After running Windows Update against a Server 2012 system running Microsoft's DNS, the update to correct the mentioned vulnerability is not being detected.  Is anyone else experiencing similar?

For a bit of background, we also use SCCM to deploy updates.  I was able to pull the update into my SCCM catalog after syncing with Windows Update, but the DNS servers in question do not seem to think they require this update after deploying an update package to them.  I then took the servers directly to Windows Update, but again after scanning this update is not detected.  It did find and install the other updates for this month, but I have not been able to detect KB3100465.

Hello, I am working on new WSUS server. We have only 19 client computers with Windows 10 all other pcs (about 250 have no problem). It seems that all PCs with Win 10 have some issues with connecting to new WSUS. I configured WSUS to work on port 8531 (SSL) and we are using our own CA to generate cert which is distributed over GPO to all clients. On most Win10 I get error 0x80244017 (I tried all fixes I could find on internet) .

Here is WindowsUpdate.log:

2016/01/04 15:37:04.7610870 1000 6940 ComApi * START * Init Search ClientId = UpdateOrchestrator

2016/01/04 15:37:04.7610982 1000 6940 ComApi * START * Search ClientId = UpdateOrchestrator

2016/01/04 15:37:04.7729608 1000 6940 Agent * START * Queueing Finding updates [CallerId = UpdateOrchestrator Id = 3]

2016/01/04 15:37:04.7729749 1000 6940 Agent Removing service 00000000-0000-0000-0000-000000000000 from sequential scan list

2016/01/04 15:37:04.7729842 1000 6940 Agent Added service 00000000-0000-0000-0000-000000000000 to sequential scan list

2016/01/04 15:37:04.7730205 1000 6940 ComApi Search ClientId = UpdateOrchestrator

2016/01/04 15:37:04.7743159 1000 7516 Agent * END * Queueing Finding updates [CallerId = UpdateOrchestrator Id = 3]

2016/01/04 15:37:04.7750530 1000 7516 Agent * START * Finding updates CallerId = UpdateOrchestrator Id = 3

2016/01/04 15:37:04.7750546 1000 7516 Agent Online = Yes; Ignore download priority = No

2016/01/04 15:37:04.7750562 1000 7516 Agent Criteria = IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1""

2016/01/04 15:37:04.7750626 1000 7516 Agent ServiceID = {00000000-0000-0000-0000-000000000000} Third party service

2016/01/04 15:37:04.7750639 1000 7516 Agent Search Scope = {Machine}

2016/01/04 15:37:04.7750703 1000 7516 Agent Caller SID for Applicability: S-1-5-21-725345543-823518204-682003330-17738

2016/01/04 15:37:04.7750719 1000 7516 Agent RegisterService is set

2016/01/04 15:37:04.7752650 1000 7516 Agent Unable to query IsInventoryRequired service property hr=8024043d

2016/01/04 15:37:04.7761255 1000 7516 Misc Got WSUS Client/Server URL:https://sus.wuestenrot.sk:8531/ClientWebService/client.asmx"";

2016/01/04 15:37:04.9150310 1000 7516 ProtocolTalker ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = https://sus.wuestenrot.sk:8531/ClientWebService/client.asmx

2016/01/04 15:37:04.9150332 1000 7516 ProtocolTalker PT: Calling GetConfig on server

2016/01/04 15:37:04.9150470 1000 7516 WebServices Auto proxy settings for this web service call.

2016/01/04 15:37:04.9198151 1000 7516 WebServices WS error: There was an error communicating with the endpoint at 'https://sus.wuestenrot.sk:8531/ClientWebService/client.asmx'.

2016/01/04 15:37:04.9198158 1000 7516 WebServices WS error: The server returned HTTP status code '403 (0x193)' with text 'Forbidden'.

2016/01/04 15:37:04.9198161 1000 7516 WebServices WS error: The server understood the request, but cannot fulfill it.

2016/01/04 15:37:04.9198190 1000 7516 WebServices Web service call failed with hr = 80244017.

2016/01/04 15:37:04.9198193 1000 7516 WebServices Current service auth scheme=0.

2016/01/04 15:37:04.9198193 1000 7516 WebServices Current Proxy auth scheme=0.

2016/01/04 15:37:04.9198241 1000 7516 ProtocolTalker PTError: 0x80244017

2016/01/04 15:37:04.9198244 1000 7516 ProtocolTalker GetConfig_WithRecovery failed 0x80244017

2016/01/04 15:37:04.9198244 1000 7516 ProtocolTalker RefreshConfig failed 0x80244017

2016/01/04 15:37:04.9198251 1000 7516 ProtocolTalker RefreshPTState failed 0x80244017

2016/01/04 15:37:04.9198264 1000 7516 ProtocolTalker SyncUpdates round trips: 0

2016/01/04 15:37:04.9198270 1000 7516 ProtocolTalker Sync of Updates 0x80244017

2016/01/04 15:37:04.9198280 1000 7516 ProtocolTalker SyncServerUpdatesInternal failed 0x80244017

