WSUS will not update or install updates on new workstations

windows-update wsus
42,131

Solution 1

Have you checked the IIS Logs?

c:\windows\system32\logfiles\ (site)

Where site will probably have a name like W3SVC1

After that, my next step would be top get a packet sniffer (Wireshark etc.) on the client, and if necessary on the server, and see exactly which requests are going to which ports.

Solution 2

Try this on the client:

  1. Stop the Automatic Updates service.

  2. Delete the contents of the C:\Windows\SoftwareDistribution folder.

  3. Restart the Automatic Updates service.

  4. Go into Internet Explorer and delete the history, cookies, and temp internet files.

  5. Reboot then from a command prompt run wuauclt.exe /detectnow.

(and you say you can use IE to get to the sites, so I'm assuming that's from one of the clients? If not, try it from a client...making sure that the windows firewall isn't the issue)

Solution 3

Do the circumstances described here apply?

It seems that if you have any other web site running on port 80 on your WSUS server then you HAVE to create a virtual directory called selfupdate and point it to the selfupdate folder on your server.

Similar is also described here, and may be relevant to your situation (check the last post in the thread).

Solution 4

Have you updated group policy to point the workstations to the new WSUS server?

Intranet Microsoft Update Service Location - located in Computer Configuration / Administrative Templates / Windows Components / Windows Update

Share:
42,131

Related videos on Youtube

Richard Slater
Author by

Richard Slater

Updated on September 17, 2022

Comments

  • Richard Slater
    Richard Slater almost 2 years

    Update: Unfortunatly I was never able to fix this problem, I am fairly confident that some mistake was made when installing it or porting the computers and authorization across. After several re-installs, I ended up installing it on the Default Website with SSL and re-authorizing all of the patches, fortunatly this wasn't too painful and it seems to have fixed a couple of other irritating patches that didn't install.

    I have recently moved WSUS from one server to a new server (disk space requirements). Unfortunatly it seems that there is a communications problem with new clients (XP SP2) connecting to the server. Group policy has been updated and old clients are using the new server, at least they are showing up in the new server console and being offered updates.

    I can use Internet Explorer to navigate to each of:

    http://update.cncs.co.uk/selfupdate/wuident.cab
https://update.cncs.co.uk:8531/selfupdate/wuident.cab
http://update.cncs.co.uk:8530/selfupdate/wuident.cab

    There are no relevant errors in the Event Logs and I can't use WsusDebugTool as it is an W2K3 x64 server, although I would appreciate it if anyone could point me towards an alternative.

    I have tried the following steps:

    • Reset the WSUS Client (steps at the bottom of this post).
    • Cleared the proxy configuration (proxycfg -d).
    • Checked the WUAU registry entries (HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate).
    • Deleted the registry entires then reset the WSUS Client.
    • Manually installed XP SP3 and .NET 2.0.

    Thanks.

