectnow.
Wait 30 minutes.
Locate the point in the WindowsUpdate.log where the reboot started, and post ALL of the lines from there to the end of the WindowsUpdate.log.
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence R Garvin
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

WSUS - Auto Download and Schedule Install

Hey, so I have a couple questions regarding WSUS:
1. Can computers be set to daily check for updates from an internal WSUS server and download them without installing, and then automatically install those
updates at a different, scheduled time, whether they are connected or not? (I see the GPO called "Automatic Updates detection frequency"
that I can configured, but it doesn't say whether updates are downloaded during this operation or not)
2. Can computers be configured so that
they will download updates from an internal WSUS server first and if it's not available, then reach out to Microsoft?

So that would mean the answer to my initial question is No. I want an option called "Auto download and install at scheduled time".
Let me clarify how this all works.
The Windows Update Agent periodically checks the WSUS server for updates. Updates it finds, it reports state for: Installed, Not Installed, Not Applicable. If a "Not Installed" update is approved and available, the WUA queues the installation files
for download if the Configure Automatic Updates policy is set to AUOption '3' or '4'.
The download occurs via Background Intelligent Transfer Service (BITS) subsequent to the WUA finding the update as available for download.
When the download of the update is completed, the WUA does one of two things:
If the Configure Automatic Updates policy is set to AUOption '4', then the WUA will schedule the update for installation at the scheduled time. This scheduled installation does NOT require access to the WSUS server to be conducted.
If the Configure Automatic Updates policy is not set to AUOption '4', then the update will be retained on the client computer until a user launches the Windows Update applet from Control Panel and initiates the installation.
If the Configure Automatic Updates policy is set to AUOption '2', then the files will not be downloaded, and a logged on user must initiate the download using the Windows Update applet in Control Panel. This setting is typically used for highly mobile
computers that have only sporadic connections to the network servicing the WSUS server.
The downloading of files using BITS can be controlled using the BITS download policies in Group Policy. You can restrict the bandwidth used for downloads (per client) and/or restrict when those downloads are performed. Ergo, if you want downloads to
occur at 8pm each night, simply block the ability to download files prior to 8pm.
Please note, however, that the files MUST be completely downloaded BEFORE a scheduled installation event for the updates to be installed at that event, and the amount of time required to complete those downloads is highly unpredictable and will change from
month to month and client to client.
Finally, there is one last possible methodology, but this one is fraught with much risk. You can configure clients with AUOption '2', so they do not automatically download update files upon discovery. Then configure an Approval Deadline at the time you want
those updates to be installed. In this scenario, and ONLY this scenario, when the client reaches the Approval Deadline, it will automatically download -and- install the updates that have deadlines configured. In addition, this methodology also gives you some
capability to configure the *DAY* that updates are installed, not just the time. However, as several threads in this forum will attest, there are MANY opportunities using deadlines for things to go sideways. Be sure to anticipate ALL POSSIBLE scenarios before
initiating the use of Approval Deadlines, and more importantly! TEST! TEST! TEST! prior to implementing this methodology throughout the entire organization.
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

WSUS Manage Approval for different Groups

We have different products the the company hosts and they require that servers be patched on Test servers prior to a code release. Once the the servers are tested then the same set of patches should be deployed to the production servers during a scheduled
time when the code is released to the production servers. And that is the case for other products but the cycle between the product is always different. So we always want test group be product match the production group by product. What is the best solution
to implement for this type of environment to be able to approve any missing update to the test group for a product and when time comes how to push the same updates to production groups.
The way I have it seems messy because i have bunch of nested groups by datacenter > product name > purpose of the server "wether it is QA webserver, prod webserver, dev webserver, other servers,
etc... and what i do is from Update Reports, run "Update Status Summary" report on the test group that has a status of "Needed, Failed, No Status" and from there approve the updates to that test group. Install the updates, etc... and then
when I want to deploy the updates to certain groups, I run the "Updated Tabular Status for Approved Updates", select the same test group that was deployed to and the option "Installed/NotApplicable, Needed" and approve to the Production
group. Seems like I am doing this all wrong. Appreciate the help. Thanks.

Hi,
I’m not sure if I have got your idea correctly. After you approved for test group, and there is any problem. You need approve for production group or all computer group.
A similar question here:
How does the WSUS approval process work ?
For more information about approval process please refer to:
Approving the Updates
http://technet.microsoft.com/en-us/library/cc708474(v=ws.10).aspx
Step 7: Approve and Deploy Updates in WSUS 3.0
http://technet.microsoft.com/en-us/library/cc708475(v=ws.10).aspx
Hope this helps.