2016/01/04 15:37:04.9201070 1000 7516 Agent Failed to synchronize, error = 0x80244017

2016/01/04 15:37:04.9214519 1000 7516 Agent Exit code = 0x80244017

2016/01/04 15:37:04.9214528 1000 7516 Agent * END * Finding updates CallerId = UpdateOrchestrator Id = 3

2016/01/04 15:37:04.9255247 1000 3448 ComApi RESUMED Search ClientId = UpdateOrchestrator

2016/01/04 15:37:04.9258069 1000 3448 ComApi Updates found = 0

2016/01/04 15:37:04.9258072 1000 3448 ComApi Exit code = 0x00000000, Result code = 0x80244017

2016/01/04 15:37:04.9258075 1000 3448 ComApi * END * Search ClientId = UpdateOrchestrator

2016/01/04 15:37:04.9260529 1000 6940 ComApi ISusInternal:: DisconnectCall failed, hr=8024000C

----------------------------------------------

I have been looking for fix for about 5 days but nothing seems to work. All other clients have no problem to connect. Win10 pcs are on different LAN subnets (other PCs from same subnets have also no problem).

I tried to reset Windows update with this script but updates are still failing.

http://answers.microsoft.com/en-us/windows/forum/windows_10-update/hard-reset-windows-updates/2e2695...

c:\Users\name\Desktop>ClientDiag.exe

WSUS Client Diagnostics Tool

Checking Machine State

Checking for admin rights to run tool . . . . . . . . . PASS

Automatic Updates Service is running. . . . . . . . . . PASS

Background Intelligent Transfer Service is running. . . PASS

GetFileVersion(szEngineDir,&susVersion) failed with hr=0x80070002

The system cannot find the file specified.

Press Enter to Complete

----------------------------------------------------------------------------

When i try to browse https://sus.wuestenrot.sk:8531/ClientWebService/client.asmx from one of the affected machines:

I get ERR_TUNNEL_CONNECTION_FAILED error. Error message 403. Issues found Windows received an HTTP error message: 403 (Forbidden) f... Detected Contact the owner of the remote site for permission Completed Issues found Windows received an HTTP error message: 403 (Forbidden) from "sus.wuestenrot.sk" Detected Contact the owner of the remote site for permission Completed Windows can reach the site, but you do not have permission to access the

dear,

my WSUS server version is 3.2.7600.226.

one windows 7 of domain client WSUS client version is 3.2.7600.320.

so this windows 7 can't update by the WSUS server.

i want to upgrade my WSUS Server version to 3.2.7600.320,

i install the KB2720211 and KB2734608, but the WSUS Server version don't upgraded.

the version is 3.2.7600.226 still.

my WSUS Server is installed on Windows Server 2008R2.

路可以歪着走，但是方向一定要是对的~！

Hi,

I am syncing WSUS, from microsoft and have applied the language filter for english. However, when i look into the database wu_xml table, the updates are synced for all languages. Am i missing some steps while syncing.

Thanks,
Suraj K.

MSSSQL Server 2014 as a DB on the new server.

I have a separate drive (H:) for all WSUS data.

I ran the post install steps pointing to the source location and DB as well aswuauclt.exe /resetauthorization /detectnow, and then wuauclt.exe /reportnow.

It appears computer are "checking in" but no updates are being delivered.  Everything on the Server itself tells me its functioning ok.

Any thoughts or diagnostic checks I can run?

Can somebody bring a light to this situation?

None of the computers in out network that are running Windows 10 are downloading the Upgrade 1511 and the updates that follows...

WSUS is reporting that the computers are 100% up-to-date, but they are all running the Build 10240 instead of the latest Build 10586

This is the PS result for the Windows Update logs:

2015/12/28 08:03:03.9194411 1104  15672 Agent           * START * Finding updates CallerId = WSAutoUpdate  Id = 1
2015/12/28 08:03:03.9194417 1104  15672 Agent           Online = Yes; Ignore download priority = No
2015/12/28 08:03:03.9194461 1104  15672 Agent           ServiceID = {855E8A7C-ECB4-4CA3-B045-1DFA50104289} Third party service
2015/12/28 08:03:03.9194505 1104  15672 Agent           Search Scope = {Current User}
2015/12/28 08:03:03.9194525 1104  15672 Agent           Caller SID for Applicability: S-1-5-21-3655330744-3944646420-3450723348-1108
2015/12/28 08:03:03.9194530 1104  15672 Agent           RegisterService is set
2015/12/28 08:03:03.9206149 1104  15672 Misc            EP: error: 0x8024500C : - failed to get SLS data
2015/12/28 08:03:03.9206154 1104  15672 Misc            EP: error: 0x8024500C: GetSecondaryServicesEnabledState failed
2015/12/28 08:03:03.9207454 1104  15672 Misc            EP: error: 0x8024500C : - failed to get SLS data
2015/12/28 08:03:03.9207491 1104  15672 Misc            Failed to obtain 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL, error = 0x8024500C
2015/12/28 08:03:03.9207502 1104  15672 Agent           Failed to obtain the authorization cab URL for service 855e8a7c-ecb4-4ca3-b045-1dfa50104289, hr=0
2015/12/28 08:03:03.9219828 1104  15672 Misc            EP: error: 0x8024500C : - failed to get SLS data
2015/12/28 08:03:03.9219867 1104  15672 Misc            Failed to obtain 855E8A7C-ECB4-4CA3-B045-1DFA50104289 redir Client/Server URL, error = 0x8024500C
2015/12/28 08:03:03.9220096 1104  15672 ProtocolTalker  PTError: 0x8024500c
2015/12/28 08:03:03.9220184 1104  15672 ProtocolTalker  Initialization failed for Protocol Talker Context 0x8024500c
2015/12/28 08:03:03.9245427 1104  15672 Agent           Exit code = 0x8024500C
2015/12/28 08:03:03.9245434 1104  15672 Agent           * END * Finding updates CallerId = WSAutoUpdate  Id = 1
2015/12/28 08:03:03.9250244 16200 5912  ComApi          *RESUMED* Search ClientId = WSAutoUpdate
2015/12/28 08:03:03.9258776 16200 5912  ComApi          Updates found = 0
2015/12/28 08:03:03.9258778 16200 5912  ComApi          Exit code = 0x00000000, Result code = 0x8024500C
2015/12/28 08:03:03.9258782 16200 5912  ComApi          * END *   Search ClientId = WSAutoUpdate