    WindowsUpdate.log

    2009-08-27  12:44:20+0100    448    680 ChangeServiceConfig for wuauserv succeeded
2009-08-27  12:44:44+0100   1012    420 Service Main starts
2009-08-27  12:44:44+0100   1012    420 Using BatchFlushAge = 31134.
2009-08-27  12:44:44+0100   1012    420 Using SamplingValue = 446.
2009-08-27  12:44:44+0100   1012    420 Successfully loaded event namespace dictionary.
2009-08-27  12:44:44+0100   1012    420 Successfully loaded client event namespace descriptor.
2009-08-27  12:44:44+0100   1012    420 Successfully initialized local event logger. Events will be logged at C:\WINDOWS\SoftwareDistribution\ReportingEvents.log.
2009-08-27  12:44:44+0100   1012    420 Successfully initialized NT event logger.
2009-08-27  12:44:44+0100   1012    420 Successfully initialized event uploader 0.
2009-08-27  12:44:44+0100   1012    420 Successfully initialized event uploader 1.
2009-08-27  12:44:44+0100   1012    420 WU client with version 5.4.3790.5512 successfully initialized
2009-08-27  12:44:44+0100   1012    420 Service status is now SERVICE_RUNNING
2009-08-27  12:44:44+0100   1012    554 Failed to open event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin for reading with hr = 80070002.
2009-08-27  12:44:44+0100   1012    554 Attempted to delete event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin but the file could not be found. hr = 80070002.
2009-08-27  12:45:01+0100   2040    59c Trying to make out of proc datastore active
2009-08-27  12:45:03+0100   2040    59c Service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 added
2009-08-27  12:45:03+0100   2040    59c Service 9482F4B4-E343-43B6-B170-9A65BC822C77 added
2009-08-27  12:45:03+0100   2040    59c Data store successfully created
2009-08-27  12:45:03+0100   2040    59c Out of proc datastore is now active
2009-08-27  12:45:03+0100   1012    280 Client Call Recorder finished delayed initialization
2009-08-27  12:45:03+0100   1012    280 Setting AU scheduled install time to 2009-08-27 14:00:00
2009-08-27  12:45:03+0100   1012    280 AU finished delayed initialization
2009-08-27  12:45:03+0100   1012    280 Triggering AU detection through DetectNow api
2009-08-27  12:45:03+0100   1012    420 AU received event of 1
2009-08-27  12:45:03+0100   1012    420 WU client succeeds CClientCallRecorder::BeginFindUpdates from AutomaticUpdates with call id {D787A8BB-40D5-4B6B-B9F4-BB2ABBDD11CF}
2009-08-27  12:45:03+0100   1012    6ac WU client executing call {D787A8BB-40D5-4B6B-B9F4-BB2ABBDD11CF} of type Search Call
2009-08-27  12:45:04+0100   1012    6ac Send failed with hr = 80072efd.
2009-08-27  12:45:04+0100   1012    6ac SendRequest failed with hr = 80072efd. Proxy List used:  Bypass List used : 
2009-08-27  12:45:05+0100   1012    6ac Send failed with hr = 80072efd.
2009-08-27  12:45:05+0100   1012    6ac SendRequest failed with hr = 80072efd. Proxy List used:  Bypass List used : 
2009-08-27  12:45:06+0100   1012    6ac Send failed with hr = 80072efd.
2009-08-27  12:45:06+0100   1012    6ac SendRequest failed with hr = 80072efd. Proxy List used:  Bypass List used : 
2009-08-27  12:45:07+0100   1012    6ac Send failed with hr = 80072efd.
2009-08-27  12:45:07+0100   1012    6ac SendRequest failed with hr = 80072efd. Proxy List used:  Bypass List used : 
2009-08-27  12:45:07+0100   1012    6ac DownloadFileInternal failed for https://update.cncs.co.uk:8531/SelfUpdate/wuident.cab: error 0x80072efd
2009-08-27  12:45:07+0100   1012    6ac IsUpdateRequired failed with error 0x80072efd
2009-08-27  12:45:07+0100   1012    6ac OS Version = 5.1.2600.3.0.65792
2009-08-27  12:45:07+0100   1012    6ac Computer Brand = Hewlett-Packard
2009-08-27  12:45:07+0100   1012    6ac Computer Model = HP Compaq dx2450 Microtower PC
2009-08-27  12:45:07+0100   1012    6ac Bios Revision =  5.19
2009-08-27  12:45:07+0100   1012    6ac Bios Name = Phoenix - AwardBIOS v6.00PG
2009-08-27  12:45:07+0100   1012    6ac Bios Release Date = 2008-11-03T00:00:00
2009-08-27  12:45:07+0100   1012    6ac Locale ID = 1033
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: iuengine.dll = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuapi.dll = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuauclt.exe = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuauclt1.exe = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuaucpl.cpl = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuaueng.dll = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuaueng1.dll = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wuauserv.dll = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac ClientVersion: wucltui.dll = 5.4.3790.5512
2009-08-27  12:45:07+0100   1012    6ac PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2009-08-27  12:45:07+0100   1012    6ac PT: Using server URL https://update.cncs.co.uk:8531/ClientWebService/client.asmx
2009-08-27  12:45:07+0100   1012    6ac PT: Calling GetConfig on server
2009-08-27  12:45:07+0100   1012    6ac Add header for accept-encoding: xpress succeeded
2009-08-27  12:45:07+0100   1012    6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:45:07+0100   1012    6ac PT: Using server URL https://update.cncs.co.uk:8531/SimpleAuthWebService/SimpleAuth.asmx
2009-08-27  12:45:07+0100   1012    6ac DetectCompressionType returning type 0, hr=0x1
2009-08-27  12:45:07+0100   1012    6ac Add header for accept-encoding: xpress succeeded
2009-08-27  12:45:07+0100   1012    6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:45:07+0100   1012    6ac Add header for accept-encoding: xpress succeeded
2009-08-27  12:45:07+0100   1012    6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:45:07+0100   1012    6ac Add header for accept-encoding: xpress succeeded
2009-08-27  12:45:07+0100   1012    6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:45:07+0100   1012    6ac Add header for accept-encoding: xpress succeeded
2009-08-27  12:45:07+0100   1012    6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:45:07+0100   1012    6ac Parse failed: error 0x80070057
2009-08-27  12:45:07+0100   1012    6ac Parse failed with 0x80070057

