WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 2:14:01 PM I'm opening an additional topic on this so my troubleshooting can be kept separate from the OP's. This topic cross-references "April"s post on 11/13/08 titled "WSUS Server Synchronization Failed". That post is about a WSUS server that stopped synchronizing on November 3rd just like mine. In addition, both our WSUS servers stopped working on October 30th as well (mine from 10/29 11:30 PM - 10/30 11:30 PM) but then resumed normal synchronization. Here is the original post with Lawrence Garvin's (MVP) reply. My answers to his questions are below: ========================================== "april" <april[ at ]123.com> wrote in message news:OQGHPTaRJHA.3808[ at ]TK2MSFTNGP02.phx.gbl... [Quoted Text] > Has anyone out there had the same problem as I have? We are running WSUS > 3.0 on Windows 2003 server. The synchronization was working back to Nov 3 > and stopped working since Nov 4. I checked the sync history and noticed > that the sync also stopped working on Oct 30 with the same error. And then > it started working by itself the next day until Nov 3. As I do not have > any problem in getting on Internet and microsoft websites. All the > settings should be correct since it was working before. Is the WSUS Server configured to use a proxy server? Did you possibly get any unsolicited help from the admin(s) responsible for perimeter security? (Like disabling a proxy account, or blocking port(s)/source(s) in the firewall ruleset.) > WebException: The request failed with HTTP status 404: Not Found. Another issue that can result in a '404' is that the IP Address(es) have been hijacked, and you're requests are being sent to an invalid/incorrect IP Address. If this is suspected, firewall logs would be a good resource (Can you see HTTP sessions being requested from the WSUS Server?). Also, running NetMon on the WSUS Server and capturing the packet traces can give you some insight as to the intended destination of the sync packets. ============================================= My WSUS server is not configured to use a proxy server. The network admin confirms no changes were made to firewalls or security. The firewall does NOT see any traffic from the WSUS server when it is trying to synchronize. WSUS gives the following error in the MMC when trying to do a manual synchronization: "Unable to resolve the the specified upstream server name". Pressing the Details link gives: ------------------------------------------------- WebException: The request failed with HTTP status 404: Not Found. at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.GetAuthConfig() at Microsoft.UpdateServices.ServerSync.ServerSyncLib.InternetGetServerAuthConfig(ServerSyncProxy proxy, WebServiceCommunicationHelper webServiceHelper) at Microsoft.UpdateServices.ServerSync.ServerSyncLib.Authenticate(AuthorizationManager authorizationManager, Boolean checkExpiration, ServerSyncProxy proxy, Cookie cookie, WebServiceCommunicationHelper webServiceHelper) at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.SyncConfigUpdatesFromUSS() at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.ExecuteSyncProtocol(Boolean allowRedirect) ---------------------------------- I can run Windows Update from IE on the WSUS server with no problem. A ping to "update.microsoft.com" from the WSUS server comes back with "update.microsoft.com.nsatc.net" [207.46.17.61] I am located in Baton Rouge, LA. I am not very familiar with running debugging on the WSUS server so if additional logs will be helpful, please provide necessary steps.