Steps we have done so far:

Installed KB3095113 the to WSUS

Added a MIME type for *.esd as application/octet-stream on IIS (WSUS Administration site)

Hopefully I will find the answer here...

Thank you all in advance for sharing your time and effort in resolving this issue!

Hello,

I want to establish a DRP for a WSUS replica server. I'm a newbie on this technology.

What solutions could be use to respond to this problematic ?

As I understood, the replica is just linked to the master server (which already have a DRP) so it's not usefull to backup the database.

Some ideas ?

Our machines keep getting this error and the only thing that seems to work is letting them sit overnight or two and then they finally check for updates. I've tried resetting the Client ID and wuauclt /dectectnow /reportnow /resetauthorization. WSUS server is 2003 SP2 with WSUS 3.0 SP2. Clients are Windows 7 Professional SP1.

WindowsUpdate.log:

2015-12-22	11:20:58:080	 384	fc4	AU	#############
2015-12-22	11:20:58:080	 384	fc4	AU	## START ##  AU: Search for updates
2015-12-22	11:20:58:080	 384	fc4	AU	#########
2015-12-22	11:20:58:080	 384	fc4	AU	<<## SUBMITTED ## AU: Search for updates [CallId = {D08B9E2C-B3F5-41C0-949E-0ACF2663F003}]
2015-12-22	11:20:58:080	 384	c9c	Agent	*************
2015-12-22	11:20:58:080	 384	c9c	Agent	** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2015-12-22	11:20:58:080	 384	c9c	Agent	*********
2015-12-22	11:20:58:080	 384	c9c	Agent	  * Online = Yes; Ignore download priority = No
2015-12-22	11:20:58:080	 384	c9c	Agent	  * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2015-12-22	11:20:58:080	 384	c9c	Agent	  * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2015-12-22	11:20:58:080	 384	c9c	Agent	  * Search Scope = {Machine}
2015-12-22	11:20:58:080	 384	c9c	Setup	Checking for agent SelfUpdate
2015-12-22	11:20:58:080	 384	c9c	Setup	Client version: Core: 7.6.7601.19046  Aux: 7.6.7601.19046
2015-12-22	11:20:58:111	 384	c9c	Misc	Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2015-12-22	11:20:58:111	 384	c9c	Misc	 Microsoft signed: NA
2015-12-22	11:20:58:111	 384	c9c	Misc	WARNING: Cab does not contain correct inner CAB file.
2015-12-22	11:20:58:111	 384	c9c	Misc	Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2015-12-22	11:20:58:127	 384	c9c	Misc	 Microsoft signed: NA
2015-12-22	11:20:58:127	 384	c9c	Setup	Wuident for the managed service is valid but not quorum-signed. Skipping selfupdate.
2015-12-22	11:20:58:127	 384	c9c	Setup	Skipping SelfUpdate check based on the /SKIP directive in wuident
2015-12-22	11:20:58:127	 384	c9c	Setup	SelfUpdate check completed.  SelfUpdate is NOT required.
2015-12-22	11:20:58:267	 384	c9c	PT	+++++++++++  PT: Synchronizing server updates  +++++++++++
2015-12-22	11:20:58:267	 384	c9c	PT	  + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://10.24.0.147/ClientWebService/client.asmx
2015-12-22	11:21:58:658	 384	c9c	Misc	WARNING: Send failed with hr = 80072ee2.
2015-12-22	11:21:58:658	 384	c9c	Misc	WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2015-12-22	11:21:58:658	 384	c9c	Misc	FATAL: SOAP/WinHttp - SendRequest: SendRequestUsingProxy failed. error 0x80072ee2
2015-12-22	11:21:58:658	 384	c9c	PT	  + Last proxy send request failed with hr = 0x80072EE2, HTTP status code = 0
2015-12-22	11:21:58:658	 384	c9c	PT	  + Caller provided credentials = No
2015-12-22	11:21:58:658	 384	c9c	PT	  + Impersonate flags = 0
2015-12-22	11:21:58:658	 384	c9c	PT	  + Possible authorization schemes used =
2015-12-22	11:21:58:658	 384	c9c	PT	WARNING: SyncUpdates failure, error = 0x80072EE2, soap client error = 5, soap error code = 0, HTTP status code = 200
2015-12-22	11:21:58:658	 384	c9c	PT	WARNING: PTError: 0x80072ee2
2015-12-22	11:21:58:658	 384	c9c	PT	WARNING: SyncUpdates_WithRecovery failed.: 0x80072ee2
2015-12-22	11:21:58:658	 384	c9c	PT	WARNING: Sync of Updates: 0x80072ee2