2009-08-27  12:45:07+0100   1012    6ac Sync of Updates: 0x80070057
2009-08-27  12:45:07+0100   1012    6ac WU client failed Searching for update with error 0x80070057
2009-08-27  12:45:07+0100   1012    6ac Search Callback Failed, hr is 0x80070057
2009-08-27  12:45:07+0100   1012    6ac Setting next AU detection timeout to 2009-08-27 16:45:07
2009-08-27  12:45:07+0100   1012    6ac Setting AU scheduled install time to 2009-08-27 14:00:00
2009-08-27  12:45:07+0100   1012    6ac WU client calls back to search call AutomaticUpdates with code Call failed and error 0x80070057 
2009-08-27  12:45:07+0100   1012    6ac WU client completed and deleted call {D787A8BB-40D5-4B6B-B9F4-BB2ABBDD11CF}
2009-08-27  12:45:12+0100   1012    6ac REPORT EVENT: {6AA7A975-DA29-4299-AE53-ADDCC46606C8}    17  2009-08-27 12:45:07+0100    1   148 101 {D67661EB-2423-451D-BF5D-13199E37DF28}  0   80072efd    SelfUpdate  Failure Software Synchronization    Error: Agent failed detecting with reason: 0x80072efd
2009-08-27  12:45:12+0100   1012    6ac REPORT EVENT: {3AB34C95-17CD-4010-A9A5-D5865E4525E5}    18  2009-08-27 12:45:07+0100    1   148 101 {00000000-0000-0000-0000-000000000000}  0   80070057    AutomaticUpdates    Failure Software Synchronization    Error: Agent failed detecting with reason: 0x80070057
2009-08-27  12:45:12+0100   1012    6ac Reopened existing event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin for writing.
2009-08-27  12:45:12+0100   1012    6ac Reopened existing event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{256805A3-A1CC-421B-857B-CD029A389CBA}.bin for writing.
2009-08-27  12:45:29+0100   1012    420 start delayed initialization of WU client
2009-08-27  12:47:11+0100   1012    554 Successfully opened event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin for reading.
2009-08-27  12:47:11+0100   1012    554 PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2009-08-27  12:47:11+0100   1012    554 PT: Using server URL https://update.cncs.co.uk:8531/ClientWebService/client.asmx
2009-08-27  12:47:11+0100   1012    554 PT: Calling GetConfig on server
2009-08-27  12:47:11+0100   1012    554 Add header for accept-encoding: xpress succeeded
2009-08-27  12:47:11+0100   1012    554 DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:47:11+0100   1012    554 PT: Using server URL https://update.cncs.co.uk:8531/SimpleAuthWebService/SimpleAuth.asmx
2009-08-27  12:47:11+0100   1012    554 DetectCompressionType returning type 0, hr=0x1
2009-08-27  12:47:11+0100   1012    554 Add header for accept-encoding: xpress succeeded
2009-08-27  12:47:11+0100   1012    554 DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:47:11+0100   1012    554 Add header for accept-encoding: xpress succeeded
2009-08-27  12:47:11+0100   1012    554 DetectCompressionType returning type 1, hr=0x0
2009-08-27  12:47:11+0100   1012    554 PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2009-08-27  12:47:11+0100   1012    554 Failed to obtain cached url with hr = 80248008.
2009-08-27  12:47:11+0100   1012    554 Failed to upload events with hr = 80248008.

    ClientDiag.exe

    WSUS Client Diagnostics Tool

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is not running. PASS
        Wuaueng.dll version 5.4.3790.2180 . . . . . . . . . . . PASS
                This version is SUS 1.0

Checking AU Settings
        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        
                Winhttp local machine Proxy. . . . . . . . . .  NONE
                Winhttp local machine ProxyBypass. . . . . . .  NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy
                http=
                User IE ProxyByPass
                www.cncs.co.uk;intranet.cncs.co.uk;intranet;*.cncs.co.uk;*.brigh
ton-hove.gov.uk;*.brighton-hove.sch.uk;10.60.*;
                User IE AutoConfig URL Proxy . . . . . . . . .  NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
                WUServer = https://update.cncs.co.uk:8531
                WUStatusServer = https://update.cncs.co.uk:8531
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
        Connection to server. . . . . . . . . . . . . . . . . . PASS

WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL, &downloadBuffer) failed with hr=0x80072efd

A connection with the server could not be established

    Reset WSUS Client

    1. run "net stop wuauserv"
    2. run "net stop bits"
    3. Clear the contents of C:\Windows\SoftwareDistribution
    4. Clear the contents of C:\Windows\WindowsUpdate.log
    5. run "net start wuauserv"
    6. run "net start bits"
    7. run "wuauclt /detectnow /resetauthorization"
    • l0c0b0x
      l0c0b0x almost 15 years
      What exactly do you mean by 'new' clients and 'old' clients?
    • Richard Slater
      Richard Slater almost 15 years
      New clients are clients that have been built after moving WSUS from the old server to the new server. Old clients are ones that existed before WSUS was moved.
    • RateControl
      RateControl almost 15 years
      What is the dll version on the old client? taken from : forums.techarena.in/server-update-service/504089.htm
    • Richard Slater
      Richard Slater almost 15 years
      I am not back in work for a few days now, I will find out next week though. I re-installed WSUS on the default website and started the sync from the old server before I left, I suspect it is something to do with an inability to update the client.
    • Admin
      Admin about 8 years
      Inspect your Proxy-Setting with netsh winhttp show proxy.
    • Richard Slater
      Richard Slater about 8 years
      @Heinz thank you for your comment, this is a thread from 7 years ago and I am unsure if you are suggesting i use netsh to do something or just pointing out how to access proxy settings using netsh - again thanks though.
  • Richard Slater
    Richard Slater almost 15 years
    Fair point - however I did update Group Policy and it does work, the Client Diagnostics show the correct WUServer and WUStatusServer, the previous server was running on Port 80 and 443 rather than 8530 and 8531.
  • Richard Slater
    Richard Slater almost 15 years
    Those appear to be different error messages: - The requested URL does not exist on the server. (0x80190194) - The server has not found anything matching the requested URI (Uniform Resource Identifier). (0x80190194) As opposed to my - A connection with the server could not be established (0x80072efd) There is indeed a default website in IIS with the selfupdate tree mapped to the same location as the selfupdate tree in the 8530/8531 webstites, I can also navigate to it using Internet Explorer. It may well be a faulse negative from ClientDiag.exe, however updated do not work.
  • Richard Slater
    Richard Slater almost 15 years
    Sounds like the WSUS magic that usualy fixes these issues, alas neither the method I just added to my OP nor your method has helped, ClientDiag still reports an error, the log is basicly identical and updates do not work.
  • Richard Slater
    Richard Slater almost 15 years
    I have looked at the proxy settings, deleted them and restarted the service. I don't have access to the server from home, so I will investigate further tomorrow.
  • kralyk
    kralyk almost 15 years
    Have you contacted MS Support for their Client Reset tool? There is some kind of tool that they will give out only on a support call (but I think the call is free) and it runs and completely resets the AU client stuff. Just a thought. Another solution might be to put them in a new OU and force the settings back to normal, then update once off MS Update site, then move them back to the proper OU.
  • Richard Slater
    Richard Slater almost 15 years
    Existing clients (i.e ones that were build and configured to use the old WSUS server) appear in the the WSUS console on the new server and stay there, clients built after the change over don't appear to connect to the server at all so they never appear in the console on the new server.
  • Richard Slater
    Richard Slater almost 15 years
    Went through the last post everything seems to check out, the registry keys point to the correct server. The proxy configuration is correct (i.e. no proxy - proxycfg -d) still no go. One thing I have noticed is that BITS dosn't seem to be running all of the time. Looking into that now.
  • Richard Slater
    Richard Slater over 14 years
    Yes they are in the correct OU, if they were not the WSUS Server would not appear in WindowsUpdate.log and the output from WSUS Client Diagnostics.
  • Admin
    Admin over 14 years
    When you look at the windowsupdate.log file on one of the systems that do work, do they show the same URL to the WSUS? I only use server_name:8530 in group policy under the "Specify intranet Microsoft update service location". I see you use a public website address.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Stop Feature upgrades and properly manage them via WSUS
Windows Updates stopped working with error 0x80244010 and 0x80070003
Check whether Windows Updates are being installed
How can I use WSUS in a Windows Workgroup?
Change group policy using windows CMD
Windows Update download from WSUS stuck at 0 percent
WSUS failing to downloading updates, but, still showing the Downloading Status as complete
Remove machines from WSUS
Configuring location based GPO for WSUS updates but only for some clients
WSUS shows incorrect Needed Count (or: how to get it to 100%?)