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 3:18:17 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:40D6240C-DD36-40BD-9541-6A32BCA51D9B[ at ]microsoft.com... [Quoted Text] > WSUS gives the following error in the MMC when trying to do a manual > synchronization: "Unable to resolve the the specified upstream server > name". NEW information is always so much more helpful! :-) This essentially confirms what I posted in my previous reply. Something in the organizational =DNS= subsystem is broken, and your WSUS Server is now unable to properly resolve the URL of the update server. Or, you've misconfigured your WSUS Server and pointed it to a non-existent/invalid "local" upstream WSUS Server. > I can run Windows Update from IE on the WSUS server with no problem. > > A ping to "update.microsoft.com" from the WSUS server comes back with > "update.microsoft.com.nsatc.net" [207.46.17.61] This is correct; 'update.microsoft.com' is a CNAME, and the services are actually hosted at nsatc.net. > I am not very familiar with running debugging on the WSUS server so if > additional logs will be helpful, please provide necessary steps. 1. Verify your upstream server configuation is correct. 2. Run 'ipconfig /flushdns' on the WSUS Server. 3. Force a manual synchronization, observe the results, review the logs. but... "Unable to resolve the specified upstream server name" is about as specific an error as you're going to get. The rest of the process is verifying configurations and DNS functionality. -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 4:08:01 PM I could email you screenshots from the MMC showing that I am configured to use "Windows Update" as my source server. I have NOT misconfigured the upstream server or the proxy settings. Is there a way to check the configuration of my upstream server WITHOUT using the MMC? Some sort of INI file or something? I have flushed my DNS multiple times, rebooted the server 3 times, and applied all Microsoft available patches via a manual Windows Update through IE. What is the Windows Update server URL that WSUS is hard-coded to go to if I tell it to use Windows Update as the source? Does it use "update.microsoft.com" or some other URL? The firewall does NOT see ANY traffic from the WSUS server during synchronization. It's like the request never leaves the box. But if I PING from a command-line, I can get DNS resolution on "update.microsoft.com" This takes me back to my request for what URL does WSUS use when it's trying to get to Windows Update? "Lawrence Garvin (MVP)" wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:40D6240C-DD36-40BD-9541-6A32BCA51D9B[ at ]microsoft.com... > > > WSUS gives the following error in the MMC when trying to do a manual > > synchronization: "Unable to resolve the the specified upstream server > > name". > > NEW information is always so much more helpful! :-) > > This essentially confirms what I posted in my previous reply. Something in > the organizational =DNS= subsystem is broken, > and your WSUS Server is now unable to properly resolve the URL of the update > server. > > Or, you've misconfigured your WSUS Server and pointed it to a > non-existent/invalid "local" upstream WSUS Server. > > > > I can run Windows Update from IE on the WSUS server with no problem. > > > > A ping to "update.microsoft.com" from the WSUS server comes back with > > "update.microsoft.com.nsatc.net" [207.46.17.61] > > This is correct; 'update.microsoft.com' is a CNAME, and the services are > actually hosted at nsatc.net. > > > > I am not very familiar with running debugging on the WSUS server so if > > additional logs will be helpful, please provide necessary steps. > > 1. Verify your upstream server configuation is correct. > > 2. Run 'ipconfig /flushdns' on the WSUS Server. > > 3. Force a manual synchronization, observe the results, review the logs. > > but... "Unable to resolve the specified upstream server name" is about as > specific an error as you're going to get. > The rest of the process is verifying configurations and DNS functionality. > > > > > > -- > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > MS WSUS Website: http://www.microsoft.com/wsus > My Websites: http://www.onsitechsolutions.com; > http://wsusinfo.onsitechsolutions.com > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > >

