I've been all over the forums on this but have yet to find a solution. I have a downstream WSUS server running WSUS version 3.2.7600.226 with 64 clients connected (both Win 7 and Win XP).The server is not in a load balanced cluster, but clients were redirected to another server via Group Policy before this server was in place.
I was getting local WSUS error logs like this:
2013-01-24 04:00:06:727 596 150c PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://10.75.77.8/ClientWebService/client.asmx
2013-01-24 04:00:06:773 596 150c PT WARNING: Cached cookie has expired or new PID is available
2013-01-24 04:00:06:773 596 150c PT Initializing simple targeting cookie, clientId = ff2ef028-3216-4ba5-ba37-a0e582f574be, target group = WSUS-BH-283, DNS name = smcd02.corp.uhsinc.biz
2013-01-24 04:00:06:773 596 150c PT Server URL = http://10.75.77.8/SimpleAuthWebService/SimpleAuth.asmx
2013-01-24 04:00:06:805 596 150c PT WARNING: GetCookie failure, error = 0x8024400D, soap client error = 7, soap error code = 300, HTTP status code = 200
2013-01-24 04:00:06:805 596 150c PT WARNING: SOAP Fault: 0x00012c
2013-01-24 04:00:06:805 596 150c PT WARNING: faultstring:Fault occurred
2013-01-24 04:00:06:805 596 150c PT WARNING: ErrorCode:ConfigChanged(2)
2013-01-24 04:00:06:805 596 150c PT WARNING: Message:(null)
2013-01-24 04:00:06:805 596 150c PT WARNING: Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/GetCookie"
2013-01-24 04:00:06:805 596 150c PT WARNING: ID:32fed988-78fb-4734-9930-475c76b4d418
2013-01-24 04:00:07:023 596 150c PT WARNING: Cached cookie has expired or new PID is available
2013-01-24 04:00:07:023 596 150c PT Initializing simple targeting cookie, clientId = ff2ef028-3216-4ba5-ba37-a0e582f574be, target group = WSUS-BH-283, DNS name = smcd02.corp.uhsinc.bizWhen I deleted the WSUS object from the WSUS console and reset the SUS ID on the local PC, I'd then get this on the local log:
2013-01-25 07:42:23:258 1164 fe4 AU # Detection frequency: 6
2013-01-25 07:42:23:258 1164 fe4 AU # Target group: WSUS-BH-283
2013-01-25 07:42:23:258 1164 fe4 AU # Approval type: Scheduled (Policy)
2013-01-25 07:42:23:258 1164 fe4 AU # Scheduled install day/time: Every day at 18:00
2013-01-25 07:42:23:258 1164 fe4 AU # Auto-install minor updates: Yes (Policy)
2013-01-25 07:42:23:258 1164 fe4 AU # Will interact with non-admins (Non-admins are elevated (Policy))
2013-01-25 07:42:23:258 1164 fe4 AU Setting AU scheduled install time to 2013-01-26 02:00:00
2013-01-25 07:42:23:258 1164 fe4 AU Initializing featured updates
2013-01-25 07:42:23:258 1164 fe4 AU Found 0 cached featured updates
2013-01-25 07:42:23:258 1164 fe4 AU WARNING: ISusInternal::CanInstallNow failed, error = 0x80070005
2013-01-25 07:42:23:258 1164 fe4 AU AU finished delayed initialization
2013-01-25 07:42:23:258 1164 fe4 AU Triggering AU detection through DetectNow API
2013-01-25 07:42:23:258 1164 fe4 AU Triggering Online detection (non-interactive)
2013-01-25 07:42:23:289 1164 1d8 Agent Created new random SusClientId efad077d-cdf7-409e-bf40-d623ac06bf69. Old Id: none.
Thus far I have tried attacking this from the client and server angles:
To recap from the client side I've done:
- I have stopped the AU service, deleted the C:\Windows\SoftwareDistribution folder then restarted the AU service (which recreated the SoftwareDistribution folder) and ran wuauclt /resetauthorization /detectnow
- I have stopped the
Windows Management Instrumentation Service, renamed the REPOSITORY to REPOSITORY.OLD in
C:\Windows\system32\wbem and restarted the service which recreated the REPOSITORY folder
- I have stopped the AU service, deleted the
SUSID from the registry:
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f
- then restarted AU service and
ran wuauclt /resetauthorization /detectnow
- as some blogs indicated a change in local permissions on the C:\ drive I compared the local C:\ drive permissions with a working PC connected to a different WSUS server and saw no difference
- some blogs indicated a services permission issue using a custom account
- Automatic Update Service, Background Intelligent Transfer Service were both using the Local System account
- dependent service (on the XP box) Remote Procedure Call was using Network Service account
Clients could then always talk to the WSUS server, update their "Reported" status, and get metadata approvals, but would never download updates (would stay at status "Not Installed" and never move to "Downloaded")
As some blogs indicated an issue with IIS, from the server side:
- I uninstalled the IIS role, all dependent roles and services and WSUS
- I removed all files and local DB's during the WSUS uninstallation
- Rebooted, then again after the IIS removal was complete after that reboot
- reinstalled IIS and WSUS, re-setup the server as a downstream (no SSL no proxy - as before)
Now all clients (Win 7 and Win XP) hit the WSUS server and hang indefinitely in a "Not Yet Reported" status unless I run a wuauclt /resetauthorization /detectnow command where they will at least register a status, but when they do, same issue as before. Metadata on approvals shows ok, but client does not download any updates.
Wanting to verify the PCs needed updates so while I was on one I had it hit Windows Update via IE. PC needed 9 updates. I was able to successfully download and install one update as a test, then rebooted the PC, so the AU client is working when connected to Windows Update directly.
Then after stopping and starting the service net stop/start wuauserv and re-registering with wuauclt /resetauthorization /detectnow
this is how the log looks now:
2013-01-30 06:13:56:312 1108 230 Service ** START ** Service: Service startup
2013-01-30 06:13:56:312 1108 230 Service *********
2013-01-30 06:13:56:656 1108 230 Agent * WU client version 7.6.7600.256
2013-01-30 06:13:56:656 1108 230 Agent * Base directory: C:\WINDOWS\SoftwareDistribution
2013-01-30 06:13:56:656 1108 230 Agent * Access type: No proxy
2013-01-30 06:13:56:671 1108 230 Agent * Network state: Connected
2013-01-30 06:14:05:296 1108 b2c Agent *********** Agent: Initializing Windows Update Agent ***********
2013-01-30 06:14:05:328 1108 b2c Agent *********** Agent: Initializing global settings cache ***********
2013-01-30 06:14:05:328 1108 b2c Agent * WSUS server: http://10.75.77.8
2013-01-30 06:14:05:328 1108 b2c Agent * WSUS status server: http://10.75.77.8
2013-01-30 06:14:05:328 1108 b2c Agent * Target group: WSUS-BH-283
2013-01-30 06:14:05:328 1108 b2c Agent * Windows Update access disabled: No
2013-01-30 06:14:05:359 1108 b2c DnldMgr Download manager restoring 0 downloads
2013-01-30 06:14:05:750 1264 8c0 Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0800) ===========
2013-01-30 06:14:05:750 1264 8c0 Misc = Process: C:\Program Files\LogMeIn\x86\LogMeIn.exe
2013-01-30 06:14:05:750 1264 8c0 Misc = Module: C:\WINDOWS\system32\wuapi.dll
2013-01-30 06:14:05:750 1264 8c0 COMAPI -------------
2013-01-30 06:14:05:750 1264 8c0 COMAPI -- START -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:14:05:796 1264 8c0 COMAPI ---------
2013-01-30 06:14:05:968 1264 8c0 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:14:08:203 1108 230 Report *********** Report: Initializing static reporting data ***********
2013-01-30 06:14:08:203 1108 230 Report * OS Version = 5.1.2600.3.0.65792
2013-01-30 06:14:08:328 1108 230 Report * Computer Brand = Dell Computer Corporation
2013-01-30 06:14:08:328 1108 230 Report * Computer Model = Dell DE051
2013-01-30 06:14:08:343 1108 230 Report * Bios Revision = A01
2013-01-30 06:14:08:343 1108 230 Report * Bios Name = Phoenix ROM BIOS PLUS Version 1.10 A01
2013-01-30 06:14:08:343 1108 230 Report * Bios Release Date = 2006-01-03T00:00:00
2013-01-30 06:14:08:343 1108 230 Report * Locale ID = 1033
2013-01-30 06:14:08:343 1108 db0 Agent *************
2013-01-30 06:14:08:343 1108 db0 Agent ** START ** Agent: Finding updates [CallerId = ]
2013-01-30 06:14:08:343 1108 db0 Agent *********
