How to configure the WSUS server that use the WSUS services????

Question

Hi all,

I am trying now for a long time to configure our WSUS server here in the company.

We have the following:
Using Microsoft Server 2019 Datacenter license
Veaam backup
M365 for some users

Infra:
2 ESxi hosts
5 VLAN groups
2 domain controllers (2d domain controller is for sync/backup of 1 one.
1 sync server for AZ Hybride
1 WDS server
1 WSUS server
1 exchang sync server (only for Azure to sync accounts)

GPO's enabled as followed:

1

So my question is, how can i put the WSUS server that it goes through the WSUS update services as well? I had some issues with the clients as well. but with adding some extra GPO's it is now going through the WSUS update server.

The WSUS server it self does not go through the WSUS update services.

when i run the command on the server
PowerShell

Get-WindowsUpdateLog
[[-ETLPath] <String[]>]
[[-LogPath] <String>]
[-ProcessingType <String>]
[-ForceFlush]
[-WhatIf]
[-Confirm]
[<CommonParameters>]

the AGENT and server are (Null)
The clients where before as well (Null) now they show the server, so that is good.

thank you in advance.

2022.11.14 10:24:03.0855660 8040  8484  Agent           Datastore directory: C:\Windows\SoftwareDistribution\DataStore\DataStore.edb  
2022.11.14 10:24:03.0863190 8040  8484  DataStore       JetEnableMultiInstance succeeded - applicable param count: 5, applied param count: 5  
2022.11.14 10:24:03.1062827 8040  8484  Shared          UpdateNetworkState Ipv6, cNetworkInterfaces = 0.  
2022.11.14 10:24:03.1063993 8040  8484  Shared          UpdateNetworkState Ipv4, cNetworkInterfaces = 1.  
2022.11.14 10:24:03.1076512 8040  8484  Shared          Network state: Connected  
2022.11.14 10:24:03.2132862 8040  8484  Misc            *FAILED* [8024000C] LoadHistoryEventFromRegistry completed  
2022.11.14 10:24:03.2142043 8040  8484  Shared          UpdateNetworkState Ipv6, cNetworkInterfaces = 0.  
2022.11.14 10:24:03.2142185 8040  8484  Shared          UpdateNetworkState Ipv4, cNetworkInterfaces = 1.  
2022.11.14 10:24:03.2142342 8040  8484  Shared          Power status changed  
2022.11.14 10:24:03.2198241 8040  8484  Agent           Initializing global settings cache  
**2022.11.14 10:24:03.2198280 8040  8484  Agent           WSUS server: (null)  
2022.11.14 10:24:03.2198307 8040  8484  Agent           WSUS status server: (null)  
2022.11.14 10:24:03.2198529 8040  8484  Agent           Alternate Download Server: (null)**  

Answer 1

If WSUS itself is receiving the policy to look at your WSUS server (itself), it will communicate with it over IPv6 by default, so ensure you don't have IPv6 Disabled!
https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/

I'd recommend reading my 8 part blog series
https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-1-choosing-your-server-os/

It will guide you through the whole process.

Answer 2

i already unthicked the Internet Protocol Version 6 after the server installation.

Answer 3

You should not disable IPv6 - you should make sure it is ENABLED.
IPv6 is used by default for server-to-server communication.

https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/#IPv6Enabled

Answer 4

I have enabled it, checked your link i am at the part now with the regedit.

For example the first one i dont have, i can just create one or ? this is strange why it does not create it.

Windows PowerShell  
Copyright (C) Microsoft Corporation. All rights reserved.  
  
PS C:\Users\username> Get-ItemProperty -Path 'HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate'  
  
  
DisableWindowsUpdateAccess                   : 1  
DisableDualScan                              : 1  
DoNotConnectToWindowsUpdateInternetLocations : 1  
PSPath                                       : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\Software\Policies  
                                               \Microsoft\Windows\WindowsUpdate  
PSParentPath                                 : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\Software\Policies  
                                               \Microsoft\Windows  
PSChildName                                  : WindowsUpdate  
PSDrive                                      : HKLM  
PSProvider                                   : Microsoft.PowerShell.Core\Registry  
  
  
  
PS C:\Users\username> Get-ItemProperty -Path 'HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'  
  
  
NoAutoRebootWithLoggedOnUsers : 1  
PSPath                        : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Wind  
                                ows\WindowsUpdate\AU  
PSParentPath                  : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Wind  
                                ows\WindowsUpdate  
PSChildName                   : AU  
PSDrive                       : HKLM  
PSProvider                    : Microsoft.PowerShell.Core\Registry  
  
  
  
PS C:\Users\username> $(New-Object -ComObject "Microsoft.Update.ServiceManager").Services | Select-Object Name, IsDefaultAUService  
  
Name                      IsDefaultAUService  
----                      ------------------  
DCat Flighting Prod                    False  
Windows Store (DCat Prod)              False  
Windows Update                          True  
  
  
PS C:\Users\username>  

Answer 5

Now it reveals that this machine is not receiving a policy that sets the WSUS Server location