I have newly installed on WSUS server in my Location. I have configured the below GPO Settings in the AD and Cofigured WSUS as below. I am approving patches manually. Currently i am in testing face for the few machines. Please suggest me how to trouble shoot to install patches in my workstation. Server its showing below state from past 14 days.
GPO Configuration for the client
I am trying to get WSUS to provide my workstation with a 1909 upgrade. I see it in WSUS, but it never shows up as 'needed'. So I download the 1909 iso (per Dr. Google), and run it manually.
I find that it wants to effectively wipe my system and start over, only saving my personal files. The upgrade patch to simply apply it like a patch is not an option. I am on build
OS Name: Microsoft Windows 10 Enterprise N LTSC
OS Version: 10.0.17763 N/A Build 17763
I guess the question I am asking is why, or am I doing something wrong?
BlankMonkey
Hello
wsus server version 10.0.14393.2969 ,Windows server 2016 std
The wsus server can be updated normally through Windows updates.
Wsus synchronization failed
InvalidOperationException: XML 文档(3, 1215787)中有错误。 ---> System.Net.WebException: 操作已超时。Event ID 10022
Ping command the following url
windowsupdate.microsoft.com timeout
download.windowsupdate.com ok
ntservicepack.microsoft.com timeout
wustat.windows.com could not find host wustat.windows.com. Please check the name and try again.
ntservicepack.microsoft.com timeout
I think it's a firewall problem, right?
Hello ,
what is the best policy to choose a pilot server for updates in wsus ?
when the pilot servers are choosen .how to tell ,there is no problem for installed updates ?
Regards
If I perform a search in SCCM under \Software Library\Overview\Software Updates\All Software Updates for the last 2 months,
Products selected are Windows Server 2019, Windows Server version 1903 and later, Windows Server 2019 and later Servicing Drivers, Windows Server 2019 and later, Upgrade and Servicing Drivers, Windows 10 version 1809 and later Servicing drivers, Windows 10 version 1809 and later Upgrade and Servicing Drivers,
Update Classifications selected are: Security Updates, Critical Updates, Update Rollups, Updates and Upgrades,
My search for the last 2 months of updates returns ONLY the following:
2020-02 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4535996)
2020-02 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4535996)
2020-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 (1903) for x64 (KB4537572)2020-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 for x64 (KB4537572)2020-01 Update for Windows Server, version 1909 for x64-based Systems (KB4497165)
2020-01 Update for Windows Server, version 1903 for x64-based Systems (KB4497165)
Update for Windows Server, version 1909 for x64-based Systems (KB4516421)
2020-02 Security Update for Adobe Flash Player for Windows Server, version 1903 for x64-based Systems (KB4537759)
2020-02 Servicing Stack Update for Windows Server, version 1909 for x64-based Systems (KB4538674)
2020-02 Security Update for Adobe Flash Player for Windows Server, version 1909 for x64-based Systems (KB4537759)
2020-02 Servicing Stack Update for Windows Server, version 1903 for x64-based Systems (KB4538674)
Update for Windows Server 2019 (1903) for x64-based Systems (KB4516421)
So I'm getting updates for Windows Server 2019 build 1903, 1909, etc.
I have deployed Windows Server 2019 Build 1809 in my environment and I don't have any 190x build servers, as a result, no updates show up in SCCM.
I have checked and confirmed in WSUS that is installed on my SCCM server that Windows Server 2019, Windows Server 2019 and later Service Drivers and Upgrades are all selected as a Products, Classifications selected include Critical Updates, Definitions, Feature packs, security updates, service packs, update rollups, updates, upgrades, etc.
No updates for Windows Server 2019 build 1809 show up when performing synchronize software updates and hence no updates get deployed to my Windows Server 2019 machines even though if I run updates manually on a given Windows
Server 2019 build 1809 box, security, cumulative updates are available and do get installed,
ex. 2020-02 Cumulative Update for Windows Server 2019 (1809) x64 - KB4532691
and 2020-02 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 x64 - KB4538156
Pulling my hair out on this one, this shouldn't be so difficult, I can't be the only one seeing this issue as well.
My SCCM environment, Version 1906, Site version 5.0.8853.1000 running on a Windows Server 2012 R2 box.
Any help would be appreciated!
Hi All,
we seem to be having difficulty with two servers on our estate. We are seeing the D:\wsus\WsusContent folder is over 250gb in size. This is a downstream server.
I keep on top of maintenance by using the tool native in wsus manager. Does anyone know what else I can do to housekeep this wsus server?
Hi to all
I am having problems at the moment that I check the Windows updates from Windows Server 2016 "version 1607 (14393.2248)" , I got that they are pending 4 updates and then it ispreparing to install updates 5%
However, it does not advance and it remains as waiting.
What troubleshooting can I do?
Warm regards MeVs
Hi,
With reference to the below snapshots, my WSUS server 2016 detects 3 windows clients machines among 2 of them are reported but stuck at 99% past more than 4 hrs and one client not started even.
GPO is applying on the clients pointing to WSUS server (snapshot) for updates, DNS resolving and telnet to WSUS is open and also found few articles advising to apply script and special command (given below) to force detect but still it couldn't turn to green. Kindly advice where I'm I doing wrong or what is missing?