2013-01-30 06:14:08:343 1108 db0 Agent * Online = Yes; Ignore download priority = No
2013-01-30 06:14:08:343 1108 db0 Agent * Criteria = "IsInstalled = 0 AND IsHidden = 0"
2013-01-30 06:14:08:343 1108 db0 Agent * ServiceID = {00000000-0000-0000-0000-000000000000} Third party service
2013-01-30 06:14:08:343 1108 db0 Agent * Search Scope = {Machine}
2013-01-30 06:14:49:180 1108 230 AU ########### AU: Initializing Automatic Updates ###########
2013-01-30 06:14:49:211 1108 230 AU AU setting next sqm report timeout to 2013-01-30 14:14:49
2013-01-30 06:15:07:727 1108 230 AU # WSUS server: http://10.75.77.8
2013-01-30 06:15:07:727 1108 230 AU # Detection frequency: 6
2013-01-30 06:15:07:774 1108 230 AU # Target group: WSUS-BH-283
2013-01-30 06:15:07:774 1108 230 AU # Approval type: Scheduled (Policy)
2013-01-30 06:15:07:774 1108 230 AU # Scheduled install day/time: Every day at 18:00
2013-01-30 06:15:07:774 1108 230 AU # Auto-install minor updates: Yes (Policy)
2013-01-30 06:15:07:774 1108 230 AU # Will interact with non-admins (Non-admins are elevated (Policy))
2013-01-30 06:15:07:976 1108 230 AU Setting AU scheduled install time to 2013-01-31 02:00:00
2013-01-30 06:15:07:991 1108 230 AU Initializing featured updates
2013-01-30 06:15:08:053 1108 230 AU Found 0 cached featured updates
2013-01-30 06:15:08:410 1108 230 AU AU finished delayed initialization
2013-01-30 06:15:08:504 1108 230 AU #############
2013-01-30 06:15:08:504 1108 230 AU ## START ## AU: Search for updates
2013-01-30 06:15:08:504 1108 230 AU #########
2013-01-30 06:15:08:566 1108 230 AU <<## SUBMITTED ## AU: Search for updates [CallId = {B62EA1DA-327C-4B0D-9858-F4E0E80A4661}]
2013-01-30 06:15:08:721 1108 db0 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2013-01-30 06:15:08:721 1108 db0 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://10.75.77.8/ClientWebService/client.asmx
2013-01-30 06:17:37:983 1108 db0 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2013-01-30 06:17:37:983 1108 db0 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://10.75.77.8/ClientWebService/client.asmx
2013-01-30 06:19:01:376 1108 db0 Agent * Found 0 updates and 64 categories in search; evaluated appl. rules of 1128 out of 2354 deployed entities
2013-01-30 06:19:05:287 1108 db0 Agent *********
2013-01-30 06:19:05:287 1108 db0 Agent ** END ** Agent: Finding updates [CallerId = ]
2013-01-30 06:19:05:287 1108 db0 Agent *************
2013-01-30 06:19:05:303 1108 db0 Agent *************
2013-01-30 06:19:05:303 1108 db0 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-01-30 06:19:05:303 1108 db0 Agent *********
2013-01-30 06:19:05:303 1108 db0 Agent * Online = No; Ignore download priority = No
2013-01-30 06:19:05:303 1108 db0 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1
and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1"
2013-01-30 06:19:05:303 1108 db0 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2013-01-30 06:19:05:303 1108 db0 Agent * Search Scope = {Machine}
2013-01-30 06:19:05:380 1264 c50 COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:19:05:380 1264 c50 COMAPI - Updates found = 0
2013-01-30 06:19:05:380 1264 c50 COMAPI ---------
2013-01-30 06:19:05:380 1264 c50 COMAPI -- END -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:19:05:380 1264 c50 COMAPI -------------
2013-01-30 06:19:11:123 1264 8c0 COMAPI -------------
2013-01-30 06:19:11:123 1264 8c0 COMAPI -- START -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:19:11:154 1264 8c0 COMAPI ---------
2013-01-30 06:19:11:341 1264 8c0 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:19:17:950 1108 db0 Agent * Found 0 updates and 64 categories in search; evaluated appl. rules of 248 out of 2354 deployed entities
2013-01-30 06:19:22:065 1108 db0 Agent *********
2013-01-30 06:19:22:065 1108 db0 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-01-30 06:19:22:065 1108 db0 Agent *************
2013-01-30 06:19:22:096 1108 9c0 AU >>## RESUMED ## AU: Search for updates [CallId = {B62EA1DA-327C-4B0D-9858-F4E0E80A4661}]
2013-01-30 06:19:22:096 1108 db0 Agent *************
2013-01-30 06:19:22:096 1108 db0 Agent ** START ** Agent: Finding updates [CallerId = ]
2013-01-30 06:19:22:096 1108 db0 Agent *********
2013-01-30 06:19:22:096 1108 db0 Agent * Online = Yes; Ignore download priority = No
2013-01-30 06:19:22:096 1108 db0 Agent * Criteria = "IsInstalled = 0 AND IsHidden = 0"
2013-01-30 06:19:22:096 1108 db0 Agent * ServiceID = {00000000-0000-0000-0000-000000000000} Third party service
2013-01-30 06:19:22:096 1108 db0 Agent * Search Scope = {Machine}
2013-01-30 06:19:22:096 1108 9c0 AU # 0 updates detected
2013-01-30 06:19:22:127 1108 9c0 AU #########
2013-01-30 06:19:22:127 1108 9c0 AU ## END ## AU: Search for updates [CallId = {B62EA1DA-327C-4B0D-9858-F4E0E80A4661}]
2013-01-30 06:19:22:127 1108 9c0 AU #############
2013-01-30 06:19:22:127 1108 9c0 AU Featured notifications is disabled.
