PENDING Computer cannot contact wsus

wmonta6d

Member
7
0
1
Hello,

Please i need your help,
my architecture is : sccm server and wsus server (2 servers differents) and 5 distributions point.
all computers bypass sccm server and download updates from wsus directly, so i reinstllaed wsus with all rols but now 0 computers on wsus console, i have a GPO to define the wsus for computers.
any one can help me to define why the computers cannot communicate with wsus ?
 

Chrisc01

Member
5
0
1
Right. To start with, what are you actually wanting to do?
If you have a GPO that is pointing clients to download updates from a WSUS server, any computer that applies to will do that very thing.

The Sccm client only gives a local policy. GPO will take precedence over a local policy.

What was your reasoning to removing the wsus role in the first place?

What process did you do to reinstall wsus?

Have you checked the windowsupdate.log to check what the client is doing and if it’s failing to communicate with the wsus server.

Try a simple wuauclt /reportnow
Then check the logs.

Also if you want to see what your Sccm client is doing with regards to windows updates check the wuahandler log in the ccm directory.

You should not however be making changes like removing a wsus server on a live environment without a plan and a backup plan. Especially if you don’t have the fundamental understanding on the function of it.

You also want to check the policy for your wsus intranet location, compared to what your current wsus server is.
 

Chrisc01

Member
5
0
1
Hello,

Please i need your help,
my architecture is : sccm server and wsus server (2 servers differents) and 5 distributions point.
all computers bypass sccm server and download updates from wsus directly, so i reinstllaed wsus with all rols but now 0 computers on wsus console, i have a GPO to define the wsus for computers.
any one can help me to define why the computers cannot communicate with wsus ?
If you can gather some info and provide that, people could help you possibly, but we need information. We need for example what your goal is, why you have done what you have done, and what exactly did you do.

For example are the computers actually getting the wsus policy? Check with gpresult. You can also check the registry for the wsus server specified by the policy. Is this an old policy or one you have changed recently?
 
OP
W

wmonta6d

Member
7
0
1
Hello Chris,
thank you for your reply.
I want to achieve the following goal:
when i deploy an update, the computers should check for the update on the distribution points, not the wsus server.
I used a backup of the servers (sccm and wsus) to return to the initial configuration. I don't know what it takes to get there (I just started with this new business).
I'll give you a wuahandler extract
I have disabled the global policy and I can see that the local policy forced by the sccm client is present
 

Attachments

  • wuahandler.JPG
    wuahandler.JPG
    97.6 KB · Views: 1
OP
W

wmonta6d

Member
7
0
1
the current problem, as soon as i deploy updates, computers will directly fetch updates from wsus instead of distirbution points and generate bandwidth saturation
 

Chrisc01

Member
5
0
1
Hello Chris,
thank you for your reply.
I want to achieve the following goal:
when i deploy an update, the computers should check for the update on the distribution points, not the wsus server.
I used a backup of the servers (sccm and wsus) to return to the initial configuration. I don't know what it takes to get there (I just started with this new business).
I'll give you a wuahandler extract
I have disabled the global policy and I can see that the local policy forced by the sccm client is present
This link might help you if you go through it.