troubleshooting WSUS Agents that are not reporting to the WSUS server
The WSUS client agent may not report to the WSUS server for many reasons. Here I'll go through some of the reasons and how you can troubleshoot the process. There are also some situations you may run into where some or all clients stop reporting to the server and these steps will also help for those scenarios as well.
1. Make sure that the client has the proper WSUS settings
On the client run gpresult or rsop.msc to make sure that the details of the WSUS server exist. If not then a couple possible causes include:
The system does not have the group policy from the Domain.
The Group Policy is not been targeted to the client system.
To address this, you need to make sure that the group policy is successfully updated on each client and that the WSUS setting is properly configured. For more information on this see the following TechNet documentation:
Once you have made sure that the WSUS settings are configured correctly you can move on to next step.
2. Make sure that the agent services are up and running
You need to make sure that the WSUS agent service (Automatic Updates) and BITS (Background Intelligent Transfer Service) are running. The System\Application event viewer events can help you identify and troubleshoot this issue. If you suspect your issue may be related to issues with the Automatic Update or BITS services, here are few links that can be helpful in troubleshooting these types of issues:
KB331716 - List of known issues for Background Intelligent Transfer Service (BITS)
KB969632 - Background Intelligent Transfer Service (BITS) does not start in Windows XP, and you receive a message in the System log: "The Background Intelligent Transfer Service service terminated with service-specific error 2147500037 (0x80004005)"
KB883614 - You receive a "Windows Update has encountered an error and cannot display the requested page" error message when you try to install an update
KB959894 - Error message: “The necessary service "Automatic Updates" (WUAUSERV) is not started or Background Intelligent Transfer Service (BITS) is disabled. Error 0x8DDD0018” or Error codes 0x80244019 or 0x80070422 when attempting to install updates.
3. Make sure the WSUS server is reachable from the client
There is network related issue (e.g. there's a proxy configuration issue, etc.).
One of the most common issues we see is the proxy issue. For that you can check the windowsupdate.log (C:\windows\) and see if there are any proxy related errors. If yes then you can run the proxycfg command to check the win http proxy settings. For more information on the proxycfg command you can check the following link:
Most of the clients will have the proxycgf utility but if not then you can download it here:
KB830605 - The Proxycfg.exe configuration tool is available for WinHTTP 5.1
If you are finding proxy errors then what you can do is go to Internet Explorer –> Tools -> Connections –> LAN Settings and configure the correct proxy and make sure you can reach the WSUS URL specified. Once done you can copy these user proxy settings to the win http proxy settings using the proxycfg –u command.
Once the proxy settings are specified you can run wuauclt /detectnow and check the windowsupdate.log for errors.
4. Make sure the agent is healthy and working
If you still have errors you can check the windows update agent version. The details on how to do this are here:
You can also use the utility provided in KB971058 that will help you to sort out most of the issues with the agent. Once you've run the fix or updated the agent you can run wuauclt /detectnow and check the windowsupdate.log to make sure there is no issues.
5. Automatic Update Agent Store is corrupted
When we have issues with the ability to download updates and we're experiencing errors relating to the software distribution store then try the following on the client:
a. Stop the Automatic Updates service b. Rename the software distribution folder (i.e. C:\Windows\SoftwareDistribution). c. Restart the Automatic Update service d. Run wuauclt /resetauthorization /detectnow e. Run wuauclt /reportnow
6. Clients with the Same SUSclient ID
This issue can happen when we image systems and the clients end up having the same SUSclientID. The result is that only one among these clients will appear in the console. You may also see that out of a group of these clients, only one appears at a time but the exact one that does appear may change over time. For those clients that are not registering due to the SUS GUID issue we can use the following:
a. Stop the automatic service b. Delete the SUSclientID reg key