Hello,
This is my first post and I'm hoping someone can help please.
I'm a WSUS Admin that utilises the AJtek WAM Script that is set to run daily (automatic) and monthly (manual). Our WSUS is set up utilising Active Directory and GPO's. This has been working great for some years; until recently, where we have had several instances of every update being re-downloaded again from Microsoft, and consequently all approvals are reset to "unapproved". I don't know if there is a commonality in the monthly script being run, or the fact that management has recently forced WSUS to operate over HTTPS protocol via GPO (change made roughly 3-4 months ago).
This has happened 4 times in about 6 months, and each time I have to manually go through some 8500 updates by hand, re-approving all required feature packs, cumulative updates, critical updates, security updates etc and declining updates no longer needed i.e. old Win 10 version prior to 20H2, language packs (only have English specified in classifications but it downloads every language possible anyway) etc. This requires an enormous amount of administrative overhead - repeatedly, and it's starting to get really frustrating having to repeat this process every single time this issue occurs. If we decline an update, and the WAM script removes it, we don't want to see it again. Similarly, if we approve an update, be it to a test-container or otherwise; we don't want to have to repeat that approval - ever.
So my questions are:
1) Why does this keep happening
2) How can I prevent it happening moving forward
Here's a screenshot of the most recent occurrence:
][1]
Note the sync error, and then the one above it where every update is imported again.
Any advice very much appreciated
Kind Regards
A suffering WSUS Admin.