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 4:44:27 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:A80712C0-1CF7-43E2-BEE3-EC33662E1EC2[ at ]microsoft.com... [Quoted Text] >I could email you screenshots from the MMC showing that I am configured to > use "Windows Update" as my source server. I have NOT misconfigured the > upstream server or the proxy settings. I'll take your word for it.... all we needed was for you to double check. :-) > Is there a way to check the configuration of my upstream server WITHOUT > using the MMC? Some sort of INI file or something? All WSUS server configurations are stored in one of two places... Some are in the database (not easily accessible), but the core configuration data is stored in the registry at HKLM\Software\Microsoft\Update Services\Server\Setup > I have flushed my DNS multiple times, rebooted the server 3 times, and > applied all Microsoft available patches via a manual Windows Update > through > IE. Okay. > What is the Windows Update server URL that WSUS is hard-coded to go to if > I > tell it to use Windows Update as the source? Does it use > "update.microsoft.com" or some other URL? I don't know the exact URL that's coded in WSUS, but you need to know that the URL resolves to different IP addresses based on regional geography. In the U.S., as you've already noted, it points to update.microsoft.com.nsatc.net, and that domain is heavily regionalized. The actual IP Address that comes back will vary depending on your locations. For me (Houston, Texas) it comes back to 65.55.25.61. > The firewall does NOT see ANY traffic from the WSUS server during > synchronization. It's like the request never leaves the box. That's the key point here Brandon. If the firewall is not seeing any traffic at all it means something is failing in the infrastruture of the WSUS Server. Either the DNS cache is already populated, or there's a host table entry, or the server is resolving to an internal DNS server and getting bad data. But even at that point, your firewall should at least see an outbound GET request to whatever IP Address the WSUS Server has obtained for use. Any chance somebody has enabled an egress-filtered firewall on the WSUS Server itself? Any chance the WSUS Server is being directed to a proxy server (other than the firewall itself)? Is the Default Gateway on the WSUS Server set correctly? > But if I PING from a command-line, I can get DNS resolution on > "update.microsoft.com" This takes me back to my request for what URL does > WSUS use when it's trying to get to Windows Update? I don't know exactly. It's really irrelevant at the moment, since the key point here is that you're seeing NO TRAFFIC from the WSUS Server heading outbound! First you need to find out where that traffic is actually going. The *best* way to do that is to run Network Monitor on the WSUS Server and capture a packet trace during a manual synchronization. Then we'll see: [a] What URL is being sent for DNS resolution. [b] Where the DNS request is being sent for resolution. [c] What address is being returned by DNS to the resolution request. [d] Where WSUS is routing the GET request. -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 4:56:09 PM OK, I pulled actual packet traces off our firewall. I was wrong, the synchronization is DEFINITELY going out the firewall. Take a look at these packet traces (I obscured out internal IP): It CLEARLY shows the Microsoft server at 65.54.89.108 returning a 404 back to my WSUS server during the synchronization. The only weird thing is there is an WSUS30RC1 in the header of the GET statement. ============================= *Packet number: 64* Header Values: Bytes captured: 220, Actual Bytes on the wire: 220 Packet Info(Time:11/14/2008 10:33:17.128): in:X0*(interface), out:X2, Forwarded Ethernet Header Ether Type: IP(0x800), Src=[00:10:dc:cf:fd:f1], Dst=[00:06:b1:13:03:4a] IP Packet Header IP Type: TCP(0x6), Src=[192.168.X.XX], Dst=[65.54.89.108] TCP Packet Header TCP Flags = [ACK,], Src=[1568], Dst=[80], Checksum=0xc847 Application Header HTTP Value:[0] Hex and ASCII dump of the packet: 0006b113 034a0010 dccffdf1 08004500 00ce0aaf 40008006 *.....J........E.....[ at ]...* 9216c0a8 021a4136 596c0620 00503aa3 41fc2514 47d35018 *......A6Yl. ..P:.A.%.G.P.