WSUS Clients not reporting

Question

We have been running WSUS forever and it has been running as intended. On October 24th something happened that interrupted the operation. Seems like everything was reset and it stopped downloading update files. That has all been put back to the way it should be as far as product and classifications. We have two servers, one main and one downstream. On the downstream server all of the clients are reporting in as they should. On the main server, the clients are not reporting according to the console. I have removed a few of them and ran the refresh commands. Those clients now show as 'not yet reported'. They are getting updates however and if I have one of them check for updates, I can see the 'Last Contact' timestamp updated right away on the server . I just approved the malicious removal tool and then went to a few machines that have not reported yet, and it pulls the update in right away and installs it. Not sure what else to check for at this point, seems everything is functioning correctly besides the client reporting on the primary server. Thoughts on what else to look for?

Answer 1

Use the following page to troubleshoot your issues.

https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/

It's a very comprehensive list of things to check to resolve client side issues. Most issues are fixed with the client side script, but it sounds like you've ran that already (you mention refresh commands - but I wonder if it's the full client side script).

Answer 2

I've gone through that already, and I'm looking through some logs currently while doing additional testing. WAM is running on both servers (reference ticket 6067 on your end). If I move the client machine over to the secondary site and do a gpupdate /refresh it reports in fairly quickly. If I move it back, nothing. Assuming if I move all the clients over by changing the GPO to the other server they would show as reporting. Might do that just to test.

I am seeing this in the logs right now, unknown if it is related-

2023/11/29 07:48:44.9180990 6480 9088 Handler FAILED [80070032] Method failed [AppxPackage::Initialize:232]

2023/11/29 07:48:44.9181023 6480 9088 Handler FAILED [80070032] Method failed [AppxApplicabilityData::Initialize:549]

2023/11/29 07:48:44.9181572 6480 9088 EEHandler FAILED [80070032] EvaluateManifestBasedRule failed for update CD3CC444-9813-4CB4-8E18-322237524541.1, idExpr=57

2023/11/29 07:48:44.9181609 6480 9088 Agent FAILED [80070032] Evaluate Installed rule, updateId = {{CD3CC444-9813-4CB4-8E18-322237524541}.1}

2023/11/29 07:48:44.9193556 6480 9088 Handler FAILED [80070032] Method failed [AppxPackage::Initialize:232]

2023/11/29 07:48:44.9193587 6480 9088 Handler FAILED [80070032] Method failed [AppxApplicabilityData::Initialize:549]

2023/11/29 07:48:44.9194183 6480 9088 EEHandler FAILED [80070032] EvaluateManifestBasedRule failed for update CD3CC444-9813-4CB4-8E18-322237524541.1, idExpr=56

2023/11/29 07:48:44.9194235 6480 9088 Agent FAILED [80070032] Evaluate Installable rule, updateId = {{CD3CC444-9813-4CB4-8E18-322237524541}.1}

Doing additional testing still.

Answer 3

Just curious - have you restarted the WSUS server?

What happens if you delete the affected computer from the MMC Console and run the client side script on a client that's having this issue?

Answer 4

Also - check to see if the Reporting Web service in IIS is working properly and restart it manually.

Answer 5

Best answer here was to simply switch the two servers so that the one that isn't working correctly was now downstream. Moved all clients to the other server that is now the upstream host via a quick GPO change. Will most likely rebuild the other server at some point but the time is not longer worth trying to figure out the issue.