Windows Client(s) not ‘appearing’ in WSUS

KB ID 0000591 

Problem

Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.

Here are the steps I usually follow to get the machines listed in the WSUS management console.

Solution

Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;

[box]

$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates

wuauclt /reportnow

[/box]

 

 

1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:

Or by running gpresult /R from command line

Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).

2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]

3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.

4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.

5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.

6. If all the above is OK, you can try forcing a registration with the following command;

[box]wuauclt /detectnow[/box]

7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.

8. Scroll all the way to the end, then work upwards looking for errors.

9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.

10. Open the registry Editor and navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]

Locate and delete the SusClientId entry.

11. Restart the Windows Update service and run the following two commands:

[box]wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow [/box]

Update 16/06/15

Received via Email from Patrick Mauger:

You can add an incorrect binding in IIS to the site WSUS Administration.

You need to add a binding for port 80, because the only ports configured are 8530 and 8531.

Related Articles, References, Credits, or External Links

Windows Server Update Services – Install and Configure (2008 R2)

WSUS Install Error – ‘The update could not be found. There may be a network connection issue.

Message ID 6600: sms wsus configuration manager failed to configure upstream server

WSUS Install Error on Windows Server 2008 R2

Windows 8 – RSAT Tools Will Not Install?

KB ID 0000827 

Problem

For newer versions of Windows see,

Install RSAT (Remote Server Administration Tools)

I wanted the RSAT tools installing on a Windows 8 machine today, I downloaded the RSAT update and ran it, but the tools did not appear? Also they were not available under ‘Turn Windows features on or off’.

Solution

As it turns out, even though it says ‘Installation complete’ that’s not the same as Installation Successful (cheers Microsoft!). It is actually failing in the background, because this machine does not have the English (United States) language pack installed.

1. Press Windows Key+X > Control Panel > Change the View to ‘Small Icons’ > Language.

2. Add a language.

3. Under ‘E’ > English > English (United States) > Add.

4. Make sure you click the link to download and install language pack.

5. It’s over 150MB so it may take a while.

6. When installed, reinstall the Windows RSAT package for Windows 8, and this time it should be there!

 

Related Articles, References, Credits, or External Links

NA

Outlook Opens Additional Mailboxes

KB ID 0000905 

Problem

I’ve seen this happen on both Outlook 2010 and Outlook 2013. You can open additional Exchange mailboxes from your accounts ‘Advanced’ section, but these mailboxes were not listed there.

Solution

Above, you can see that the offending mailbox here is called Training&Holidays.

1. On a DC, (or your Exchange server) > Windows Key + R > dsa.msc {Enter} > When Active Directory Users and Computers loads > View > Advanced Features.

2. Locate the user that has the offending mailbox > Properties > Attribute Editor > Locate the msExchDelegateListLink value > Edit > Remove the affected user(s) > OK > Apply.

3. Let the users restart Outlook. (Note: It may take a few minutes after Outlook is restarted for the mailbox to disappear).

Remove All Mailbox Mappings for All Users

WARNING: Use with caution, some users may be using this feature to automatically connect to mailboxes.

Use the following PowerShell;

[box]foreach ($u in $(Get-User)) { Write-Host “Clearing the msExchDelegateListLink for $($u.distinguishedname)”; $ad = [adsi]”LDAP://$($u.originatingserver)/$($u.distinguishedname)”; $ad.msExchDelegateListLink.Clear(); $ad.SetInfo(); }[/box]

Related Articles, References, Credits, or External Links

NA

 

Exchange – New User(s) Not Showing Up On Global Address List

KB ID 0000775 

Problem

If you create a new user, give them a mailbox, and they seemingly fail to appear then don’t panic!

Firstly and fore mostly: If you do anything in Exchange: Apply the “cup of coffee rule”, never make a change then go and prove that change works straight away! check it later.

However most of us work in the real world and you have a user who needs to use this mailbox yesterday!

Bear in mind, the process you need to follow is;

1. Make sure the user does have a mailbox.
2. Make sure that user/mailbox is on the GAL.
3. Make sure the OAB you are looking at, has been updated from the GAL.
4. If using Outlook, query the GAL directly, or download the latest OAB.