Approved and published items are not shown in the catalog search

Hello all,
We are implementing SRM 4.0 SSP scenario .
To support shopping of EBP we are also implementing CCM 2.0 as an add on.
Please note CCM and EBP are on same client and CAT & CSE are also on the same client.
No XI is involved. The catalog scheme was uploaded as CSV 2.0. The items for the catalog was created manually in CAT.
Although the item has the status "approved" and the procurement catalog which is also the master catalog was published successfully the item is not shown after searching by CSE in EBP. Also the categories of the scheme are not shown in the catalog search.
Do i have to approve the categories too and if yes can you explain me how to do this?
I think you see that I'm a newbie at srm and ccm and this problem is probably no real problem but I have not found any similar topics in the forum. So please can you help.
Thanks a lot for your help.
Best regards,
Bernd

Bernd: the reason I asked about views is that you don't have any error messages. This might indicate that (a) you have no items in the view, or (b) there's something wrong with view-role-user assignment.
To check for (a), please go to the published procurement catalog, and go to Views tab. Check that your View is Active. Click on your View ID link to display view details. You should see a list of characteristics assigned to your view in Assign Characteristics sub-tab (the list should not be blank!). Go to Assign Items sub-tab. Navigate in your schema to find items that are supposed to be assigned to your view. You should see "Yes" in the "Assigned" column for those products. If you don't, then you simply don't have any items in your view.
Another thing I'd like you to check: when the user calls your procurement catalog for search, do you see the name of the catalog displayed just below the drop-down "Select Categories Hierarchically"?
Cheers,
Serguei

EJB- HRS and Client Error

This is the error i get when i do the 1st part of the Human resource reservation in Jdeveloper tutorial:
what could cause the error:
C:\jdeveloper\jdk\bin\javaw.exe -ojvm -XXdebug,quiet,port1033 -classpath C:\jdeveloper\jdev\mywork\MyHRApplication\EJB-Tier\classes;C:\jdeveloper\jdev\lib\jdev-rt.jar;C:\jdeveloper\j2ee\home\lib\activation.jar;C:\jdeveloper\j2ee\home\lib\ejb.jar;C:\jdeveloper\j2ee\home\lib\jaas.jar;C:\jdeveloper\j2ee\home\lib\jaxp.jar;C:\jdeveloper\j2ee\home\lib\jcert.jar;C:\jdeveloper\j2ee\home\lib\jdbc.jar;C:\jdeveloper\j2ee\home\lib\jms.jar;C:\jdeveloper\j2ee\home\lib\jndi.jar;C:\jdeveloper\j2ee\home\lib\jnet.jar;C:\jdeveloper\j2ee\home\lib\jsse.jar;C:\jdeveloper\j2ee\home\lib\jta.jar;C:\jdeveloper\j2ee\home\lib\mail.jar;C:\jdeveloper\j2ee\home\oc4j.jar;C:\jdeveloper\lib\xmlparserv2.jar;C:\jdeveloper\lib\xmlcomp.jar Samplehr.hrAppClient
Debugger connected to local process.
javax.naming.NamingException: Lookup error: java.net.ConnectException: Connection refused: connect; nested exception is:
     java.net.ConnectException: Connection refused: connect
     java.lang.Object com.evermind.server.rmi.RMIContext.lookup(java.lang.String)
          RMIContext.java:134
     java.lang.Object javax.naming.InitialContext.lookup(java.lang.String)
          InitialContext.java:350
     void Samplehr.hrAppClient.main(java.lang.String[])
          hrAppClient.java:18
Debugger disconnected from local process.
Process exited with exit code 0.

Try below solution :
1. Take a copy of HReports.jar (Updated file) from the FR Report Server instance.
2. Bring the copied file to the User's Local Workstation and replace it with the one located under %HYPERION_HOME%\products\biplus\lib
3. Re-launch the FR Studio.
4. Open any of the FR Reports and now it can successfully print preview the FR Reports from the FR Studio.
above error happens if any FR patch is installed on FR server but not on client. So try above and if it does not resolve then make sure server and client has same patch level.

Patch 10 and 11 Install Problems

My application worked very successfully, using the servlet with all patches up to and including 9 using the 1.1 Jinitiator versions. I wanted to look at the time zone features and applied patch 10, and then 11. The servlet test appears to work in the new patches 10 and 11.
Using the latest 1.1 Jinitiator in either patch 10 and 11, I get "92102 - Negative or zero content-length" when starting the application. Does anyone know what this means, and/or what cures the problem?
Using the 1.3 JInitiator, I get "frm-92150 Web Client Version too New" I have not seen this one before either and scant reference to it - only on Solaris - with solutions not applicable to Windows 2000. Again any ideas are welcome.
Many thanks,

It's worth clearing the JInitator Cache to try and get rid of the Client too New message. The other error is due to a problem in the contents of the HTTP header - We've only seen that with IE on Mac and the Apple MRJ in the past - double check that you are using the correct Jinit 1.1 version for those patches.
If clearing the cache does not fix the client too new then try with one of the other JARS e.g f60all rather than f60all_jinit. It may be that the JARs are out of sync with the Server - for instance if something had one of the JARs open when you installed so it was not overwritten with the new version.

