Share via

Devices stuck in unknown state of deployment

Easy Debit 1 Reputation point
2020-08-27T01:08:40.687+00:00

Hello,

I have an issue when deploying windows updates in sccm
There are multiple devices stuck in unknown state client check passed active
Most of the machine in the deployment do work

Upon examining WUAHandler log on affected machine, the only error I'm seeing is
Unable to read existing resultant WUA policy. Error = 0x80070002

With another affected machine , running the actions config manager in control panel , 'fixed' it

Another issue I'm seeing is this
Active Directory System Discovery Agent reported errors for 18 objects. DDRs were generated for 0 objects that had errors while reading non-critical properties. DDRs were not generated for 18 objects that had errors while reading critical properties.

Possible cause: The site server might not have access to some properties of this object. The container specified might not have the properties available.
Solution: Please verify the Active Directory schema for properties that are not replicated or locked. Refer to the discovery logs for more information.

Any advice would be appreciated

Microsoft Configuration Manager
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nick Hogarth 3,436 Reputation points
    2020-08-27T01:29:41.277+00:00

    Can you post the whole wuahandler.log ? Are you sure there is not a GPO targeted to those devices not working that is setting the intranet source location?

    0 comments
  2. Easy Debit 1 Reputation point
    2020-08-27T02:32:06.047+00:00

    I have checked GPOs , nothing out of the ordinary there, moreover , affected devices are from random OUs

    20665-capture.png

    0 comments
  3. Amandayou-MSFT 11,051 Reputation points
    2020-08-27T06:59:18.93+00:00

    We could check if the update is installed on the client, if it has been installed, and devices is stuck in unknown state client check passed active, we could check if connection is normal between client and MP by StateMessage.log and CCmMessaging.log.

    Here is some ways which maybe works.

    1. Stop windows update service, rename software distribution folder, start windows update service.
    2. kick off the machine policy, software deployment scan, and software update scan actions from configuration manager on each system. Also clicked find site from configuration manager to ensure that was working.
    3. after failing to see them report properly in over an hour, restarted them and tried the actions again, as well as running SUG summarization/refresh many times with no luck.
    4. redeployed the sccm client to each system using the uninstall checkbox, waited 20 minutes, ran the summarization and to check if fix the issue.

    If the response is helpful, please click "Accept Answer" and upvote it.