2015-12-22	11:21:58:658	 384	c9c	PT	WARNING: SyncServerUpdatesInternal failed: 0x80072ee2
2015-12-22	11:21:58:658	 384	c9c	Agent	  * WARNING: Failed to synchronize, error = 0x80072EE2
2015-12-22	11:21:58:658	 384	c9c	Agent	  * WARNING: Exit code = 0x80072EE2
2015-12-22	11:21:58:658	 384	c9c	Agent	*********
2015-12-22	11:21:58:658	 384	c9c	Agent	**  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2015-12-22	11:21:58:658	 384	c9c	Agent	*************
2015-12-22	11:21:58:658	 384	c9c	Agent	WARNING: WU client failed Searching for update with error 0x80072ee2
2015-12-22	11:21:58:658	 384	308	AU	>>##  RESUMED  ## AU: Search for updates [CallId = {D08B9E2C-B3F5-41C0-949E-0ACF2663F003}]
2015-12-22	11:21:58:658	 384	308	AU	  # WARNING: Search callback failed, result = 0x80072EE2
2015-12-22	11:21:58:658	 384	308	AU	  # WARNING: Failed to find updates with error code 80072EE2
2015-12-22	11:21:58:658	 384	308	AU	#########
2015-12-22	11:21:58:658	 384	308	AU	##  END  ##  AU: Search for updates [CallId = {D08B9E2C-B3F5-41C0-949E-0ACF2663F003}]
2015-12-22	11:21:58:658	 384	308	AU	#############
2015-12-22	11:21:58:658	 384	308	AU	Successfully wrote event for AU health state:1
2015-12-22	11:21:58:658	 384	308	AU	AU setting next detection timeout to 2015-12-22 21:21:58
2015-12-22	11:21:58:658	 384	308	AU	Setting AU scheduled install time to 2015-12-23 03:00:00
2015-12-22	11:21:58:658	 384	308	AU	Successfully wrote event for AU health state:1
2015-12-22	11:21:58:658	 384	308	AU	Successfully wrote event for AU health state:1
2015-12-22	11:22:03:666	 384	c9c	Report	REPORT EVENT: {89C86B29-E81B-4D37-AA34-5EFDD5F1E86B}	2015-12-22 11:21:58:658-0500	1	148	101	{00000000-0000-0000-0000-000000000000}	0	80072ee2	AutomaticUpdates	Failure	Software Synchronization	Windows Update Client failed to detect with error 0x80072ee2.
2015-12-22	11:22:03:666	 384	c9c	Report	CWERReporter::HandleEvents - WER report upload completed with status 0x8
2015-12-22	11:22:03:666	 384	c9c	Report	WER Report sent: 7.6.7601.19046 0x80072ee2(0) 0000000-0000-0000-0000-000000000000 Scan 0 1 AutomaticUpdates {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} 0

I've noticed that Update Rollup 12 For Exchange 2010 SP3 (KB3096066) that came out on Dec 15th has not shown up on my WSUS server.  It's not in the catalog either, although rollup 11 and earlier are there.  Even when I check manually online for updates from one of my Exchange servers, it does not appear.  It can be downloaded and installed that way, but it seems strange that it's not been published in the usual manner.  Has anyone else seen this issue?

Thanks,

Mike

Hello , can anyone please share me links for WSUS administration with screen shots.

Installing,configuring,installing patches to wsus server and how the communication goes to client machines etc etc.....

Paramesh KA

I was trying to move WSUS_Database from one drive to another. I have internal database not SQLServer express on server.

The WSUSUtil movecontent did not work because WSUSUtil is not installed ion the server (admins console is). I tried to delete database by selecting no content on server in files and locations. That started a reconfiguration that did not end. I then removed the WSUS role and re-installed (after reboot). Now I get post configuration failure:

Generation of encryption key to save to the database failed. Error=System.InvalidOperationException: Cannot save configuration because the server is still processing a previous configuration change. ---> System.Data.SqlClient.SqlException: spSetConfiguration was called while a Reset Process was Needed/InProgress cannot change Configuration at this time

StartServer encountered errors. Exception=Cannot save configuration because the server is still processing a previous configuration change. Microsoft.UpdateServices.Administration.CommandException: Failed to start and configure the WSUS service

How can I get this working and clear the pending process?