2013-01-30 06:19:22:127 1108 9c0 AU Setting AU scheduled install time to 2013-01-31 02:00:00
2013-01-30 06:19:24:060 1108 db0 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2013-01-30 06:19:24:060 1108 db0 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://10.75.77.8/ClientWebService/client.asmx
2013-01-30 06:19:49:358 1108 db0 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2013-01-30 06:19:49:358 1108 db0 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://10.75.77.8/ClientWebService/client.asmx
2013-01-30 06:19:52:040 1108 db0 Agent * Found 0 updates and 64 categories in search; evaluated appl. rules of 1128 out of 2354 deployed entities
2013-01-30 06:19:52:055 1108 db0 Agent *********
2013-01-30 06:19:52:055 1108 db0 Agent ** END ** Agent: Finding updates [CallerId = ]
2013-01-30 06:19:52:055 1108 db0 Agent *************
2013-01-30 06:19:52:102 1264 9b8 COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:19:52:102 1264 9b8 COMAPI - Updates found = 0
2013-01-30 06:19:52:102 1264 9b8 COMAPI ---------
2013-01-30 06:19:52:102 1264 9b8 COMAPI -- END -- COMAPI: Search [ClientId = <NULL>]
2013-01-30 06:19:52:102 1264 9b8 COMAPI -------------
2013-01-30 06:19:52:523 1108 db0 Report REPORT EVENT: {A8F91037-C426-46F1-88BC-66F4C2A1CC34} 2013-01-30 06:15:08:053-0800 1 202 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Reboot completed.
2013-01-30 06:19:52:570 1108 db0 Report REPORT EVENT: {A2D0D939-D68D-4E11-A548-56B3D6084738} 2013-01-30 06:19:05:194-0800 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 Success Software Synchronization Windows Update Client
successfully detected 0 updates.
2013-01-30 06:19:52:570 1108 db0 Report REPORT EVENT: {5E052410-7766-4F15-AF6E-F0342D680532} 2013-01-30 06:19:05:287-0800 1 156 101 {00000000-0000-0000-0000-000000000000} 0 0 Success Pre-Deployment Check Reporting client status.
2013-01-30 06:19:57:059 1108 db0 Report REPORT EVENT: {33FE34C6-1B74-4306-9F56-DDEF64B2060A} 2013-01-30 06:19:52:055-0800 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 Success Software Synchronization Windows Update Client
successfully detected 0 updates.
2013-01-30 06:19:57:074 1108 db0 Report REPORT EVENT: {9E7CC8EE-F9B2-4A00-8438-6502AB3079DF} 2013-01-30 06:19:52:055-0800 1 156 101 {00000000-0000-0000-0000-000000000000} 0 0 Success Pre-Deployment Check Reporting client status.
2013-01-30 06:32:40:415 1108 db0 Report Uploading 5 events using cached cookie, reporting URL = http://10.75.77.8/ReportingWebService/ReportingWebService.asmx
2013-01-30 06:32:40:461 1108 db0 Report Reporter successfully uploaded 5 events.
The WSUS client now seems to think it needs zero updates when talking to the WSUS server. What gives?
Having looked at 15 or 16 blogs on this subject over the last week or so and having done everything I can think of from a client and server side - I am at a loss to understand where issue lies. Can anyone help?