After looking into seeing if a new Windows 2012 server was in the WSUS environment, it was not in the WSUS console. The server was in the proper area in AD and verified as getting the proper policy. Local WSUS log showed an error during communication however:
2013-08-01 09:35:03:023 796 13b0 EP Got WSUS SelfUpdate URL: http://<OURWSUSSERVER>/selfupdate 2013-08-01 09:35:03:039 796 13b0 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab: 2013-08-01 09:35:03:039 796 13b0 Misc Microsoft signed: Yes 2013-08-01 09:35:03:039 796 13b0 Misc Infrastructure signed: No 2013-08-01 09:35:03:039 796 13b0 Misc WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab are not trusted: Error 0x800b0001
2013-08-01 09:35:03:039 796 13b0 Setup WARNING: SelfUpdate check failed to download package information, error = 0x800B0001
2013-08-01 09:35:03:039 796 13b0 Setup FATAL: SelfUpdate check failed, err = 0x800B0001 2013-08-01 09:35:03:039 796 13b0 Agent * WARNING: Skipping scan, self-update check returned 0x800B0001 2013-08-01 09:35:03:039 796 13b0 Agent * WARNING: Exit code = 0x800B0001
Many blogs indicated this was an issue with KB2720211 not installed on the WSUS server, however this had been installed some time ago to fix a similar issue with Windows 7. Until I encountered this blog and the Dec 10<sup>th</sup> 2012 posting:
http://community.spiceworks.com/topic/279049-wsus-3-0-sp2-hotfx-clients-not-reporting
“This is the classic symptom of an issue with KB2720211 -- either missing, or a failed installation.
The key is in understanding the purpose of KB2720211. The message "Digital signatures...are not trusted" tells the story. In addition to providing the new WUAgent, KB2720211 also provides the *why* that a new WUAgent is needed, i.e. in response to the Flame malware in May, the entire certificate infrastructure of WU/MU/WSUS was gutted and replaced over the next several months. KB2720211 was an intermediate step; KB2661254 (Oct 2012) was the final step.”
Posted by Lawrence Gavin – (a trusted guru on all things WSUS related who now works for SolarWinds developing their WSUS integrated products IIRC). Then he issued this warning/caveat in a post from Jan 18, 2013:
http://thwack.solarwinds.com/thread/52275
However, the responding comment sealed the deal for me (and the detailed instructions above) -
“KB2734608 - Wsus server - enable on w8 and ws12 updates, updates windows agent (replaces KB2720211)”
KB2734608 is NOT going to show as needed on a WSUS server via Automatic Update (unlike KB2720211) and was thus not currently installed.
Once KB2734608 was installed and the WSUS Sync was completed on the WSUS server, a bunch of Windows 8 and Windows 2012 servers were then seen on the WSUS server.
*KB2661254 (referenced in the above thread) was already installed/deployed via our WSUS solution.
Another good troubleshooting tiphttp://blogs.technet.com/b/sus/archive/2012/09/05/additional-note-on-kb-2734608-regarding-wsu-windows-8-and-windows-server-2012.aspx
