Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Saturday, July 26, 2008 10:15 AM
I have WSUS server in my office for windows patch management. My Domain controller is not getting displayed in the WSUS server.
DC - ismartblr1 OS : win2k3 domain : llspl
WSUS : ismartblr-wsus OS - win2k3
Wsus server is joined in llspl domain. I have already configured GPO, all my other workstation in this domain is displayed in WSUS.
Is there any way i Can my DC into WSUS manually or automatically. Kindly help.
Saturday, August 2, 2008 11:33 PM ✅Answered
mmm the client seems to be ok, you could try to run this command:
wuauclt.exe /resetauthorization /detectnow
If that doesn't work try to delete the folder **SoftwareDistribution ** that is under Windows\System32. Check that the option Use HTTP 1.1 through proxy connections in your IE is enabled. Delete the folder WindowsUpdate from Program Files. Delete the folder Catroot2 from Windows\System32. Delete the folder WUTemp from any disk that is present.
All that tasks with the services Windows Update and BITS stopped.
net stop bits
net stop wuauserv
Then after all that start the services again. Change to start the comand instead of stop and that's it. It should work because it has connectivity with the WSUS Server. Are we sure that the WSUS Server is ok right? You see new computers reporting in WSUS but this DC didn't work right? Because the problem could be at that side.
Regards
Diego
MCITP/MCTS/MCSE/MCSA/MCP www.cabai.com.ar
Sunday, July 27, 2008 3:41 AM
You can link the existing GPO to the Domain Controllers container or you can edit manually the registry for that server:
The registry entries that you need to look for are:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU
A list of keys that you can use here are in the Deployment Guide page 70 or you can go to this link:
http://technet2.microsoft.com/windowsserver/en/library/1776f85d-a326-4f1d-a2ed-2fdd21d590d71033.mspx
I hope this is what you're looking for. If you need more assistance please let me know.
Regards,
Diego
MCITP/MCTS/MCSE/MCSA/MCP www.cabai.com.ar
Monday, July 28, 2008 2:14 PM
I have directly applied GPO settings to the domain controller container( Replicated the same settings of default domain controller policy) . Have seen the entries reflecting in registery of DC also. But I found somet0hing unusal in windowsupdate.log. Pasted for ur reference....
2008-07-28 19:05:39+0530 804 348 GetConfig: 0x80072efd
2008-07-28 19:05:39+0530 804 348 PT: Cannot recover from fault, origin=GetConfig, hr=0x80072efd
2008-07-28 19:05:39+0530 804 348 Failed to obtain cached cookie with hr = 80072efd.
2008-07-28 19:05:39+0530 804 348 Failed to upload events with hr = 80072efd.
2008-07-28 19:15:39+0530 804 40c Successfully opened event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\C55441FB-352D-41B0-9002-39208AFB39D8}.bin for reading.
2008-07-28 19:15:39+0530 804 40c PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2008-07-28 19:15:39+0530 804 40c PT: Using server URL http://ismartblr-wsus/ClientWebService/client.asmx
2008-07-28 19:15:39+0530 804 40c PT: Calling GetConfig on server
2008-07-28 19:15:39+0530 804 40c Add header for accept-encoding: xpress succeeded
**2008-07-28 19:16:00+0530 804 40c SendRequest failed with hr = 80072efd. Proxy List used: <192.168.1.5:8080> Bypass List used : <(null)> Auth Schemes used : <>
**2008-07-28 19:16:00+0530 804 40c GetConfig: 0x80072efd
2008-07-28 19:16:00+0530 804 40c PT: Cannot recover from fault, origin=GetConfig, hr=0x80072efd
2008-07-28 19:16:00+0530 804 40c Failed to obtain cached cookie with hr = 80072efd.
2008-07-28 19:16:00+0530 804 40c Failed to upload events with hr = 80072efd.
2008-07-28 19:16:27+0530 804 328 Service received connect notification
2008-07-28 19:16:27+0530 804 b90 AU received event of type: 3
2008-07-28 19:16:32+0530 804 328 Service received disconnect notification
2008-07-28 19:16:32+0530 804 b90 AU received event of type: 3
2008-07-28 19:16:32+0530 804 328 Service received connect notification
2008-07-28 19:16:32+0530 804 b90 AU received event of type: 3
In the above highlighted line Proxy list used it's showing 192.168.1.5 but actually my proxy server ip is 192.168.1.6.
Is this anyway contributing the issue?
Kindly help.
Tuesday, July 29, 2008 12:42 AM
Why don't you try to find that IP address in the registry? Check also that you don't have the proxy settings applied from another GPO. That could be a problem on the client.
Regards,
Diego
MCITP/MCTS/MCSE/MCSA/MCP www.cabai.com.ar
Wednesday, July 30, 2008 4:54 AM
I checked in the registry, no entries related to proxy for that particular IP. I haven't applied proxy settings from another GPO.
I am struck. I couldn't understand anything from that log file.
Kindly help.
Thursday, July 31, 2008 3:47 AM
Then I recommend you to reinstall all the Automatic Updates client files. Have you checked the Client Diagnostic Tool from Microsoft? This tool connects successfully to the WSUS Server?
Regards,
Diego
MCITP/MCTS/MCSE/MCSA/MCP www.cabai.com.ar
Saturday, August 2, 2008 5:12 AM
How do i install automatic client ? Pls. guide me
Where exactly I can get diagonistic tool?
Saturday, August 2, 2008 11:52 AM
I already linked my default domain policy to domain controller container, Also enclosed the client diagnose resutl below. As per the result, seems to be no problem, but still i am not getting updates also my DC is not displaying wsus console. Kindly help
WSUS Client Diagnostics Tool
Checking Machine State
Checking for admin rights to run tool . . . . . . . . . PASS
Automatic Updates Service is running. . . . . . . . . . PASS
Background Intelligent Transfer Service is not running. PASS
Wuaueng.dll version 7.0.6000.381. . . . . . . . . . . . PASS
This version is WSUS 2.0
Checking AU Settings
AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
Option is from Policy settings
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy
192.168.1.6:8080
User IE ProxyByPass
<local>
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect in use
Checking Connection to WSUS/SUS Server
WUServer = http://ismartblr-wsus
WUStatusServer = http://ismartblr-wsus
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Connection to server. . . . . . . . . . . . . . . . . . PASS
SelfUpdate folder is present. . . . . . . . . . . . . . PASS
Press Enter to Complete
Wednesday, August 13, 2008 9:02 PM
We're having the same problem, all our computers report to WSUS except for the domain controllers.
Is there anyway you can translate your instructions to Windows Server 2k8? these folders don't exist in this operating system and the folder that does exist catroot2 will not let me delete it even running elevated.
Wednesday, August 13, 2008 10:38 PM
Hi Robert, did you run the Client Diagnostic Tool on the DC? Have you assigned the WSUS GPO Settings to that DC? Thanks
Regards,
Diego
MCITP/MCTS/MCSE/MCSA/MCP/SCS www.cabai.com.ar
Thursday, August 14, 2008 3:30 PM
well, this was my fault, I type-o'd the servername in the default domain controllers policy. I discovered it when I ran the diags on our windows 2003 domain controller it gave me a clear error of:
VerifyWUServerURL() failed with hr=0x80072ee7
The server name or address could not be resolved
However, when I ran the diagnostics on my server 2008 64 bit domain controller I got the following error which does not give us a clear/accurate error message:
wsus error GetFileVersion(szEngineDir,&susVersion) failed with hr=0x80070002
Long story short though I got it working by fixing my type-o.
Thanks for your help!
-Robert