John Lenz

Hi,

We have a Datacentre which houses 50 or so servers in a VMware environment, a head office with a couple of servers and ESXi  and 3 branch offices all supplied over a 100MB MPLS link. We have around 500 computers and maybe 50 laptops. I have a couple of questions as although I have read through the documentation from Microsoft, they dont have recommendations for these things as far as I can see.

1. Would WSUS work ok having just a single virtualized 2012 server supplying all updates to all computers/ servers without issue?
2. Is it worth using dedicated SQL here or would using the Internal Database be sufficient for our needs?

Thanks a lot.

Brendan

Hello

I had a problem last month with the KB3114409 (outlook safe mode). I finally choose this KB in WSUS console and delete it (I saw delete in the approbation column).

But in the stations, the update "uninstall update KB3114409 goes on to install each time".

So, all updates doesn't install.

Any idea ?

Thanks

Yann62480

The AU Client API in Windows 2012 R2 seems to have changed. I have a vbscript that pulls back the day updates are configured to be applied based on this:

• https://msdn.microsoft.com/en-us/library/windows/desktop/aa385811(v=vs.85).aspx

The 2012 R2 server is set to auto-install each Monday as are my 2008/2008 R2/2003 servers but the value returned from a call to auSettings.ScheduledInstallationDay is 0 whereas on all other OS versions its 2 as expected. Here's the simple code to re-create:

Set agentInfo = CreateObject("Microsoft.Update.AutoUpdate")
Set auSettings = agentInfo.Settings

Wscript.echo auSettings.ScheduledInstallationDay

One WSUS client is failing to report to WSUS, failing to get updates and reporting this error.

Other clients of the same WSUS server only suffer from the usual disagreement about whether there are updates to install but I'm used to that, I've given up trying to get a proper fix.

On the one which won't work I can "Check online for updates from Microsoft Update" without errors.  If I try to check with the WSUS server it fails with the above error.

I did this:

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f
net stop wuauserv
del %windir%\windowsupdate.log
del %windir%\SoftwareDistribution
regsvr32 /s atl.dll
regsvr32 /s wucltui.dll
regsvr32 /s wups.dll
regsvr32 /s wuaueng.dll
regsvr32 /s wuapi.dll
regsvr32 /s msxml3.dll
regsvr32 /s mssip32.dll
regsvr32 /s initpki.dll
regsvr32 /s softpub.dll
net start wuauserv
wuauclt /resetauthorization /detectnow

This resets the client so it's as if I haven't checked for updates before but doesn't fix the problem.  The client shows up in WSUS, says it hasn't reported and Windows Update fails with the same error.

2016-01-08 12:28:59:682 1160 1918 PT WARNING: Cached cookie has expired or new PID is available
2016-01-08 12:28:59:838 1160 1918 Agent Created new random SusClientId cb8a1224-5801-42d3-b4d1-5d0b095d876c. Old Id: c392bce7-aaf3-4b28-b6db-19ba1d899533.
2016-01-08 12:28:59:838 1160 1918 PT Initializing simple targeting cookie, clientId = cb8a1224-5801-42d3-b4d1-5d0b095d876c, target group = , DNS name = consult-3tcmlx1.consulthyperion.com
2016-01-08 12:28:59:838 1160 1918 PT   Server URL = http://WSUS:8530/SimpleAuthWebService/SimpleAuth.asmx
2016-01-08 12:29:46:188 1160 1918 PT WARNING: Exceeded max server round trips: 0x80244010
2016-01-08 12:29:46:188 1160 1918 PT WARNING: Sync of Updates: 0x80244010
2016-01-08 12:29:46:188 1160 1918 PT WARNING: SyncServerUpdatesInternal failed: 0x80244010
2016-01-08 12:29:46:188 1160 1918 Agent   * WARNING: Failed to synchronize, error = 0x80244010
2016-01-08 12:29:46:188 1160 1918 Agent   * WARNING: Exit code = 0x80244010
2016-01-08 12:29:46:188 1160 1918 Agent *********
2016-01-08 12:29:46:188 1160 1918 Agent **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2016-01-08 12:29:46:188 1160 1918 Agent *************
2016-01-08 12:29:46:188 1160 1918 Agent WARNING: WU client failed Searching for update with error 0x80244010
2016-01-08 12:29:46:188 1160 ca8 AU >>##  RESUMED  ## AU: Search for updates [CallId = {E928FA37-D9E8-47A4-8E2F-C429C20AB47D}]
2016-01-08 12:29:46:188 1160 ca8 AU   # WARNING: Search callback failed, result = 0x80244010
2016-01-08 12:29:46:188 1160 ca8 AU   # WARNING: Failed to find updates with error code 80244010

http://blogs.technet.com/b/sus/archive/2008/09/18/wsus-clients-fail-with-warning-syncserverupdatesinternal-failed-0x80244010.aspx

"First of all this will only occur on new clients that have not synced with WSUS or clients which have had the datastore removed (%windir%\softwaredistribution)."

