Hi everyone,
I got this Problem on Windows Clients, suddenly started 31.08.2025, before Windows Updates were working.
WUAHandler Log:
Group policy settings were overwritten by a higher authority (Domain Controller) to: Server and Policy NOT CONFIGURED
Failed to Add Update Source for WUAgent of type (2) and id ({F13F000E-8FAD-431C-88C0-E92BD3907C82}). Error = 0x87d00692.
Its a WSUS Update Source type ({F13F000E-8FAD-431C-88C0-E92BD3907C82}), adding it. WUAHandler
Unable to read existing resultant WUA policy. Error = 0x80070002.
Enabling WUA Managed server policy to use server: https://Correct-WSUS!:8531
Could not check enrollment url, 0x00000001:
SourceManager::GetIsWUfBEnabled - There is no Windows Update for Business settings assignment. Windows Update for Business is not enabled through ConfigMgr
No Policy nor Settings were changed during that time.
Updates work fine on Servers and some Clients.
I already tried the common steps (registry.pol etc.)
Client Settings are correct and deployed to the respective Clients.
There are no GPOs or other settings regarding WSUS.
The registry settings for WSUS on the affected Clients are actually empty, the SCCM does not apply its own settings at all.
Even Clients that were working before, seem to be losing all tho settings.
I tried manually importing the whole REG Key from a working machine, to a broken Windows 11 Client, the Updates actually started working immediatly and Logs were happy.
This cant be the solution, merely a workarround tho.
Additional Information:
The environment uses 802.1x and Intune CoMgmt, only for some Workloads (Not Updates)
Has anyone experienced something similar?
Any help would be greatly appreciated!
I got this Problem on Windows Clients, suddenly started 31.08.2025, before Windows Updates were working.
WUAHandler Log:
Group policy settings were overwritten by a higher authority (Domain Controller) to: Server and Policy NOT CONFIGURED
Failed to Add Update Source for WUAgent of type (2) and id ({F13F000E-8FAD-431C-88C0-E92BD3907C82}). Error = 0x87d00692.
Its a WSUS Update Source type ({F13F000E-8FAD-431C-88C0-E92BD3907C82}), adding it. WUAHandler
Unable to read existing resultant WUA policy. Error = 0x80070002.
Enabling WUA Managed server policy to use server: https://Correct-WSUS!:8531
Could not check enrollment url, 0x00000001:
SourceManager::GetIsWUfBEnabled - There is no Windows Update for Business settings assignment. Windows Update for Business is not enabled through ConfigMgr
No Policy nor Settings were changed during that time.
Updates work fine on Servers and some Clients.
I already tried the common steps (registry.pol etc.)
Client Settings are correct and deployed to the respective Clients.
There are no GPOs or other settings regarding WSUS.
The registry settings for WSUS on the affected Clients are actually empty, the SCCM does not apply its own settings at all.
Even Clients that were working before, seem to be losing all tho settings.
I tried manually importing the whole REG Key from a working machine, to a broken Windows 11 Client, the Updates actually started working immediatly and Logs were happy.
This cant be the solution, merely a workarround tho.
Additional Information:
The environment uses 802.1x and Intune CoMgmt, only for some Workloads (Not Updates)
Has anyone experienced something similar?
Any help would be greatly appreciated!