Tag Archives: WindowsUpdate

Windows Client(s) not ‘appearing’ in WSUS

Posted on by

KB ID 0000591 

Problem

Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.

Here are the steps I usually follow to get the machines listed in the WSUS management console.

Solution

Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;

[box]

$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates

wuauclt /reportnow

[/box]

 

 

1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:

Or by running gpresult /R from command line

Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).

2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]

3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.

4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.

5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.

6. If all the above is OK, you can try forcing a registration with the following command;

[box]wuauclt /detectnow[/box]

7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.

8. Scroll all the way to the end, then work upwards looking for errors.

9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.

10. Open the registry Editor and navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]

Locate and delete the SusClientId entry.

11. Restart the Windows Update service and run the following two commands:

[box]wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow [/box]

Update 16/06/15

Received via Email from Patrick Mauger:

You can add an incorrect binding in IIS to the site WSUS Administration.

You need to add a binding for port 80, because the only ports configured are 8530 and 8531.

Related Articles, References, Credits, or External Links

Windows Server Update Services – Install and Configure (2008 R2)

WSUS Install Error – ‘The update could not be found. There may be a network connection issue.

Message ID 6600: sms wsus configuration manager failed to configure upstream server

WSUS Install Error on Windows Server 2008 R2

SmoothWall – Allowing Windows Updates and Windows Activation

Posted on by

KB ID 0000441 

Problem

I’ve had fun this week installing a new virtual environment for a client with a SmoothWall firewall. It took a call to SmoothWall support for me to get Windows updates to work, then after activating a few 2008 R2 servers via phone, I was motivated to get online activation running as well.

Windows Activation Error – (We are being blocked by the SmoothWall Proxy).

A problem occurred when Windows tried to activate. Error Code 0x8004FE33

Windows Update Error – (We are being blocked by the SmoothWall Proxy).

A error occurred while checking for new updates for your computer Code 80072EFD

Solution

1. Connect to the web management console of the SmoothWall. Select Guardian > User defined categories.

2. Select the “User Defined Categories” tab.

3. Give the Category a name > Set Filter type to “Content and URL filtering” > Copy and paste in the domains listed below > Then click “Add”.

Domains Required for Windows Update

[box]

windowsupdate.microsoft.com
update.microsoft.com
c.microsoft.com
download.windowsupdate.com
genuine.microsoft.com

[/box]

Domains Required for Windows Activation

[box]

sls.microsoft.com
wer.microsoft.com
connect.microsoft.com
go.microsoft.com
sls.microsoft.com
crl.microsoft.com
microsoft.com

[/box]

Note: These are the top level domains.

4. Select the “Filters” tab > Give it a name > Set the filter type to “Content and URL filtering” > Expand “Good” content > Tick “Software Updates”.

5. Scroll down and expand “User Defined” > Locate the user defined category you created in step 3 and tick it > Click Add.

6. Select the Policy tab > Groups = All groups > Change the filter to the one you created in step 4 > Time period = Always >Action = Allow > Tick “Enabled” > Add.

7. From the menu select Guardian > Authentication > Settings.

8. Scroll down to the “Do not require authentication for these domains….” section > Paste in the domains you also pasted in in step 3 > Click “Save and Restart”.

 

Related Articles, References, Credits, or External Links

NA

Windows Update Error 80072EFD

Posted on by

KB ID 0000440 

Problem

While attempting to run a Windows Update you see the following error.

Code 80072EFD Windows Update encountered an unknown error. Get help with this error.

Solution

Note: There seems to be a few causes of this error, but in my case it was the proxy server.

1. Assuming you have a proxy set in your web browser settings (Internet Options > Connections > LAN Settings > Set proxy settings accordingly). Note: Your proxy may be using a different port to the one shown.

2. To fix it you need to have “un-proxied” and access (without authentication) to the following addresses:

http://windowsupdate.microsoft.com http://update.microsoft.com http://c.microsoft.com http://download.windowsupdate.com http://genuine.microsoft.com

3. If this machine with the update problem has access to the internet (without going through the proxy) you can simply add these addresses as “Exeptions” by pressing the advanced button above.

4. If the proxy is the only machine with internet acess and you cannot do that, then you need to allow access in the settings on your proxy server.

5. Once done, updates should resume.

Related Articles, References, Credits, or External Links

SmoothWall – Allowing Windows Updates and Windows Activation

Stop Windows Rebooting Due To Updates

Posted on by

KB ID 0000773

Problem

I realise that updates are important, and Microsoft made updating easier by only releasing them once a month. But my laptop always wants to reboot at the point where I’m doing something critical! and Windows 8 unilaterally decides that its updates are far more important than my work.

OK this will only happen once a month, (normally) and it will only happen a maximum of 72 hours after the update. It affects me because I never shut my machine down, (I just close the lid).

Warning: Like I said updates are a good thing, if you disable this feature the onus is on you to keep your machine up to date!

Solution

Stop Windows 8 Rebooting Due To Updates with Group Policy

1. Press Windows Key+R > In the run box type gpedit.msc {Enter}.

2. Navigate to;

[box] Computer Configuration > Administrative Templates > Windows Components > Windows Update [/box]

3. Locate the ‘No auto-restart with logged on users for scheduled automatic updates installations’ policy. Set its value to enabled > Apply > OK.

4. Press Windows Key+R > In the run box type cmd {Enter} > At command line issue the following command;

[box] gpupdate /force [/box]

Stop Windows 8 Rebooting Due To Updates via the Registry

Note: If you have already set this in policy (above) you don’t need to do this as well.

5. Press Windows Key+R > In the run box type regedit {Enter} > Navigate to;

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows[/box]

If there is not a Key Called WindowsUpdate create one.

6. And within the WindowsUpdate Key create another key.

7. Call that key AU.

8. Within that create a new DWORD (32 bit) value called ‘NoAutoRebootWithLoggedOnUsers’.

9. Set its value to 1 (one).

 

Related Articles, References, Credits, or External Links

NA