* ffffc847 00004745 54202f77 73757333 30726331 2f77696e *...G..GET /wsus30rc1/win* 646f7773 75706461 74652f72 65646972 2f736572 76657233 *dowsupdate/redir/server3* 30726377 75726564 69722e63 61623f38 31313134 31363131 *0rcwuredir.cab?811141611* 33333136 20485454 502f312e 310d0a43 61636865 2d436f6e *3316 HTTP/1.1..Cache-Con* 74726f6c 3a206e6f 2d636163 68650d0a 486f7374 3a20646f *trol: no-cache..Host: do* 776e6c6f 61642e77 696e646f 77737570 64617465 2e636f6d *wnload.windowsupdate.com* 0d0a436f 6e6e6563 74696f6e 3a204b65 65702d41 6c697665 *..Connection: Keep-Alive* 0d0a0d0a *.... * *Packet number: 65* Header Values: Bytes captured: 1418, Actual Bytes on the wire: 1418 Packet Info(Time:11/14/2008 10:33:17.416): in:--, out:X0*, Forwarded Ethernet Header Ether Type: IP(0x800), Src=[00:06:b1:13:03:4a], Dst=[00:10:dc:cf:fd:f1] IP Packet Header IP Type: TCP(0x6), Src=[65.54.89.108], Dst=[192.168.X.XX] TCP Packet Header TCP Flags = [ACK,], Src=[80], Dst=[1568], Checksum=0xaf21 Application Header HTTP Value:[0] Hex and ASCII dump of the packet: 0010dccf fdf10006 b113034a 08004500 057c32d7 40003206 *...........J..E..|2.[ at ].2.* b3404136 596cc0a8 021a0050 06202514 47d33aa3 42a25010 *.[ at ]A6Yl.....P. %.G.:.B.P.* ffffaf21 00004854 54502f31 2e312034 3034204e 6f742046 *...!..HTTP/1.1 404 Not F* 6f756e64 0d0a436f 6e74656e 742d4c65 6e677468 3a203136 *ound..Content-Length: 16* 33350d0a 436f6e74 656e742d 54797065 3a207465 78742f68 *35..Content-Type: text/h* 746d6c0d 0a536572 7665723a 204d6963 726f736f 66742d49 *tml..Server: Microsoft-I* 49532f36 2e300d0a 582d506f 77657265 642d4279 3a204153 *IS/6.0..X-Powered-By: AS* 502e4e45 540d0a44 6174653a 20467269 2c203134 204e6f76 *P.NET..Date: Fri, 14 Nov* 20323030 38203136 3a33333a 31362047 4d540d0a 436f6e6e * 2008 16:33:16 GMT..Conn* 65637469 6f6e3a20 6b656570 2d616c69 76650d0a 0d0a3c21 *ection: keep-alive....<!* 444f4354 59504520 48544d4c 20505542 4c494320 222d2f2f *DOCTYPE HTML PUBLIC "-//* 5733432f 2f445444 2048544d 4c20342e 30312f2f 454e2220 *W3C//DTD HTML 4.01//EN" * 22687474 703a2f2f 7777772e 77332e6f 72672f54 522f6874 *"http://www.w3.org/TR/ht* 6d6c342f 73747269 63742e64 7464223e 0d0a3c48 544d4c3e *ml4/strict.dtd">..<HTML>* 3c484541 443e3c54 49544c45 3e546865 20706167 65206361 *<HEAD><TITLE>The page ca* 6e6e6f74 20626520 666f756e 643c2f54 49544c45 3e0d0a3c *nnot be found</TITLE>..<* 4d455441 20485454 502d4551 5549563d 22436f6e 74656e74 *META HTTP-EQUIV="Content* 2d547970 65222043 6f6e7465 6e743d22 74657874 2f68746d *-Type" Content="text/htm* 6c3b2063 68617273 65743d57 696e646f 77732d31 32353222 *l; charset=Windows-1252"* 3e0d0a3c 5354594c 45207479 70653d22 74657874 2f637373 *>..<STYLE type="text/css* 223e0d0a 2020424f 4459207b 20666f6e 743a2038 70742f31 *">.. BODY { font: 8pt/1* 32707420 76657264 616e6120 7d0d0a20 20483120 7b20666f *2pt verdana }.. H1 { fo* 6e743a20 31337074 2f313570 74207665 7264616e 61207d0d *nt: 13pt/15pt verdana }.* 0a202048 32207b20 666f6e74 3a203870 742f3132 70742076 *. H2 { font: 8pt/12pt v* 65726461 6e61207d 0d0a2020 413a6c69 6e6b207b 20636f6c *erdana }.. A:link { col* 6f723a20 72656420 7d0d0a20 20413a76 69736974 6564207b *or: red }.. A:visited {* 20636f6c 6f723a20 6d61726f 6f6e207d 0d0a3c2f 5354594c * color: maroon }..</STYL* 453e0d0a 3c2f4845 41443e3c 424f4459 3e3c5441 424c4520 *E>..</HEAD><BODY><TABLE * 77696474 683d3530 3020626f 72646572 3d302063 656c6c73 *width=500 border=0 cells* 70616369 6e673d31 303e3c54 523e3c54 443e0d0a 0d0a3c68 *pacing=10><TR><TD>....<h* 313e5468 65207061 67652063 616e6e6f 74206265 20666f75 *1>The page cannot be fou* 6e643c2f 68313e0d 0a546865 20706167 6520796f 75206172 *nd</h1>..The page you ar* 65206c6f 6f6b696e 6720666f 72206d69 67687420 68617665 *e looking for might have* 20626565 6e207265 6d6f7665 642c2068 61642069 7473206e * been removed, had its n* 616d6520 6368616e 6765642c 206f7220 69732074 656d706f *ame changed, or is tempo* 72617269 6c792075 6e617661 696c6162 6c652e0d 0a3c6872 *rarily unavailable...<hr* 3e0d0a3c 703e506c 65617365 20747279 20746865 20666f6c *>..<p>Please try the fol* 6c6f7769 6e673a3c 2f703e0d 0a3c756c 3e0d0a3c 6c693e4d *lowing:</p>..<ul>..<li>M* 616b6520 73757265 20746861 74207468 65205765 62207369 *ake sure that the Web si* 74652061 64647265 73732064 6973706c 61796564 20696e20 *te address displayed in * 74686520 61646472 65737320 62617220 6f662079 6f757220 *the address bar of your * 62726f77 73657220 69732073 70656c6c 65642061 6e642066 *browser is spelled and f* 6f726d61 74746564 20636f72 72656374 6c792e3c 2f6c693e *ormatted correctly.