That's what I did above.  Clients check every day at 1100h, set by GPO.

"Second, the clients will only fail during the first scan but succeed on the second (or sometimes third).  The detection frequency can be configured by group policy or a registry setting and by default will occur every 22 hours."

So it should fix itself if you try again?

If I run Windows Update again I get the same error message but nothing is added to the log file.  No matter what I do I end up with a log file which looks like this (it repeats if I use the resetauthorization command):

2016-01-08 14:20:17:061 1156 1140 Misc ===========  Logging initialized (build: 7.6.7601.19077, tz: -0000)  ===========
2016-01-08 14:20:17:061 1156 1140 Misc   = Process: C:\Windows\system32\svchost.exe
2016-01-08 14:20:17:061 1156 1140 Misc   = Module: c:\windows\system32\wuaueng.dll
2016-01-08 14:20:17:061 1156 1140 Service *************
2016-01-08 14:20:17:061 1156 1140 Service ** START **  Service: Service startup
2016-01-08 14:20:17:061 1156 1140 Service *********
2016-01-08 14:20:17:068 1156 1140 Agent   * WU client version 7.6.7601.19077
2016-01-08 14:20:17:068 1156 1140 Agent   * Base directory: C:\Windows\SoftwareDistribution
2016-01-08 14:20:17:068 1156 1140 Agent   * Access type: No proxy
2016-01-08 14:20:17:068 1156 1140 Agent   * Network state: Connected
2016-01-08 14:20:22:850 1156 e58 Report CWERReporter::Init succeeded
2016-01-08 14:20:22:850 1156 e58 Agent ***********  Agent: Initializing Windows Update Agent  ***********
2016-01-08 14:20:22:851 1156 e58 Agent   * Prerequisite roots succeeded.
2016-01-08 14:20:22:851 1156 e58 Agent ***********  Agent: Initializing global settings cache  ***********
2016-01-08 14:20:22:851 1156 e58 Agent   * WSUS server: http://WSUS:8530
2016-01-08 14:20:22:851 1156 e58 Agent   * WSUS status server: http://WSUS:8530
2016-01-08 14:20:22:851 1156 e58 Agent   * Target group: (Unassigned Computers)
2016-01-08 14:20:22:851 1156 e58 Agent   * Windows Update access disabled: No
2016-01-08 14:20:22:851 1156 e58 DnldMgr Download manager restoring 0 downloads
2016-01-08 14:20:22:851 1156 1140 Agent Created new random SusClientId 70b063c4-be71-4db9-92c3-4b0064ccd3b5. Old Id: none.
2016-01-08 14:20:22:851 1156 1140 Report ***********  Report: Initializing static reporting data  ***********
2016-01-08 14:20:22:851 1156 1140 Report   * OS Version = 6.1.7601.1.0.65792
2016-01-08 14:20:22:851 1156 1140 Report   * OS Product Type = 0x00000030
2016-01-08 14:20:22:863 1156 1140 Report   * Computer Brand = Dell Inc.
2016-01-08 14:20:22:863 1156 1140 Report   * Computer Model = Latitude E5530 non-vPro
2016-01-08 14:20:22:865 1156 1140 Report   * Bios Revision = A16
2016-01-08 14:20:22:865 1156 1140 Report   * Bios Name = BRCM MBA Slot 0C00 v15.0.12
2016-01-08 14:20:22:865 1156 1140 Report   * Bios Release Date = 2015-08-19T00:00:00
2016-01-08 14:20:22:865 1156 1140 Report   * Locale ID = 2057
2016-01-08 14:21:02:082 1156 1140 AU ###########  AU: Initializing Automatic Updates  ###########
2016-01-08 14:21:02:083 1156 1140 AU   # WSUS server: http://WSUS:8530
2016-01-08 14:21:02:084 1156 1140 AU   # Detection frequency: 22
2016-01-08 14:21:02:084 1156 1140 AU   # Approval type: Scheduled (Policy)
2016-01-08 14:21:02:084 1156 1140 AU   # Scheduled install day/time: Every day at 11:00
2016-01-08 14:21:02:084 1156 1140 AU   # Auto-install minor updates: Yes (Policy)
2016-01-08 14:21:02:084 1156 1140 AU   # Will interact with non-admins (Non-admins are elevated (Policy))
2016-01-08 14:21:02:084 1156 1140 Agent Switching to hardware-verified ClientId.
2016-01-08 14:21:02:084 1156 1140 AU Setting AU scheduled install time to 2016-01-09 11:00:00
2016-01-08 14:21:02:316 1156 1140 Agent Created new random SusClientId 3cae1d37-ab01-438c-a4ce-c0dbf997b687. Old Id: 70b063c4-be71-4db9-92c3-4b0064ccd3b5.
2016-01-08 14:21:02:316 1156 1140 AU Successfully wrote event for AU health state:0
2016-01-08 14:21:02:316 1156 1140 AU Initializing featured updates
2016-01-08 14:21:02:316 1156 1140 AU Found 0 cached featured updates
2016-01-08 14:21:02:317 1156 1140 AU Successfully wrote event for AU health state:0
2016-01-08 14:21:02:318 1156 1140 AU Successfully wrote event for AU health state:0
2016-01-08 14:21:02:318 1156 1140 AU AU finished delayed initialization
2016-01-08 14:22:48:283 1156 e58 AU Triggering AU detection through DetectNow API
2016-01-08 14:22:48:283 1156 e58 AU Triggering Online detection (interactive)
2016-01-08 14:22:48:283 1156 1140 AU #############
2016-01-08 14:22:48:283 1156 1140 AU ## START ##  AU: Search for updates
2016-01-08 14:22:48:283 1156 1140 AU #########
2016-01-08 14:22:48:286 1156 1140 AU <<## SUBMITTED ## AU: Search for updates [CallId = {FC08CF0E-AA70-4C4D-B679-87C6CD663436}]
2016-01-08 14:22:48:286 1156 18f4 Agent *************
