Update: Unfortunatly I was never able to fix this problem, I am fairly confident that some mistake was made when installing it or porting the computers and authorization across. After several re-installs, I ended up installing it on the Default Website with SSL and re-authorizing all of the patches, fortunatly this wasn't too painful and it seems to have fixed a couple of other irritating patches that didn't install.
I have recently moved WSUS from one server to a new server (disk space requirements). Unfortunatly it seems that there is a communications problem with new clients (XP SP2) connecting to the server. Group policy has been updated and old clients are using the new server, at least they are showing up in the new server console and being offered updates.
I can use Internet Explorer to navigate to each of:
http://update.cncs.co.uk/selfupdate/wuident.cab https://update.cncs.co.uk:8531/selfupdate/wuident.cab http://update.cncs.co.uk:8530/selfupdate/wuident.cab
There are no relevant errors in the Event Logs and I can't use WsusDebugTool as it is an W2K3 x64 server, although I would appreciate it if anyone could point me towards an alternative.
I have tried the following steps:
- Reset the WSUS Client (steps at the bottom of this post).
- Cleared the proxy configuration (proxycfg -d).
- Checked the WUAU registry entries (HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate).
- Deleted the registry entires then reset the WSUS Client.
- Manually installed XP SP3 and .NET 2.0.
Thanks.
WindowsUpdate.log
2009-08-27 12:44:20+0100 448 680 ChangeServiceConfig for wuauserv succeeded
2009-08-27 12:44:44+0100 1012 420 Service Main starts
2009-08-27 12:44:44+0100 1012 420 Using BatchFlushAge = 31134.
2009-08-27 12:44:44+0100 1012 420 Using SamplingValue = 446.
2009-08-27 12:44:44+0100 1012 420 Successfully loaded event namespace dictionary.
2009-08-27 12:44:44+0100 1012 420 Successfully loaded client event namespace descriptor.
2009-08-27 12:44:44+0100 1012 420 Successfully initialized local event logger. Events will be logged at C:\WINDOWS\SoftwareDistribution\ReportingEvents.log.
2009-08-27 12:44:44+0100 1012 420 Successfully initialized NT event logger.
2009-08-27 12:44:44+0100 1012 420 Successfully initialized event uploader 0.
2009-08-27 12:44:44+0100 1012 420 Successfully initialized event uploader 1.
2009-08-27 12:44:44+0100 1012 420 WU client with version 5.4.3790.5512 successfully initialized
2009-08-27 12:44:44+0100 1012 420 Service status is now SERVICE_RUNNING
2009-08-27 12:44:44+0100 1012 554 Failed to open event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin for reading with hr = 80070002.
2009-08-27 12:44:44+0100 1012 554 Attempted to delete event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin but the file could not be found. hr = 80070002.
2009-08-27 12:45:01+0100 2040 59c Trying to make out of proc datastore active
2009-08-27 12:45:03+0100 2040 59c Service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 added
2009-08-27 12:45:03+0100 2040 59c Service 9482F4B4-E343-43B6-B170-9A65BC822C77 added
2009-08-27 12:45:03+0100 2040 59c Data store successfully created
2009-08-27 12:45:03+0100 2040 59c Out of proc datastore is now active
2009-08-27 12:45:03+0100 1012 280 Client Call Recorder finished delayed initialization
2009-08-27 12:45:03+0100 1012 280 Setting AU scheduled install time to 2009-08-27 14:00:00
2009-08-27 12:45:03+0100 1012 280 AU finished delayed initialization
2009-08-27 12:45:03+0100 1012 280 Triggering AU detection through DetectNow api
2009-08-27 12:45:03+0100 1012 420 AU received event of 1
2009-08-27 12:45:03+0100 1012 420 WU client succeeds CClientCallRecorder::BeginFindUpdates from AutomaticUpdates with call id {D787A8BB-40D5-4B6B-B9F4-BB2ABBDD11CF}
2009-08-27 12:45:03+0100 1012 6ac WU client executing call {D787A8BB-40D5-4B6B-B9F4-BB2ABBDD11CF} of type Search Call
2009-08-27 12:45:04+0100 1012 6ac Send failed with hr = 80072efd.
2009-08-27 12:45:04+0100 1012 6ac SendRequest failed with hr = 80072efd. Proxy List used: Bypass List used :
2009-08-27 12:45:05+0100 1012 6ac Send failed with hr = 80072efd.
2009-08-27 12:45:05+0100 1012 6ac SendRequest failed with hr = 80072efd. Proxy List used: Bypass List used :
2009-08-27 12:45:06+0100 1012 6ac Send failed with hr = 80072efd.