$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates
Thanks in advance
We have an auto approval rule for definition updates plus the GPO to automatically install updates that don't interrupt running services or require rebooting applied to our clients including servers.
The servers are getting the updates but the definitions queue up waiting to be manually installed on these servers.
What else do we need to do to make these updates install automatically?
Hi,
We are new to WSUS and we have created 2 Computer Groups - "Server" and "Critical" (Critical Server).
My manager prefers to install all Critical and Security Updates to machines in Server Group. On the other hand, he would like to install SQL Server related updates manually to machines in the "Critical" Group.
May I ask is there any way to handle it ?
Thanks
Hi,
We are new to WSUS and used SQL Server 2014 Express for WSUS 2016.
We would like to know is it necessary for us do any housekeeping work for the SQL Server 2014 Database SUSDB ?
Thanks
Hi,
We need to unjoin and then rejoin a Server from Domain.
After we unjoined the Server from Domain, we have deleted that Server in AD. Do we need to remove it from WSUS Computer Group as well before we rejoin it to Domain ?
Thanks
Hi,
We are new to WSUS and set up Group Policy "Auto Download and schedule the install" at 2:00am.
We set up 2 testing computers for WSUS. They still show 85% and 93% Updates Needed after 2 days.
We would like to know
1) Is it possible for us to check whether Updates have been downloaded to those Computers ?
2) Is there any way to check what is wrong with the WSUS Client ?
Thanks
Hi,
We are new to WSUS and would like to know whether it is a good idea to use WSUS Server to roll out and update Windows Update on Domain Controller.
If YES, does it mean that we need to setup Group Policy for WSUS Update in the "Default Domain Controllers Policy"?
Besides, would it be a good idea to add the WSUS Server to the Computer Groups in WSUS ?
Thanks
Hi,
Our Internet Connection is pretty slow due to some users view streaming video.
Just wonder whether it will affect the performance of WSUS Server ?
Thanks
Hello all,
I'm trying to patch my servers so that the ECC vulnerability just announced isn't an issue anymore. However when I downloaded KB4534271 and tried an offline install of it, it comes back and says it isn't applicable on the server.
My server version is: Windows Server 2016 Standard version 1607 OS build 14393.1884.
The only KB's I have installed are KB4048953 and KB4049065
What exactly am I missing?
Thanks!
Hi All,
Out of approx 100 Servers, 4 x WSUS registered domain based Windows Server 2016/2019 Servers are failing to report to our WSUS server (also domain joined). All in same subnet.
WSUS is Server 2012 and AJTek "WSUS Automated Maintenance (WAM) system" is working.
Checks performed on Server 2016/2019 Servers:
Servers already registered in WSUS
nslookup of wsus server successful
A rebuild of the SoftwareDistribution folder completed to no avail
gpupdate /force Test-NetConnection -ComputerName WSUS -Port 8530-InformationLevel Detailed (worked)
netsh.exe winhttp show proxy (none)
Get-Service -Name wuauserv (running)
Get-ItemProperty HKLM:\Software\Policies\Microsoft\Windows
\WindowsUpdateTargetGroupEnabled : 1
TargetGroup : All Immediately
WUServer : http://wsus:8530
WUStatusServer : http://wsus:8530
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Windows
Update
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows
PSChildName : WindowsUpdate
PSDrive : HKLM
PSProvider : Microsoft.PowerShell.Core\Registry
Source:
https://arnaudloos.com/2019/wsus-troubleshooting/
2020/03/12 16:35:58.8928275 11604 12028 WebServices WS error: The server returned HTTP status code '502 (0x1F6)' with text 'notresolvable'.
2020/03/12 16:35:58.8928295 11604 12028 WebServices WS error: The HTTP proxy was not able to reach the server.
2020/03/12 16:35:58.8930034 11604 12028 WebServices *FAILED* [80240438] Web service call
2020/03/12 16:35:58.8930049 11604 12028 WebServices Current service auth scheme=0.
2020/03/12 16:35:58.8930060 11604 12028 WebServices Current Proxy auth scheme=0.
2020/03/12 16:35:58.8930282 11604 12028 IdleTimer WU operation (CAgentProtocolTalker::GetConfig_WithRecovery, operation # 7) stopped; does use network; is at background priority
2020/03/12 16:35:58.8930423 11604 12028 ProtocolTalker *FAILED* [80240438] GetConfig_WithRecovery failed
2020/03/12 16:35:58.8930453 11604 12028 ProtocolTalker *FAILED* [80240438] RefreshConfig failed
2020/03/12 16:35:58.8930477 11604 12028 ProtocolTalker *FAILED* [80240438] RefreshPTState failed
2020/03/12 16:35:58.8930656 11604 12028 ProtocolTalker SyncUpdates round trips: 0
2020/03/12 16:35:58.8930672 11604 12028 ProtocolTalker *FAILED* [80240438] Sync of Updates
Hope someone has seen this behavior and resolved. Yet to perform reboots as they are PROD Servers and require out-of-hours reboots.
Thanks in advance.