2016-01-08 14:22:48:286 1156 18f4 Agent ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2016-01-08 14:22:48:286 1156 18f4 Agent *********
2016-01-08 14:22:48:286 1156 18f4 Agent   * Online = Yes; Ignore download priority = No
2016-01-08 14:22:48:286 1156 18f4 Agent   * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2016-01-08 14:22:48:286 1156 18f4 Agent   * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2016-01-08 14:22:48:286 1156 18f4 Agent   * Search Scope = {Machine}
2016-01-08 14:22:48:286 1156 18f4 Setup Checking for agent SelfUpdate
2016-01-08 14:22:48:287 1156 18f4 Setup Client version: Core: 7.6.7601.19077  Aux: 7.6.7601.19077
2016-01-08 14:22:50:571 1156 18f4 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2016-01-08 14:22:50:585 1156 18f4 Misc  Microsoft signed: NA
2016-01-08 14:22:50:590 1156 18f4 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\TMPDCCD.tmp with dwProvFlags 0x00000080:
2016-01-08 14:22:50:598 1156 18f4 Misc  Microsoft signed: NA
2016-01-08 14:22:50:602 1156 18f4 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab with dwProvFlags 0x00000080:
2016-01-08 14:22:50:607 1156 18f4 Misc  Microsoft signed: NA
2016-01-08 14:22:50:618 1156 18f4 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab with dwProvFlags 0x00000080:
2016-01-08 14:22:50:622 1156 18f4 Misc  Microsoft signed: NA
2016-01-08 14:22:50:634 1156 18f4 Setup Determining whether a new setup handler needs to be downloaded
2016-01-08 14:22:50:634 1156 18f4 Setup SelfUpdate handler is not found.  It will be downloaded
2016-01-08 14:22:50:634 1156 18f4 Setup Evaluating applicability of setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.320"
2016-01-08 14:22:50:637 1156 18f4 Setup Setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.320" is already installed.
2016-01-08 14:22:50:637 1156 18f4 Setup Evaluating applicability of setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320"
2016-01-08 14:22:50:649 1156 18f4 Setup Setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320" is already installed.
2016-01-08 14:22:50:649 1156 18f4 Setup Evaluating applicability of setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320"
2016-01-08 14:22:50:668 1156 18f4 Setup Setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320" is already installed.
2016-01-08 14:22:50:668 1156 18f4 Setup SelfUpdate check completed.  SelfUpdate is NOT required.
2016-01-08 14:22:50:890 1156 18f4 PT +++++++++++  PT: Synchronizing server updates  +++++++++++
2016-01-08 14:22:50:890 1156 18f4 PT   + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =http://WSUS:8530/ClientWebService/client.asmx
2016-01-08 14:24:07:669 1156 18f4 PT WARNING: Exceeded max server round trips: 0x80244010
2016-01-08 14:24:07:669 1156 18f4 PT WARNING: Sync of Updates: 0x80244010
2016-01-08 14:24:07:669 1156 18f4 PT WARNING: SyncServerUpdatesInternal failed: 0x80244010
2016-01-08 14:24:07:670 1156 18f4 Agent   * WARNING: Failed to synchronize, error = 0x80244010
2016-01-08 14:24:07:670 1156 18f4 Agent   * WARNING: Exit code = 0x80244010
2016-01-08 14:24:07:670 1156 18f4 Agent *********
2016-01-08 14:24:07:670 1156 18f4 Agent **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2016-01-08 14:24:07:670 1156 18f4 Agent *************
2016-01-08 14:24:07:670 1156 18f4 Agent WARNING: WU client failed Searching for update with error 0x80244010
2016-01-08 14:24:07:674 1156 f54 AU >>##  RESUMED  ## AU: Search for updates [CallId = {FC08CF0E-AA70-4C4D-B679-87C6CD663436}]
2016-01-08 14:24:07:674 1156 f54 AU   # WARNING: Search callback failed, result = 0x80244010
2016-01-08 14:24:07:674 1156 f54 AU   # WARNING: Failed to find updates with error code 80244010
2016-01-08 14:24:07:674 1156 f54 AU #########
2016-01-08 14:24:07:674 1156 f54 AU ##  END  ##  AU: Search for updates [CallId = {FC08CF0E-AA70-4C4D-B679-87C6CD663436}]
2016-01-08 14:24:07:674 1156 f54 AU #############
2016-01-08 14:24:07:674 1156 f54 AU Successfully wrote event for AU health state:0
2016-01-08 14:24:07:675 1156 f54 AU AU setting next detection timeout to 2016-01-08 19:24:07
2016-01-08 14:24:07:675 1156 f54 AU Setting AU scheduled install time to 2016-01-09 11:00:00
2016-01-08 14:24:07:675 1156 f54 AU Successfully wrote event for AU health state:0
2016-01-08 14:24:07:675 1156 f54 AU Successfully wrote event for AU health state:0
2016-01-08 14:24:12:670 1156 18f4 Report REPORT EVENT: {E5570DAF-91BC-48A8-9482-5B8A89D50FA5} 2016-01-08 14:24:07:670-0000 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80244010 AutomaticUpdates Failure Software Synchronization Windows Update Client failed to detect with error 0x80244010.
2016-01-08 14:24:12:709 1156 18f4 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2016-01-08 14:24:12:709 1156 18f4 Report WER Report sent: 7.6.7601.19077 0x80244010(0) 0000000-0000-0000-0000-000000000000 Scan 0 1 AutomaticUpdates {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} 0