2009-08-27 12:45:06+0100 1012 6ac SendRequest failed with hr = 80072efd. Proxy List used: Bypass List used :
2009-08-27 12:45:07+0100 1012 6ac Send failed with hr = 80072efd.
2009-08-27 12:45:07+0100 1012 6ac SendRequest failed with hr = 80072efd. Proxy List used: Bypass List used :
2009-08-27 12:45:07+0100 1012 6ac DownloadFileInternal failed for https://update.cncs.co.uk:8531/SelfUpdate/wuident.cab: error 0x80072efd
2009-08-27 12:45:07+0100 1012 6ac IsUpdateRequired failed with error 0x80072efd
2009-08-27 12:45:07+0100 1012 6ac OS Version = 5.1.2600.3.0.65792
2009-08-27 12:45:07+0100 1012 6ac Computer Brand = Hewlett-Packard
2009-08-27 12:45:07+0100 1012 6ac Computer Model = HP Compaq dx2450 Microtower PC
2009-08-27 12:45:07+0100 1012 6ac Bios Revision = 5.19
2009-08-27 12:45:07+0100 1012 6ac Bios Name = Phoenix - AwardBIOS v6.00PG
2009-08-27 12:45:07+0100 1012 6ac Bios Release Date = 2008-11-03T00:00:00
2009-08-27 12:45:07+0100 1012 6ac Locale ID = 1033
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: iuengine.dll = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuapi.dll = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuauclt.exe = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuauclt1.exe = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuaucpl.cpl = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuaueng.dll = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuaueng1.dll = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wuauserv.dll = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac ClientVersion: wucltui.dll = 5.4.3790.5512
2009-08-27 12:45:07+0100 1012 6ac PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2009-08-27 12:45:07+0100 1012 6ac PT: Using server URL https://update.cncs.co.uk:8531/ClientWebService/client.asmx
2009-08-27 12:45:07+0100 1012 6ac PT: Calling GetConfig on server
2009-08-27 12:45:07+0100 1012 6ac Add header for accept-encoding: xpress succeeded
2009-08-27 12:45:07+0100 1012 6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:45:07+0100 1012 6ac PT: Using server URL https://update.cncs.co.uk:8531/SimpleAuthWebService/SimpleAuth.asmx
2009-08-27 12:45:07+0100 1012 6ac DetectCompressionType returning type 0, hr=0x1
2009-08-27 12:45:07+0100 1012 6ac Add header for accept-encoding: xpress succeeded
2009-08-27 12:45:07+0100 1012 6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:45:07+0100 1012 6ac Add header for accept-encoding: xpress succeeded
2009-08-27 12:45:07+0100 1012 6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:45:07+0100 1012 6ac Add header for accept-encoding: xpress succeeded
2009-08-27 12:45:07+0100 1012 6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:45:07+0100 1012 6ac Add header for accept-encoding: xpress succeeded
2009-08-27 12:45:07+0100 1012 6ac DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:45:07+0100 1012 6ac Parse failed: error 0x80070057
2009-08-27 12:45:07+0100 1012 6ac Parse failed with 0x80070057
2009-08-27 12:45:07+0100 1012 6ac Sync of Updates: 0x80070057
2009-08-27 12:45:07+0100 1012 6ac WU client failed Searching for update with error 0x80070057
2009-08-27 12:45:07+0100 1012 6ac Search Callback Failed, hr is 0x80070057
2009-08-27 12:45:07+0100 1012 6ac Setting next AU detection timeout to 2009-08-27 16:45:07
2009-08-27 12:45:07+0100 1012 6ac Setting AU scheduled install time to 2009-08-27 14:00:00
2009-08-27 12:45:07+0100 1012 6ac WU client calls back to search call AutomaticUpdates with code Call failed and error 0x80070057
2009-08-27 12:45:07+0100 1012 6ac WU client completed and deleted call {D787A8BB-40D5-4B6B-B9F4-BB2ABBDD11CF}
2009-08-27 12:45:12+0100 1012 6ac REPORT EVENT: {6AA7A975-DA29-4299-AE53-ADDCC46606C8} 17 2009-08-27 12:45:07+0100 1 148 101 {D67661EB-2423-451D-BF5D-13199E37DF28} 0 80072efd SelfUpdate Failure Software Synchronization Error: Agent failed detecting with reason: 0x80072efd
2009-08-27 12:45:12+0100 1012 6ac REPORT EVENT: {3AB34C95-17CD-4010-A9A5-D5865E4525E5} 18 2009-08-27 12:45:07+0100 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80070057 AutomaticUpdates Failure Software Synchronization Error: Agent failed detecting with reason: 0x80070057
2009-08-27 12:45:12+0100 1012 6ac Reopened existing event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin for writing.
