question

DolleEdward-3388 avatar image
0 Votes"
DolleEdward-3388 asked DolleEdward-3388 answered

2019 Servers Not Connecting to WSUS

I have built three Windows 2019 VMs and none of them are joining the WSUS server.

I have done the following troubleshooting to no avail:

Verified the servers are in the correct IP network.
Verified the servers are in the correct AD group.
Verified that the servers are part of the correct GPO and that the WSUS group policy is enabled and enforced.
Verified that the servers can reach these two links:
http://server.domain.local:8530/selfupdate/iuident.cab
http://server.domain.local:8530/ClientWebService/client.asmx
Verified that the servers can ping the WSUS servers via their domain name.
Verified that IPv6 is not enabled. It is not enabled on any of our servers.
Solarwinds is not monitoring these servers yet.
Verified that the registry key KEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\UseWUServer is set to 1.
Verified that the servers are trying to get updates from the WSUS.
No SCCM in the system.
Server Cleanup Wizard ran successfully last week.

What could be causing these not to show up?

windows-server-update-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DolleEdward-3388 avatar image
0 Votes"
DolleEdward-3388 answered AJTek-Adam-J-Marshall commented

OK, I will review it. In the meantime, any idea on why the server doesn't show up in the console? The windows update log shows the correct IP Address and port in the log and it looks like it downloaded updates from the WSUS server but I am not sure.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Check "All Computers" with status of "Any"

It's likely in here. If not, re-run the client side script - if there are duplicate WsusClientId's then this will 'populate' as "another" computer and you'll never see it.

0 Votes 0 ·
DolleEdward-3388 avatar image
0 Votes"
DolleEdward-3388 answered AJTek-Adam-J-Marshall commented

I think they are in there too. Is it better to run the WSUS console on my PC or on the WSUS server itself?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

On a client PC using RSAT tools

You should take 3 hours and watch the 2 videos from Dan Holme that I have on my guide here:

https://www.ajtek.ca/guides/role-based-access-security/

It will open your eyes on a really sweet way to manage AD - including a custom MMC that has all the snap-ins.

Windows Admin Center is the 'new way' of doing things which takes the same principals of the custom MMC, however it's not there yet - and certainly doesn't work with WSUS.

1 Vote 1 ·
DolleEdward-3388 avatar image
0 Votes"
DolleEdward-3388 answered

After running Dev server patching this past weekend the new 2019 server in this environment never ran the patches according to the GPO settings that are applied to it. I have moved it into a different OU to see if the on-prem WSUS server picks it up and will report back status tomorrow.

Any other ideas on why this is not working would be appreciated.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DolleEdward-3388 avatar image
0 Votes"
DolleEdward-3388 answered

OK, I moved one of these servers to the AD group that points to the on-prem WSUS server and it showed up.
Now I have a new question - why is the WSUS server at the hosting site not discovering new servers but the on-prem one is? The only difference I see between the two is the hosting site has WID Connectivity and WSUS Services installed and the on-prem one does not.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.