Hi. Our site recently updated from SHA1 to SHA256 and the site server just migrated from 1906 to 2103. After installing the clients on the machine in order to point to the new sccm server, we’ve encountered a weird issue regarding software updates scan.
We have deployed some update patches to the clients and after a while, we can see that many clients has reported “compliant” for the patch deployment but some clients still reports “unknown” for the deployment status. Looking at WUAHander.log on the “Unknown” machines, we can see that it said “Scan failed with error 0x80244017”. After a bit of research, it seems that it is because of some connectivity issue. But our environment didn’t use a proxy server and the clients can access the urls suggested here. What’s worse is that there weren’t any “patterns” regarding the clients that can report “success” and those with “unknown” status. Some “unknown” clients even have the same GPO applied, same firewall settings and are neighbours on the ip address! (e.g. 192.168.x.101 and 192.168.x.102). We’ve tried re-installing the client but still no luck.
We use SSL in our environment and we can see in WUAHander.log that it is using the correct port (port 8531) for connection. Has anyone encountered similar issue? Thanks!