2009-08-27 12:45:12+0100 1012 6ac Reopened existing event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{256805A3-A1CC-421B-857B-CD029A389CBA}.bin for writing.
2009-08-27 12:45:29+0100 1012 420 start delayed initialization of WU client
2009-08-27 12:47:11+0100 1012 554 Successfully opened event cache file at C:\WINDOWS\SoftwareDistribution\EventCache\{105317BC-5119-4124-91D1-D9151F30194C}.bin for reading.
2009-08-27 12:47:11+0100 1012 554 PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2009-08-27 12:47:11+0100 1012 554 PT: Using server URL https://update.cncs.co.uk:8531/ClientWebService/client.asmx
2009-08-27 12:47:11+0100 1012 554 PT: Calling GetConfig on server
2009-08-27 12:47:11+0100 1012 554 Add header for accept-encoding: xpress succeeded
2009-08-27 12:47:11+0100 1012 554 DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:47:11+0100 1012 554 PT: Using server URL https://update.cncs.co.uk:8531/SimpleAuthWebService/SimpleAuth.asmx
2009-08-27 12:47:11+0100 1012 554 DetectCompressionType returning type 0, hr=0x1
2009-08-27 12:47:11+0100 1012 554 Add header for accept-encoding: xpress succeeded
2009-08-27 12:47:11+0100 1012 554 DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:47:11+0100 1012 554 Add header for accept-encoding: xpress succeeded
2009-08-27 12:47:11+0100 1012 554 DetectCompressionType returning type 1, hr=0x0
2009-08-27 12:47:11+0100 1012 554 PT: Using serverID {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
2009-08-27 12:47:11+0100 1012 554 Failed to obtain cached url with hr = 80248008.
2009-08-27 12:47:11+0100 1012 554 Failed to upload events with hr = 80248008.
ClientDiag.exe
WSUS Client Diagnostics Tool
Checking Machine State
Checking for admin rights to run tool . . . . . . . . . PASS
Automatic Updates Service is running. . . . . . . . . . PASS
Background Intelligent Transfer Service is not running. PASS
Wuaueng.dll version 5.4.3790.2180 . . . . . . . . . . . PASS
This version is SUS 1.0
Checking AU Settings
AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
Option is from Policy settings
Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy
http=
User IE ProxyByPass
www.cncs.co.uk;intranet.cncs.co.uk;intranet;*.cncs.co.uk;*.brigh
ton-hove.gov.uk;*.brighton-hove.sch.uk;10.60.*;
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use
Checking Connection to WSUS/SUS Server
WUServer = https://update.cncs.co.uk:8531
WUStatusServer = https://update.cncs.co.uk:8531
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Connection to server. . . . . . . . . . . . . . . . . . PASS
WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL, &downloadBuffer) failed with hr=0x80072efd
A connection with the server could not be established
Reset WSUS Client
- run "net stop wuauserv"
- run "net stop bits"
- Clear the contents of C:\Windows\SoftwareDistribution
- Clear the contents of C:\Windows\WindowsUpdate.log
- run "net start wuauserv"
- run "net start bits"
- run "wuauclt /detectnow /resetauthorization"
Have you updated group policy to point the workstations to the new WSUS server?
Intranet Microsoft Update Service Location - located in Computer Configuration / Administrative Templates / Windows Components / Windows Update
Do the circumstances described here apply?
Similar is also described here, and may be relevant to your situation (check the last post in the thread).
Try this on the client:
Stop the Automatic Updates service.
Delete the contents of the C:\Windows\SoftwareDistribution folder.
Restart the Automatic Updates service.
Go into Internet Explorer and delete the history, cookies, and temp internet files.
Reboot then from a command prompt run wuauclt.exe /detectnow.
(and you say you can use IE to get to the sites, so I'm assuming that's from one of the clients? If not, try it from a client...making sure that the windows firewall isn't the issue)
Have you checked the IIS Logs?
c:\windows\system32\logfiles\ (site)
Where site will probably have a name like W3SVC1
After that, my next step would be top get a packet sniffer (Wireshark etc.) on the client, and if necessary on the server, and see exactly which requests are going to which ports.
If clients appear and disappear at random in the WSUS console, the SUSClientID's might be duplicated. Resolving the duplicate SUSClientID issue, or “Why don’t all my clients show up in the WSUS console?”
There are two separate WSUS team blogs (confusing!): WSUS Product Team Blog and The WSUS Support Team Blog.
Since these systems are new, meaning fresh installs, have they been put into an OU in Active Directory that has a group policy assigned that pushes out the WSUS settings?