Solution

Make sure the User Does Have a Mailbox

1. Before you do anything send the user you created a ‘Test Email’ from your own account. If you receive an error message then you can investigate further (Note: Set your Outlook client to send you a delivery report on the test email as well). Then check the mailbox Exists (See Check for existence of mailbox sections below).

Check for the Existence of the mailbox (Exchange 2000 /2003)

1. Click Start > All Programs > Microsoft Exchange > System Manager.

2. Expand the Exchange Organisation > Administrative groups > Administrative group name (First Administrative group is the default).

Note: If you cannot see Administrative Groups right click the Very top object > Properties > Tick Display Administrative Groups.

3. Expand Servers > Server-name > Storage Group (First Storage group will be the default) > Mailbox Store > Mailboxes.

4. The Mailbox SHOULD be in the right hand window (Providing you are in the correct administrative group, on the correct server, and in the correct mailbox store!).

Check for the Existence of a mailbox (Exchange 2007/2010)

Remember with Exchange 2007 / 2010 you create the mailbox with the Exchange system Manager anyway!

1. On the Exchange Server, Start > All Programs > Microsoft Exchange Server 2007 > Exchange Management Console.
2. Expand recipient Configuration > Mailbox.
3. The Mailbox should be listed in the centre window.

Check for the Existence of a mailbox (Exchange 2013/2016)

Connect to the Exchange admin center > recipients > mailboxes > locate your user.

Mailbox is there but the user is not listed on the Global Address List

1. Make sure the user is not “Hidden from the Global Address List”

Exchange 2000/2003

On the Exchange Server > Click Start > run > dsa.msc {enter} >Locate the user in question > Right Click the user > Properties > Exchange Advanced Tab > Ensure “Hide from Exchange Address Lists” is NOT ticked.

Exchange 2007/2010

On the Exchange Server > Start > All Programs > Microsoft Exchange Server 2007 > Exchange Management Console Expand recipient Configuration > Mailbox > Locate the Mailbox for the user in question > Right Click the Mailbox > Properties > General Tab > Ensure “Hide From Exchange Address Lists” is NOT ticked.

Exchange 2013/2016

Connect to the Exchange admin center > recipients > mailboxes > locate your user > Edit > Ensure “Hide From Exchange Address Lists” is NOT ticked.

Make sure the user is on the Global Address List on the server.

The easiest way to do this is simply connect to Outlook Web Access, and query the GAL directly (OWA uses the GAL no the OAB like Outlook running in cached mode does).

Exchange 2000/2003

Click Start > All Programs > Microsoft Exchange > System Manager > Expand Recipients >All Global Address Lists > Right Click Default Global Address List > Properties > General Tab > Preview > Check the user is on this list.

Exchange 2007/2010

On the Exchange Server > Start > All Programs > Microsoft Exchange Server > Exchange Management Console > Select Organisation Configuration > Mailbox > Address Lists Tab > Locate the all users Object > Double Click it > Select Preview > Check the user is on this list > OK > Cancel.

Exchange 2013/2016

Connect to the Exchange admin center > organization > address lists > Default Global Address List > Edit > Preview recipients in the global address list includes… > Locate the user.

The User/Mailbox IS listed on the Server But NOT in Outlook.

Remember, if you are looking at the Global Address List in Outlook then you are NOT looking at the Servers Global Address List*. If you are using Outlook  you may be in “Cached Mode”, and you are looking at a copy called the “Offline address book” This only gets updated Every 24 hours, and the copy on the server only gets updated every 24 hours at 04:00 (by default). In addition to this there a a few methods by which your Outlook clients get the offline address book.

*Note: Unless you are NOT in cached mode.

Outlook 2003 (and older)* clients get their OAB from a public folder, Outlook 2007 (and newer) clients can get their OAB from ‘Web-based distribution’ (basically form the website on the Exchange (or Exchange CAS) server. So there are three factors stopping you seeing that new user on the GAL (I personally advise you simply wait, however if that’s not an option, read on).

