farmeunit Posted February 28, 2013 Share Posted February 28, 2013 Had a WSUS running on Windows 2003. It stopped working and wouldn't start. Figured I would just put a new one up running on 2012 since we moved our two DCs to 2012 over winter break. Everything appears fine. I check IIS and when I check for http://wsus/xxxx/wuident.cab, the file is there. On test machines, it shows the updates being available, but it won't download them. I get a generic 08244091 (I believe, I'm not at machine now). The general consensus is that it's a network error of some kind, but I cannot figure out what is going on. I disabled the firewall to test, and same issue. GP is set correctly with port 8530 in the URL. Machines are checking in with the WSUS server. It's showing 100 of them so far. Nothing stands out in the log file to me, but this is first time I've set one up. Mostly Win7 64-bit clients with a few XP which will be moving to Win7, so Win7 is my focus. I can post more info as requested, I just wasn't sure where to start. I can post log files if necessary. Link to comment Share on other sites More sharing options...
sc302 Veteran Posted February 28, 2013 Veteran Share Posted February 28, 2013 If the group policy is set properly, what have you done with the updates. What have you approved? What do you have set to auto approve? Nothing? well then nothing will be done or pushed. Other than that you need eventlog data to be able to troubleshoot further. How often are you checking for updates? Manually, once a day, etc... Link to comment Share on other sites More sharing options...
TPreston Posted February 28, 2013 Share Posted February 28, 2013 Also if you have a network firewall ensure that's not blocking downloads (if you only add the https port it will fail like this) Link to comment Share on other sites More sharing options...
farmeunit Posted February 28, 2013 Author Share Posted February 28, 2013 No internal firewall except Windows. All outbound traffic is allowed for servers. Servers automatically download nightly. I also manually downloaded updates. They show on severs. Firewall on server is off for troubleshooting. Critical and security updates are all approved. The clients see that updates are available. They just won't download. I will post logs tonight Link to comment Share on other sites More sharing options...
majortom1981 Posted February 28, 2013 Share Posted February 28, 2013 Keep in mind it can take a couple of days for the wsus server itself to download the actual updates. The listing of updates will be there but the updates themselves wont be. Try in 24 hours. depending on your internet connection it can take a while for the wsus server to download the updates. Link to comment Share on other sites More sharing options...
farmeunit Posted February 28, 2013 Author Share Posted February 28, 2013 I set this up about 4 days ago, so I'm assuming everything should have downloaded OK by now? We have 100Mb connection, also. Files: https://www.dropbox.com/sh/oroa8pe7b5ws2ns/eWV8mecYuB I've Googled the errors, I'm just not grasping how they're all related, I guess. Link to comment Share on other sites More sharing options...
farmeunit Posted February 28, 2013 Author Share Posted February 28, 2013 Actually, looking through the log, I still see some entries for the old server. It shows the new one, also. Any ideas on that? wsus.wprii.local:8530 is new old wpstaff is the old one I saw the new server in there so didn't worry about it. Anyone know a way to remove instances of the old server from the registry? Or possibly another way to fix this? We plan on doing school wide imaging over the summer if there isn't a fix for this, but would like to get going for any clients that we haven't transferred by then. Link to comment Share on other sites More sharing options...
farmeunit Posted March 1, 2013 Author Share Posted March 1, 2013 OK. Set a registry key using this KB: http://support.microsoft.com/kb/328010 Changed WPSTAFF to wsus.wprii.local:8530. Now it's downloading updates and installing. Wonder why that doesn't get changed by GPO when it DOES change somewhere? I can push out new registry key with ZENworks, but wonder if I should do anything else? I can stop and restart the service and delete the SoftwareDistribution folder, but is that necessary? Anything else I should consider? I uploaded my new Windows Update log from the client. I'm still getting an error with 8 updates, but had 13 others that it didn't see before, and they installed and updated fine. Link to comment Share on other sites More sharing options...
Dan~ Posted March 4, 2013 Share Posted March 4, 2013 Hmm it all sounds rather wrong, and to be honest it sounds like a GP issue more than anything else tbh. Check out the windows update log on two random PC's it should list any errors on there. IT might be worth deleting the SoftwareDistrubtion on a test PC aswell then work from there Also, it may even be worth updating the WindowsUpdateAgent as you've gone to 2012. Thats where I'd start initially before playing about in the registry Link to comment Share on other sites More sharing options...
Recommended Posts