Windows Client(s) not ‘appearing’ in WSUS

KB ID 0000591 

Problem

Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.

Here are the steps I usually follow to get the machines listed in the WSUS management console.

Solution

Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;

[box]

$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates

wuauclt /reportnow

[/box]

 

 

1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:

Or by running gpresult /R from command line

Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).

2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]

3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.

4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.

5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.

6. If all the above is OK, you can try forcing a registration with the following command;

[box]wuauclt /detectnow[/box]

7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.

8. Scroll all the way to the end, then work upwards looking for errors.

9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.

10. Open the registry Editor and navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]

Locate and delete the SusClientId entry.

11. Restart the Windows Update service and run the following two commands:

[box]wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow [/box]

Update 16/06/15

Received via Email from Patrick Mauger:

You can add an incorrect binding in IIS to the site WSUS Administration.

You need to add a binding for port 80, because the only ports configured are 8530 and 8531.

Related Articles, References, Credits, or External Links

Windows Server Update Services – Install and Configure (2008 R2)

WSUS Install Error – ‘The update could not be found. There may be a network connection issue.

Message ID 6600: sms wsus configuration manager failed to configure upstream server

WSUS Install Error on Windows Server 2008 R2

VMware – Cannot Delete an ‘Orphaned’ Replica

KB ID 0000601 

Problem

After some messing about on my test network I was left with a ‘replica’ machine that I needed to get rid of, this was easier said than done, as it was in an orphaned state.

Solution

1. Find out which host in the cluster the replica is on, In my case that’s simple (I only have one). In a live environment click the replica machines summary tab, and it will tell you which host it is on. Connect directly to the host with the VI client software. (Remember the username this time will probably be root!), then right click the replica and select ‘Delete form Disk’.

2. Log back into your Virtual Center Server with the VI client. Right click the host that had the replica on it and select ‘Disconnect’.

Note: We actually need to remove it from the cluster, but to to that it would need to be in maintenance mode (not good if you have live servers running) that’s why we are disconnecting it first (the VM‘s will stay online).

3. Once disconnected, right click the host again, and this time ‘Remove”. Don’t panic the guest machines will stay online.

4. Then simply add the ESX host back into the cluster once again, this time its updated inventory (Minus the deleted replica) will be added back.

Related Articles, References, Credits, or External Links

NA

Trend Micro (Worry-Free Business Security) Cannot Remove Agent

KB ID 0000630 

Problem

While working on a badly Malware affected server the other day, I tried to resurrect the Trend Micro Security Agent. It refused to run, so I attempted to remove it. Then I could reinstall it cleanly. (I knew the password that it required for removal). However this it what happened when I tried;

Trend Micro Worry-Free Business Security Agent Setup
Unable to Uninstall

An error has stopped the removal of the Trend Micro Worry-Free Business Security Agent. No changes have been made to this computer. Please contact Trend Micro for help.

Click the button below to close this window.

Solution

This procedure was carried out on Worry-Free Business Security Version 7.

1. Download and extract this zip file, (password novirus) to your desktop.

2. Run the SA_Uninstall_2360.exe file, it will create a folder on your desktop called SA_Uninstall.

3. Open that folder and run the ‘uninstall.bat’ file.

4. Press a key when prompted, then enter ‘Y’ to reboot.

5. Post reboot, I went back to Add/Remove programs, and it was still there! however now it let me uninstall it without error.

6. I now went to the server running the Worry-Free console, and pushed out a fresh agent to this machine, updated it, and did a full manual scan.

Related Articles, References, Credits, or External Links

NA

Enable Aero for RDP “One or more of the themes has been disabled by Remote Desktop Connection settings”

KB ID 0000647 

Problem

If you have enabled Aero on your remote machine, when you connect to it via RDP you will see this error, (if you try and change the theme to Aero).

One or more of the themes has been disabled by Remote Desktop Connection settings

Solution

1. Close your RDP session, and launch the RDP client software again > Options > Experience > Place a tick in “Menu and window animation”.

2. Reconnect to your machine.

Related Articles, References, Credits, or External Links

NA

Windows cannot open Help And Support

KB ID 0000260 

Problem

Seen On Windows Server 2003 (Post SP2).

Error: Windows cannot open Help and Support because a system service is not running, To fix this problem, start the service named ‘Help and Support’

And the service is not there.

Solution

Assuming that if you Start > Run > services.msc > {Enter} > The service is not there, if it is, set it to automatic and start it, if not do the following.

1. On the server in question > Start > run > cmd {Enter}.

2. Issue the following commands,

[box]

cd %windir%PCHealthHelpCtrBinaries
HelpSvc.exe /regserver /svchost netsvcs /RAInstall

[/box]

4. You should now be able to open “Help and Support”.

 

Related Articles, References, Credits, or External Links

NA