IT is full of 'experts'.

This is to update the Lync client to Skype for Business.  I approved this update, as well as it's perquisites below.

KB2850036 - Office 2013 SP1

KB3054853

KB2889853

KB2817427 - can't find in WSUS or the Windows Update Catalog

2817427 is not needed however if you installed KB3055014, which I approved.

The thing is none of them seem to be installing.  In particular, Office 2013 SP1 shows Not Applicable, and I'm not sure why.  Has anyone approved this and have any advice.

Hello.

There seems to be a problem with the setup if you choose the option not to store updates locally. When you choose to store updates on a local path, everything goes fine in the setup process. But if you decide not to store the updates locally which apparently you can do, the problems are as follows:

• The initial configuration stage (the link you click on as post-install steps after installing the role) gives a message that configuring the WSUS server had a fatal error
• It then opens the regular WSUS MMC console which starts up a config wizard
• If you go through the steps of that wizard everything goes fine until you get to the section for product classifications where it just hangs with an hourglass forever.
• If you then click on "All Classifications" just to move things along, it tells you the selection you have made is not valid and will not be saved.
• You can finish the wizard without any more problems but when a synchronisation takes place no updates are synchronised.
• When you go back into the Options section in the MMC and then go to Products and Classifications it appears to open with a dialog box with two tabs, and then the dialog box disappears and you get a message box which says "Something you just attempted to use has been removed from the database by another party. The snap-in is being refreshed to fix this issue."

At this point the server installation is unusable. 

It would appear there is some significant issue in using the WSUS server at this point that makes it unusable with this non-storage setting.

The base server was set up with 2012R2 and has not had any updates installed.

TIA

we use wsus to automatically install updates on rds servers in our environment. the problem is that whenever a domain admin sign into one of the rds server, they often install updates & restart while other people are still logged on. is it possible to deny a specific subset of admins the ability to receive wu/au client notifications when signed in via rds? we generally prefer to use middle of the night auto-install & reboot schedules, but do like the ability for our platform engineers to be able to install patches in an emergency situation, so we don't want to disable all notifications for all admins. is this possible with the wu/au client?

Started getting the WSUS Event ID 13031 recently (Some client computers have not reported back to the server in the last 30 days.) When I check the "Last Status Report" date in the WSUS console, it seems to be mostly my Windows Server 2012 R2 clients that it says are not reporting. I followed the steps here to troubleshoot, but everything seems to be configured correctly. When I check in the WindowsUpdate.log file on the problem clients, I see that they are contacting the WSUS server as in these example log entries:

2016-01-08 13:39:56:161  456 648 EP Got WSUS Client/Server URL: http://servername:8530/ClientWebService/client.asmx

2016-01-08 13:39:56:165  456 648 EP Got WSUS SelfUpdate URL: http://servername:8530/selfupdate

When I do a manual check for updates on the client (by clicking the "Check for updates" link in the "Windows Update" Control Panel icon), I see the incoming network connection being established on the WSUS server while running TCPView:

The only thing that sort of stands out to me is that when comparing the WindowsUpdate.log file on a working and nonworking machine, the problem clients seem to be going to Windows Update first before checking the WSUS server:

2016-01-08 13:39:53:712  456 1200 SLS Making request with URL HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/6.3.9600.0/0?CH=858&L=en-US&P=&PT=0x7&WUA=7.9.9600.18094

This log entry will soon be followed by the entries mentioned above where it goes looking for the WSUS server. When I look in the log file of a server that WSUS says *has* reported recently, it never goes out to Windows Update.

Thoughts?

Shaun