Trouble shooting, logging

 

WSUS uses the following logs:

• Application event log: By opening the Application logs in the Event Viewer on the WSUS system, you can find errors related to synchronization, Update Services console errors, and WSUS database errors.
• C:\Program Files\Update Services\LogFiles\Change.txt: This log stores the record of every update installation, synchronization, and WSUS configuration change.
• C:\Program Files\Update Services\LogFiles\softwareDistribution.txt: This is a detailed log file usually used by Microsoft Support to debug a problem.

Client side:

  1. If WSUS is having problems synchronizing with Windows Update, open Windows Update on the server and see if you can download and install updates.
  2. If you have a particular client having problems
    • verify that that client is connecting to the correct WSUS server.
    • You can review the group policy results for the computer
    • you can review the C:\Windows\WindowsUpdate.log file.
    • You can verify that a client can connect to the WSUS server by opening the following WSUS URL with Internet Explorer:
      http://WSUSServerName:8530/selfupdate/iuident.cab
  3. If you are prompted to download the file, you are connecting the WSUS server, which would rule out connectivity problems and name-resolution problems.
  4. Lastly, look at the System logs and the Application logs in the client’s event viewer.
  5. If you make changes and you want to the changes to take effect immediately, you need to restart the Windows Update service.
    To restart this service, you can use the Services console,or you can use the following two commands:
Net stop wuauserv
Net start wuauserv
  • To make the Windows Update service query the WSUS server, you can run the following command:
    Wuauclt /detectnow
  • Of course, after you start the services or start a query, you should then look at the client logs.
  • If you are using client-side targeting and change group membership, use the following command to check for updates and to update the WSUS update computer group membership:
    Wuauclt /resetauthorization /detectnow
  • Lastly, to look at the installed updates that have been installed, you can use the Control Panel. Similarly, if an update is problematic, you can also use the Control Panel to remove the update.

Example1

When you try to update from client machine and get the error code:

 

checking for windows updates. error coded 8024402C

 

Method 1: Temporarily disable the Security software and see if the issue persists.

a: Press Windows logo + Q to open the search box.

b: Now click Settings and then type Action center, hit enter.

c: Click the Chevron next to security.

d: Turn off the Anti-virus installed on the computer.

 

Method 2: Perform steps mentioned below and see if it helps.

a: On the Start screen, type cmd. Alternatively, swipe in from the right, tap or click Search, and then type c.

b: Tap or click cmd in the search results.

c: At the command prompt, type the following commands, and press Enter after each command:

net start bits                    // this worked for me!!

net start wuauserv

 

Changing the Location where You Store Update Files Locally

You might need to change the location where WSUS stores updates locally. This might be required if the disk becomes full and there is no longer any room for new updates. You might also have to do this if the disk where updates are stored fails and the replacement disk uses a new drive letter.

You accomplish this move with the movecontent command of WSUSutil.exe, a command-line tool that is copied to the file system of the WSUS server during WSUS Setup. By default, Setup copies WSUSutil.exe to the following location:

WSUSInstallationDrive:\Program Files\Microsoft Windows Server Update Services\Tools\

You must be a member of the local Administrators group on the WSUS server to use the movecontent command of WSUSutil.exe. These operations can only be run from the WSUS server itself, which must be a 32-bit platform.

You must create the new path for local WSUS update storage prior to using WSUSutil.exe. The movecontent command takes an optional -skipcopy parameter. The -skipcopy parameter enables you to change the location of local WSUS update storage without copying any files. For more information about WSUSutil.exe, see Deploying Microsoft Windows Server Update Services.

  1. Click Start, and then click Run.
  2. In the Open box, type cmd, and then click OK.
  3. At the command prompt, navigate to the directory that contains WSUSutil.exe.
  4. Type the following, and then press ENTER: wsusutil.exe movecontent contentpath logfile [-skipcopy]For example, type: wsusutil.exe movecontent D:\WSUS1\ D:\move.log
    where D:\WSUS1 is the new path for local WSUS update storage, and D:\move.log is the path to the log file.

