Friday, 27 February 2009

WSUS under Server 2008

I configured a WSUS server under Server 2008 and created a GPO to instruct all the other Windows VMs in my test environment to point to it. Although the GPO was being pushed out, the WSUS console did not detect any computers.

After speaking to some colleagues about this (thanks Rob!), I tried manually running a Windows Update from one of the clients. This produced the following error: 80072EE6

Googling this suggested the problem was an "unknown protocol" and one post suggested checking that the GPO settings for the intranet server included the "http://" prefix before the hostname. I checked and found I didn't have that setting. Adding it in and then forcing a gpupdate worked and the clients have started to appear.

3 comments:

JW said...

I can imagine this is an easy mistake to make!

pmatz said...

I have been configuring SUS SP1, WSUS2 and WSUS3 recently (windows exam pending). I have used the http:// prefix in group policy - so its good to know you can get probs without it.
Do you know the nice WUAUCLT.exe /detectnow ? I use this to speed things up.

JR said...

That http:// is required implies that WSUS could theoretically work with other protocols. I'm guessing they haven't written it this way though.

I've used wuauclt /detectnow and the /r option (report?), which did help a bit. I found I had a couple of machines that required a small number of patches, but when I manually tried to add them, it reported there was nothing to add.