Windows Client(s) not ‘appearing’ in WSUS

KB ID 0000591 

Problem

Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.

Here are the steps I usually follow to get the machines listed in the WSUS management console.

Solution

Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;

$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates

wuauclt /reportnow

Force WSUS client to report in correctly

 

 

1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:

RSOP For WSUS

Or by running gpresult /R from command line

gpresult for WSUS policy

Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).

2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:

HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate

WSUS Registry Entries

3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.

Windows Update Service

4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.

Background Intelligent Transfer Service

5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.

WSUS Test the Website

6. If all the above is OK, you can try forcing a registration with the following command;

wuauclt /detectnow

Force Client to Register with WSUS

7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.

WindowsUpdate Log Location

8. Scroll all the way to the end, then work upwards looking for errors.

Analyze the WindowsUpdate Log

9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.

Stop Windows Update

10. Open the registry Editor and navigate to:

HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate

SusClientId Delete

Locate and delete the SusClientId entry.

11. Restart the Windows Update service and run the following two commands:

wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow

Force WSUS Client Registration

Update 16/06/15

Received via Email from Patrick Mauger:

You can add an incorrect binding in IIS to the site WSUS Administration.

You need to add a binding for port 80, because the only ports configured are 8530 and 8531.

Related Articles, References, Credits, or External Links

Windows Server Update Services – Install and Configure (2008 R2)

WSUS Install Error – ‘The update could not be found. There may be a network connection issue.

Message ID 6600: sms wsus configuration manager failed to configure upstream server

WSUS Install Error on Windows Server 2008 R2

Author: Migrated

Share This Post On