 

WSUS can not download updates from Microsoft site
  1. check the proxy server setting. in the left pane click ” Options”, in the middle pane click Update Source and Proxy Server, then Proxy server.
  2. open Control panel, then Network and Internet, click  Internet Options. Click the Security tab, and then click Internet Zone > Custom Level. In the Downloads section, select Enable for File Download, and then click OK.

 

The %windir%\SoftwareDistribution\Download folder is automatically maintained by the WUAgent. In addition, the Datastore contains all of the Windows Update History for the client system.

C:\Windows\SoftwareDistribution\DataStore\DataStore.edb

It may grow to several Gigabyte, so you need to delete it and free up some disk space.

You can stop the Update service, then just delete the contents of the DataStore folder. Additionally I would also delete the contents of the Downloads folder. Then restart the service and run Windows updates again. The file should then get recreated, but it should be a lot smaller to begin with.

For a complete cleaning (clearing also the whole update history):
1.net stop wuauserv
2.delete all files inside the C:\Windows\SoftwareDistribution\Download directory
3.delete the DataStore.edb into C:\Windows\SoftwareDistribution\DataStore
4.net start wuauserv

Related: https://social.technet.microsoft.com/Forums/windowsserver/en-US/f5744a18-d4ca-4631-8324-878b9225251d/windowssoftwaredistribution-folder-cleanup-automation?forum=winserverwsus

Windows 10 client recognised as windows vista

Hotfix here, https://support.microsoft.com/en-us/help/3095113/update-to-enable-wsus-support-for-windows-10-feature-upgrades

 

0x8024401c Error

 2019/06/01 12:49:17.4369565 1188 2444 ProtocolTalker Failed to initialize Simple Targeting Cookie 0x8024401c
 2019/06/01 12:49:17.4369618 1188 2444 ProtocolTalker PopulateAuthCookies failed 0x8024401c
 2019/06/01 12:49:17.4369628 1188 2444 ProtocolTalker RefreshCookie failed 0x8024401c
 2019/06/01 12:49:17.4369650 1188 2444 ProtocolTalker RefreshPTState failed 0x8024401c
 2019/06/01 12:49:17.4369663 1188 2444 ProtocolTalker PTError: 0x8024401c
 2019/06/01 12:57:17.4594793 1188 2444 Misc Got WSUS Client/Server URL: http://8462wu01:8530/ClientWebService/client.asmx""
 2019/06/01 12:57:17.4595249 1188 2444 ProtocolTalker OK to reuse existing configuration
 2019/06/01 12:57:17.4595320 1188 2444 ProtocolTalker Cached cookie has expired or new PID is available
 2019/06/01 12:57:17.4595445 1188 2444 Misc Got WSUS SimpleTargeting URL: http://8462wu01:8530""
 2019/06/01 12:57:17.4597757 1188 2444 ProtocolTalker Initializing simple targeting cookie, clientId = 6fba1865-8087-4c11-b1d7-70fd70020899, target group = <NULL>, DNS name = xxx.xxx.xxx.xxx
 2019/06/01 12:57:17.4597772 1188 2444 ProtocolTalker Server URL = http://8462wu01:8530/SimpleAuthWebService/SimpleAuth.asmx
 2019/06/01 12:57:17.4597829 1188 2444 WebServices Auto proxy settings for this web service call.
 2019/06/01 12:57:38.4858606 1188 2444 WebServices WS error: There was an error communicating with the endpoint at 'http://8462wu01:8530/SimpleAuthWebService/SimpleAuth.asmx'.
 2019/06/01 12:57:38.4858901 1188 2444 WebServices WS error: The operation timed out
 2019/06/01 12:57:38.4858928 1188 2444 WebServices Web service call failed with hr = 8024401c.
 2019/06/01 12:57:38.4858935 1188 2444 WebServices Current service auth scheme=0.
 2019/06/01 12:57:38.4858941 1188 2444 WebServices Current Proxy auth scheme=0.
 2019/06/01 12:57:40.4936673 1188 2444 WebServices Auto proxy settings for this web service call.