Patching on oracle client

I have a question about oracle patching e.g. 10.2.0.1 to 10.2.0.4
We do patching of 10.2.0.4 for 10.2.0.1 on oracle server.
Just wanted to know do we also perform patching on oracle client also?
If yes then what is the advantage/purpose to do that?
Thanks,

CKPT wrote:
Satish Kandi wrote:
790066 wrote:
Sir, i am confused with both your contradictory answers.... :)
As per 1 reply we do patching for enhancements but i gues those will be helpful/useful at server side at the database level....
how it wil useful for client side?This will help in preventing the issues which are result of client-side software code. F. ex. I can recall daylight savings time fix in 9.2.0.x (don't remember the exact patch number now, but I think it was 8) which included patching both client and server software.OP question is on We do patching of 10.2.0.4 for 10.2.0.1 on oracle server
My answer included an "example". It has nothing to do with the versions that OP has mentioned.

Zero sized files and client download errors..

Frequently I see zero sized files being downloaded into the patch proxy spool area.
Sometimes it is the detectors file. Other times it is a whole heap of all_signed<patchid>.jar files. This basically breaks all future downloads of these patches to the clients.
If I go into the spool directory and delete the offending zero length files and re-issue the download command it works.
Also, on especially large patch files, the client will report errors during the download. The patch proxy is still downloading the patch in the background but the client times out waiting for it to come down.
I will paste logs etc when I see it again.

I encountered an issue today with zero length patch jar File
17# cd /var/sadm
doe63 - root - /var/sadm - (-ksh)
18# find . -name "*120068*"
./spool/patchsvr/%2Fall_signed%2F120068-02.jar
doe63 - root - /var/sadm - (-ksh)
19# ls -l ./spool/patchsvr/%2Fall_signed%2F120068-02.jar
-rw-r--r--   1 root     root           0 Feb 22 10:00 ./spool/patchsvr/%2Fall_signed%2F120068-02.jarThese were the entries in the catalina.out on the patchsvr
Feb 22, 2007 10:00:02 AM com.sun.swup.updateserver.net.ConnectionFactory getConnection
INFO: Connecting to https://getupdates1.sun.com/
/usr/lib/cc-ccr/bin/ccr -g cns.assetid
/usr/lib/cc-ccr/bin/ccr -g cns.patchsvr.cachelocation
Feb 22, 2007 10:00:04 AM com.sun.swup.updateserver.security.SignatureValidationUtil validateJarFile
SEVERE: error in opening zip file
java.util.zip.ZipException: error in opening zip file
        at java.util.zip.ZipFile.open(Native Method)
        at java.util.zip.ZipFile.<init>(ZipFile.java:203)
        at java.util.jar.JarFile.<init>(JarFile.java:132)
        at java.util.jar.JarFile.<init>(JarFile.java:84)
        at com.sun.swup.updateserver.security.SignatureValidationUtil.validateJarFile(SignatureValidationUtil.java:265)
        at com.sun.swup.updateserver.handler.CachingProxyValidationHandler.validate(CachingProxyValidationHandler.java:195)
        at com.sun.swup.updateserver.handler.CachingProxyValidationHandler.handleRequest(CachingProxyValidationHandler.java:86)
        at com.sun.swup.updateserver.UpdateServlet.processRequest(UpdateServlet.java:80)
        at com.sun.swup.updateserver.UpdateServlet.doGet(UpdateServlet.java:106)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:243)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:190)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
        at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2347)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
        at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:468)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
        at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1027)
        at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1125)
        at java.lang.Thread.run(Thread.java:595)
Feb 22, 2007 10:02:40 AM com.sun.swup.updateserver.UpdateServlet processRequestOn the client I got
3# smpatch update -i 120068-02
Failure: ERROR: Problem encountered while downloading a patch. Determine if the file system containing the patch download directory is full; the file system is corrupted; or the directory permissions were changed during download.
Installing patches from /var/sadm/spool...
WARNING: The installer cannot find the patch.
/var/sadm/spool/patchpro_dnld_2007.02.22@10:04:17:MET.txt has been moved to /var/sadm/spool/patchproSequester/patchpro_dnld_2007.02.22@10:04:17:MET.txtAfter deleting the jar file of the patch mentioned above it worked.

WSUS Patch Approval and Client Detection

Similar Messages

Maybe you are looking for