KB ID 0000591
Problem
Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.
Here are the steps I usually follow to get the machines listed in the WSUS management console.
Solution
Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;
[box]
$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates wuauclt /reportnow
[/box]
1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:
Or by running gpresult /R from command line
Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).
2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:
[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]
3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.
4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.
5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.
6. If all the above is OK, you can try forcing a registration with the following command;
[box]wuauclt /detectnow[/box]
7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.
8. Scroll all the way to the end, then work upwards looking for errors.
9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.
10. Open the registry Editor and navigate to:
[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]
Locate and delete the SusClientId entry.
11. Restart the Windows Update service and run the following two commands:
[box]wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow [/box]
Update 16/06/15
Received via Email from Patrick Mauger:
You can add an incorrect binding in IIS to the site WSUS Administration.
You need to add a binding for port 80, because the only ports configured are 8530 and 8531.
Related Articles, References, Credits, or External Links
Windows Server Update Services – Install and Configure (2008 R2)
WSUS Install Error – ‘The update could not be found. There may be a network connection issue.‘
Message ID 6600: sms wsus configuration manager failed to configure upstream server