Solution:

User command Wuauclt /resetauthorization /detectnow

 

An error occured trying to connect the WSUS server. This error can happen for a number of reasons. Check connectivity with the server. Please contact your network administrator if the problem persists.

 

Close the WSUS MMC, delete files in User\AppData\Roaming\Microsoft\MMC

This could be due to host performance: CPU

  • Open Command Prompt as administrator.
  • Run the following command:
    CD “C:\Program Files\Update Services\Tools”
  • Followed with:
    wsusutil.exe postinstall /servicing
  • Restart the WSUS Server.

 

The proxy server environment does not support the HTTP 1.1 range request feature.

Issue is described here: https://support.microsoft.com/en-us/help/922330/error-message-when-you-try-to-download-a-file-by-using-the-background

Temporary Solution Steps:
1. Install SQL Management Studio and run it
2. Connect to the DB:
\\.\pipe\mssql$microsoft##ssee\sql\query
3. Run following command on SUSDB:
UPDATE tbConfigurationC SET BitsDownloadPriorityForeground=1
4. Restart Windows Update Service

Notice:
The solution above worked for me on Windows 2008 R2 Server. But actually you could probably also do it with the solution below.  The advantage of it would be that you don’t need to install SQL Management Studio on the Server.

Solution for Windows 2012 or Later (tested on windows 2019 by now):

1. Download and install following packages from Microsoft SQL Server 2012 SP1 Feature Pack ( https://www.microsoft.com/en-us/download/details.aspx?id=35580 )
DEU\x64\sqlncli.msi
DEU\x64\SqlCmdLnUtils.msi

2.  Create a SQL query file “C:\Temp\WSUS_SetBitsDownloadForeground.sql” with following content:

USE SUSDB;
UPDATE tbConfigurationC SET BitsDownloadPriorityForeground=1;

3. Open the CMD and run the query on the Windows Internal Database (WID):

C:\Program Files\Microsoft SQL Server\110\Tools\Binn>SQLCMD.EXE -S \\.\pipe\Microsoft##WID\tsql\query -i C:\Temp\WSUS_SetBitsDownloadForeground.sql

4. net stop wuauserv
5. net start wuauserv

 

SCCM

The WSUS is an excellent tool to push updates to the clients, but it is not the only tool available from Microsoft. The System Center Configuration Manager (SCCM), formerly known as System Management Server (SMS), is a more versatile system that can provide remote control, patch management, software distribution, operating system deployment, network access protection, hardware inventory, and software inventory.

Note that SCCM is not free.

To get the full capability of SCCM, SCCM uses an agent that must be installed on each computer.
The agent can be pushed out from the SCCM console or can be pushed using group policies. If you have multiple sites, you can set up distribution points at the various sites so that updates, software packages, and operating system packages have to be pushed to the site only once and the local clients can receive the packages from the local distribution point.
When synchronizing updates with Windows Update, SCCM actually uses WSUS.

However, while you install WSUS, it remains unconfigured, and SCCM is installed on top of WSUS.

Fore more about SCCM, check here:http://frankfu.click/microsoft/system-center-configuration-managersccm.html

Reference
  1. Step by step, guide to get start with WSUS: (https://technet.microsoft.com/en-us/library/cc708519%28v=ws.10%29.aspx)
  2. Deploy WSUS in your organization

https://technet.microsoft.com/en-us/library/hh852344.aspx

https://technet.microsoft.com/en-us/library/hh852344(v=ws.11).aspx

       3. Complete guide to admin WSUS: https://support.microsoft.com/en-gb/help/4490644/complete-guide-to-microsoft-wsus-and-configuration-manager-sup-maint

4. Client Side: https://docs.microsoft.com/en-us/windows/deployment/upgrade/resolution-procedures

Pages: 1 2 3