SCCM Weird software scan error 0x80244017

CUCOOPE 186 Reputation points

Hi. Our site recently updated from SHA1 to SHA256 and the site server just migrated from 1906 to 2103. After installing the clients on the machine in order to point to the new sccm server, we’ve encountered a weird issue regarding software updates scan.

We have deployed some update patches to the clients and after a while, we can see that many clients has reported “compliant” for the patch deployment but some clients still reports “unknown” for the deployment status. Looking at WUAHander.log on the “Unknown” machines, we can see that it said “Scan failed with error 0x80244017”. After a bit of research, it seems that it is because of some connectivity issue. But our environment didn’t use a proxy server and the clients can access the urls suggested here. What’s worse is that there weren’t any “patterns” regarding the clients that can report “success” and those with “unknown” status. Some “unknown” clients even have the same GPO applied, same firewall settings and are neighbours on the ip address! (e.g. 192.168.x.101 and 192.168.x.102). We’ve tried re-installing the client but still no luck.

We use SSL in our environment and we can see in WUAHander.log that it is using the correct port (port 8531) for connection. Has anyone encountered similar issue? Thanks!

Microsoft Configuration Manager Updates
Microsoft Configuration Manager Updates
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
981 questions
Microsoft Configuration Manager
0 comments No comments
{count} votes

Accepted answer
  1. CUCOOPE 186 Reputation points

    Hi, thanks for replying.
    Unfortunately although we didn’t use SSL when this question was posted, using SSL still produces the same problem. But after a bit more research, I’ve run the Windows Update troubleshooting tools in the control panel and the tool fixed the problem.

1 additional answer

Sort by: Most helpful
  1. Amandayou-MSFT 11,051 Reputation points


    As mentioned, we use SSL in our environment, so please check if SSL certificate of 8531 is binded in IIS. Kindly refer to this picture:


    If not, please bind SSL certificate.

    And check whether the client could access the SimpleAuthWebService virtual directory. The URL should resemble the following URL

    If it could not connect SimpleAuthWebService virtual directory, what does the page show as an error?

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments