Join Log in
Score:1
Alessandro avatar Server

Wsus gpo applied but not used

tw flag
Alessandro

On my server, I have a GPO dedicated to enabling wsus in the environment but is some time that on the server the gpo are processed correctly and in gpresult and rsop are all ok, here is a screen:

gpresult.

All client use wsus server, but the server itself, as you can see on the windows update page is not using the policy but connecting to microsoft servers:

rsop-winupd

Anyone had this issue before?

UPDATE: Here's the log file, I have to host it because it's too big for pasting here: Group Policy logfile

UPDATE 2: Here the screen of gpresult: gpresult

UPDATE 3: Here the windows update log:

2023/04/26 10:03:57.4439771 2156  23200 Agent           WU client version 10.0.14393.4651
2023/04/26 10:03:57.4445915 2156  23200 Agent           SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.
2023/04/26 10:03:57.4448717 2156  23200 Agent           Base directory: C:\WINDOWS\SoftwareDistribution
2023/04/26 10:03:57.4465522 2156  23200 Agent           Datastore directory: C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
2023/04/26 10:03:57.5345552 2156  23200 Shared          UpdateNetworkState Ipv6, cNetworkInterfaces = 2.
2023/04/26 10:03:57.5346182 2156  23200 Shared          UpdateNetworkState Ipv4, cNetworkInterfaces = 4.
2023/04/26 10:03:57.5358961 2156  23200 Shared          Network state: Connected
2023/04/26 10:03:57.5473993 2156  23200 Misc            LoadHistoryEventFromRegistry completed, hr = 8024000C
2023/04/26 10:03:57.5541362 2156  14216 Agent           Initializing global settings cache
2023/04/26 10:03:57.5541383 2156  14216 Agent           WSUS server: NULL
2023/04/26 10:03:57.5541394 2156  14216 Agent           WSUS status server: NULL
2023/04/26 10:03:57.5541410 2156  14216 Agent           Alternate Download Server: NULL
2023/04/26 10:03:57.5541421 2156  14216 Agent           Fill Empty Content Urls: No
2023/04/26 10:03:57.5541437 2156  14216 Agent           Target group: (Unassigned Computers)
2023/04/26 10:03:57.5541448 2156  14216 Agent           Windows Update access disabled: No
2023/04/26 10:03:57.5552275 2156  14216 Agent               Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2023-04-26 10:43:41, not idle-only, not network-only
2023/04/26 10:03:57.5597940 2156  23200 Shared          UpdateNetworkState Ipv6, cNetworkInterfaces = 2.
2023/04/26 10:03:57.5598156 2156  23200 Shared          UpdateNetworkState Ipv4, cNetworkInterfaces = 4.
2023/04/26 10:03:57.5598339 2156  23200 Shared          Power status changed
2023/04/26 10:03:57.5623039 2156  14216 Agent           Initializing Windows Update Agent
2023/04/26 10:03:57.5624812 2156  14216 DownloadManager Download manager restoring 0 downloads
2023/04/26 10:03:57.5626472 2156  14216 Agent           CPersistentTimeoutScheduler | GetTimer, returned hr = 0x00000000
2023/04/26 10:03:57.7559868 2156  22092 Shared          Effective power state: AC
2023/04/26 10:03:57.7559900 2156  22092 DownloadManager Power state change detected. Source now: AC
2023/04/26 10:03:58.0374145 2156  14216 Agent           * START * Queueing Finding updates [CallerId = UpdateOrchestrator  Id = 1]
2023/04/26 10:03:58.0374280 2156  14216 Agent           Added service 00000000-0000-0000-0000-000000000000 to sequential scan list
2023/04/26 10:03:58.0511749 2156  21856 Agent           * END * Queueing Finding updates [CallerId = UpdateOrchestrator  Id = 1]
2023/04/26 10:03:58.0637087 2156  21856 Agent           * START * Finding updates CallerId = UpdateOrchestrator  Id = 1
2023/04/26 10:03:58.0637162 2156  21856 Agent           Online = Yes; AllowCachedResults = No; Ignore download priority = No
2023/04/26 10:03:58.0637227 2156  21856 Agent           Criteria = IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1""
2023/04/26 10:03:58.0637340 2156  21856 Agent           ServiceID = {00000000-0000-0000-0000-000000000000} Third party service
2023/04/26 10:03:58.0637356 2156  21856 Agent           Search Scope = {Machine}
2023/04/26 10:03:58.0637459 2156  21856 Agent           Caller SID for Applicability: S-1-5-21-2273949773-1165264340-3108460019-500
2023/04/26 10:03:58.0637475 2156  21856 Agent           ProcessDriverDeferrals is set
2023/04/26 10:03:58.0637486 2156  21856 Agent           RegisterService is set
2023/04/26 10:03:58.0675756 2156  21856 SLS             Retrieving SLS response from server using ETAG f2dAyzSAXLAz7XI7tUppQAzeh4mYqtC/h1zNY+Fz0IU=_1440"..."
2023/04/26 10:03:58.0687279 2156  21856 SLS             Making request with URL HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.14393.0/0?CH=454&L=en-US&P=&PT=0x7&WUA=10.0.14393.4651
2023/04/26 10:03:58.7525349 2156  21856 Misc            StatusCode for transaction returned from WinHttpQueryHeaders is 304
2023/04/26 10:03:58.8233886 2156  21856 Misc            Got 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL: 117cab2d-82b1-4b5a-a08c-4d62dbee7782""
2023/04/26 10:03:58.8269316 2156  21856 SLS             CoCreateInstance Failed: hr = 0x80040154
2023/04/26 10:03:58.8269510 2156  21856 Agent           Failed to retrieve SLS response data for service 117cab2d-82b1-4b5a-a08c-4d62dbee7782, error = 0x80040154
2023/04/26 10:03:58.8269591 2156  21856 Agent           Caller Service Recovery failed to opt in to service 117cab2d-82b1-4b5a-a08c-4d62dbee7782, hr=0X80040154
2023/04/26 10:03:58.8285209 2156  21856 Misc            Got 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL: 7971f918-a847-4430-9279-4a52d1efe18d""
2023/04/26 10:03:58.8301259 2156  21856 Misc            Got 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL: 855e8a7c-ecb4-4ca3-b045-1dfa50104289""
2023/04/26 10:03:58.8329883 2156  21856 Misc            Got 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL: 117cab2d-82b1-4b5a-a08c-4d62dbee7782""
2023/04/26 10:03:58.8364138 2156  21856 SLS             CoCreateInstance Failed: hr = 0x80040154
2023/04/26 10:03:58.8364208 2156  21856 Agent           Failed to retrieve SLS response data for service 117cab2d-82b1-4b5a-a08c-4d62dbee7782, error = 0x80040154
2023/04/26 10:03:58.8364278 2156  21856 Agent           Caller Service Recovery failed to opt in to service 117cab2d-82b1-4b5a-a08c-4d62dbee7782, hr=0X80040154
2023/04/26 10:03:58.8379617 2156  21856 Misc            Got 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL: 7971f918-a847-4430-9279-4a52d1efe18d""
2023/04/26 10:03:58.8410746 2156  21856 SLS             Retrieving SLS response from server using ETAG MSbN5NKjVPLX1M1+dtG2bVWEw8MzvIIu2NI9A1k4gt8=_1440"..."
2023/04/26 10:03:58.8420620 2156  21856 SLS             Making request with URL HTTPS://sls.update.microsoft.com/SLS/{7971F918-A847-4430-9279-4A52D1EFE18D}/x64/10.0.14393.0/0?CH=454&L=en-US&P=&PT=0x7&WUA=10.0.14393.4651
2023/04/26 10:03:59.4900263 2156  21856 Misc            StatusCode for transaction returned from WinHttpQueryHeaders is 304
2023/04/26 10:03:59.5099711 2156  21856 Misc            Got 7971F918-A847-4430-9279-4A52D1EFE18D redir Client/Server URL: https://fe2.update.microsoft.com/v6/ClientWebService/client.asmx""
2023/04/26 10:03:59.5140358 2156  21856 WebServices     Proxy Behavior set to 2 for service url https://fe2.update.microsoft.com/v6/ClientWebService/client.asmx
2023/04/26 10:03:59.5140385 2156  21856 ProtocolTalker  Proxy Behavior set to 2 for service url https://fe2.update.microsoft.com/v6/ClientWebService/client.asmx
2023/04/26 10:04:01.0525740 2156  21856 ProtocolTalker  ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://fe2.update.microsoft.com/v6/ClientWebService/client.asmx
2023/04/26 10:04:01.0528284 2156  21856 ProtocolTalker  OK to reuse existing configuration
2023/04/26 10:04:01.0528354 2156  21856 ProtocolTalker  Existing cookie is valid, just use it
2023/04/26 10:04:05.3046055 2156  21856 WebServices     Auto proxy settings for this web service call.
2023/04/26 10:04:13.8553486 2156  21856 ProtocolTalker  PTInfo: syncing with server using normal query
2023/04/26 10:04:15.3041306 2156  21856 ProtocolTalker  SyncUpdates round trips: 2
2023/04/26 10:04:23.5265346 2156  21856 Agent           Added update D746CB36-B745-4D94-B97A-B54A9852789B.201 to search result
2023/04/26 10:04:23.5265944 2156  21856 Agent           Found 1 updates and 115 categories in search; evaluated appl. rules of 2655 out of 3773 deployed entities
2023/04/26 10:04:23.5720146 2156  21856 Agent           * END * Finding updates CallerId = UpdateOrchestrator  Id = 1
314
0 + 14
cn flag
Greg Askew
The first screenshot is not helpful. It does not show the settings. What is the output of Group Policy Environment Debug Logging? That will log each and every policy setting that is applied, along with any errors that occur. https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/a-treatise-on-group-policy-troubleshooting-8211-now-with-gpsvc/ba-p/400304
1
Reply
Alessandro avatar
tw flag
Alessandro
@GregAskew The settings are correct as the policy is the same for all computers and is working correctly (and used to work on the server). I tried to debug, but in all gpo applied in wsus section there is OK at the end.
0
Reply
cn flag
Greg Askew
Without the required information, the question may be closed. Also the problem unresolved.
0
Reply
cn flag
Greg Askew
What does `gpresult /h` show for the WSUS settings? That should be used instead of rsop.
0
Reply
cn flag
Greg Askew
The settings are present in gpresult. You may want to review your Windows Update logs to confirm the server that the endpoint is communicating with. Get-WindowsUpdateLog https://learn.microsoft.com/en-us/powershell/module/windowsupdate/get-windowsupdatelog
0
Reply
Alessandro avatar
tw flag
Alessandro
You have to give me some time to answer, i tried to run the command but all lines are like `1601/01/01 01.00.00.0000000 2156 20444 Unknown( 13): GUID=5be6e323-4065-3bc4-4ba2-88ef8e409cf8 (No Format Information found).` I have some problems with symbols. I'll be back asap.
0
Reply
yagmoth555 avatar
cn flag
yagmoth555
Hi, a simple question, as the computer list no update, does you have approved patch in your WSUS's console ?
0
Reply
Alessandro avatar
tw flag
Alessandro
Yes, but as it used microsoft server, it downloaded and installed latest cumulative update from there. So now the server is up to date. But it shouldn't do this as I want to approve and install updates, especially on the server.
0
Reply
yagmoth555 avatar
cn flag
yagmoth555
I mean, even if you tell your computer to use Microsoft download, you still have to approve the patch inside your WSUS
0
Reply
Alessandro avatar
tw flag
Alessandro
Of course it is. The problem is that I configured to look at the wsus server but, as you in see in the windows update log, the WSUS Server line is null. So one morning I logged in and I saw the notification of updates done and start diggin.
0
Reply
yagmoth555 avatar
cn flag
yagmoth555
I have difficulty to see the setting you push, the printscreen seem low res
0
Reply
Alessandro avatar
tw flag
Alessandro
Right click on it, open in a new tab
0
Reply
yagmoth555 avatar
cn flag
yagmoth555
oh, my bad, ok, Try in http port 8530, my WSUS had difficulty with the certificate
0
Reply
Alessandro avatar
tw flag
Alessandro
The certificate is ok and trusted in the domain, the clients are connection succesfully and if I visit the page via browser it doesen't complain about certificate.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.