*Exchange Supported versions of Outlook

Support for Outlook 2000 was dropped with Exchange 2007, Exchange 2010 only supports Outlook 2003 (post SP2). Exchange 2013 only supports Outlook 2007 (post SP3 and cumulative update), and Outlook 2010 must be at SP1 with cumulative update.

a. Firstly force update the Offline Address Book.
b. Force your Outlook Client to Download the Offline Address book.
c. Check that the OAB is getting distributed from the Exchange/CAS server.

Update the Offline Address Book from the Global address List

Exchange 2000 / 2003

Click Start > All Programs > Microsoft Exchange > System Manager > Expand Recipients > Offline Address Lists > Right Click the “Default Offline Address Book” > Rebuild > HEED THE WARNING > OK > Right Click it again > Properties, You will see the time it updates (by default) you can change that here..

Exchange 2007 / 2010

1. On the Exchange Server > Start > All Programs > Microsoft Exchange Server 2007 > Exchange Management Console > Select Organisation Configuration > Mailbox > Offline address book tab > Right Click the Default Offline Address Book > Update > HEED THE WARNING > OK > Right Click Again > Properties > You can change the Schedule at which it updates.

Exchange 2013/2016

You can also force the OAB update with the following PowerShell command;

[box] get-offlineaddressbook | update-offlineaddressbook [/box]

Check the OAB is getting Distributed to Outlook

Exchange 2000 / 2003

Click Start > All Programs > Microsoft Exchange > System Manager > Expand the Exchange Organisation > Administrative groups > Administrative group name (First Administrative group is the default) > Expand Servers > Server-name > Storage Group (First Storage group will be the default) > Public Folder Database > Ensure it is mounted.

Then expand Folders > Public Folders > OFFLINE ADDRESS BOOK > Make sure it’s displayed as per the image below.

Exchange 2007 / 2010

On the Exchange Server > Start > All Programs > Microsoft Exchange Server > Exchange Management Console > Select Organisation Configuration > Mailbox > Offline address book tab > Right Click the Default Offline Address Book > Properties > Distribution.

Note: Make sure the Generation Server is set to a server that exists, and it’s online.

In the diagram below you can see this server is performing public folder AND web based distribution, this is probably because you ticked this box when you installed the product.

For public folder distribution ensure the public folder database is mounted, and at least one server holds a replica. Also in the properties of the mailbox database, your users are using, make sure it points to the correct public folder database.

For web-based distribution make sure the site is up.

Exchange 2013/2016

Exchange 2013/2016 will only be distributing the OAB via web-distribution. make sure the default website is up.

Force Outlook to Download the New Offline Address Book

For all versions of Outlook (since 2003) you have two choices, either take Outlook out of cached mode* (so it queries the ‘live’ global address list). Or force Outlook to download the latest version of the offline address book.

*Note: Disabling cached mode is not really a fix!

Outlook 2003 Download The Offline Address Book

Tools > SendReceive > Download Address Book > OK.

Outlook 2003 Turn off Cached Mode

Tools > E-mail Accounts > View or change existing email accounts > Next > Select the account > Change > un-tick “Use Cached Exchange Mode” > Next.

Outlook 2007 Download The Offline Address Book

Tools > SendReceive > Download Address Book > OK.

Outlook 2007 Turn off Cached Mode

Tools > Account Settings > Select the account > Change > un-tick “Use Cached Exchange Mode” > Next.

Outlook 2010 Download The Offline Address Book

Send/Receive > Send/Receive Groups > Download Address Book > OK.

Outlook 2010 Turn off Cached Mode

File > Account Settings > Account Settings > Select the account > Change > un-tick “Use Cached Exchange Mode” > Next.

 

Outlook 2013/2016 Download The Offline Address Book

Send/Receive> Send/Receive Groups > Download Address Book > OK.

Outlook 2013/2016 Turn off Cached Mode

File > Account Settings > Account Settings > Select the account > Change > un-tick “Use Cached Exchange Mode” > Next.

 

Related Articles, References, Credits, or External Links

Exchange 2013 – Working with and Managing the OAB