</li>* ======================================== "Brandon I.T." wrote: [Quoted Text] > I could email you screenshots from the MMC showing that I am configured to > use "Windows Update" as my source server. I have NOT misconfigured the > upstream server or the proxy settings. > > Is there a way to check the configuration of my upstream server WITHOUT > using the MMC? Some sort of INI file or something? > > I have flushed my DNS multiple times, rebooted the server 3 times, and > applied all Microsoft available patches via a manual Windows Update through > IE. > > What is the Windows Update server URL that WSUS is hard-coded to go to if I > tell it to use Windows Update as the source? Does it use > "update.microsoft.com" or some other URL? > > The firewall does NOT see ANY traffic from the WSUS server during > synchronization. It's like the request never leaves the box. > > But if I PING from a command-line, I can get DNS resolution on > "update.microsoft.com" This takes me back to my request for what URL does > WSUS use when it's trying to get to Windows Update? > > "Lawrence Garvin (MVP)" wrote: > > > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > > news:40D6240C-DD36-40BD-9541-6A32BCA51D9B[ at ]microsoft.com... > > > > > WSUS gives the following error in the MMC when trying to do a manual > > > synchronization: "Unable to resolve the the specified upstream server > > > name". > > > > NEW information is always so much more helpful! :-) > > > > This essentially confirms what I posted in my previous reply. Something in > > the organizational =DNS= subsystem is broken, > > and your WSUS Server is now unable to properly resolve the URL of the update > > server. > > > > Or, you've misconfigured your WSUS Server and pointed it to a > > non-existent/invalid "local" upstream WSUS Server. > > > > > > > I can run Windows Update from IE on the WSUS server with no problem. > > > > > > A ping to "update.microsoft.com" from the WSUS server comes back with > > > "update.microsoft.com.nsatc.net" [207.46.17.61] > > > > This is correct; 'update.microsoft.com' is a CNAME, and the services are > > actually hosted at nsatc.net. > > > > > > > I am not very familiar with running debugging on the WSUS server so if > > > additional logs will be helpful, please provide necessary steps. > > > > 1. Verify your upstream server configuation is correct. > > > > 2. Run 'ipconfig /flushdns' on the WSUS Server. > > > > 3. Force a manual synchronization, observe the results, review the logs. > > > > but... "Unable to resolve the specified upstream server name" is about as > > specific an error as you're going to get. > > The rest of the process is verifying configurations and DNS functionality. > > > > > > > > > > > > -- > > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > > Principal/CTO, Onsite Technology Solutions, Houston, Texas > > Microsoft MVP - Software Distribution (2005-2009) > > > > MS WSUS Website: http://www.microsoft.com/wsus > > My Websites: http://www.onsitechsolutions.com; > > http://wsusinfo.onsitechsolutions.com > > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > > > >

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 5:05:01 PM My apologies, Lawrence, if I'm getting hostile. I am sorry. WSUS is kind of my nemesis in the Windows world as it seems it loves to test me with random little errors at times. It's a very good product though! Anyway, let me try to answer some of your questions. I went and checked what you provided about the registry keys at HKLM\Software\Microsoft\Update Services\Server\Setup. I couldn't find any key there that resembled a "Source" setting except: ConfigurationSource - RegDWORD - (0) Nothing much there. Anyway, I sent the packet trace I got from the firewall. Let me know if that helps or not. If it doesn't, I can try running the NETMON tool on the server and see if we can get more granular results. But the good news is the request is definitely leaving the WSUS box and talking to at least one Microsoft web server. "Lawrence Garvin (MVP)" wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:A80712C0-1CF7-43E2-BEE3-EC33662E1EC2[ at ]microsoft.com... > >I could email you screenshots from the MMC showing that I am configured to > > use "Windows Update" as my source server. I have NOT misconfigured the > > upstream server or the proxy settings. > > I'll take your word for it.... all we needed was for you to double check. > :-) > > > Is there a way to check the configuration of my upstream server WITHOUT > > using the MMC? Some sort of INI file or something? > > All WSUS server configurations are stored in one of two places... > > Some are in the database (not easily accessible), > but the core configuration data is stored in the registry at > HKLM\Software\Microsoft\Update Services\Server\Setup > > > > I have flushed my DNS multiple times, rebooted the server 3 times, and > > applied all Microsoft available patches via a manual Windows Update > > through > > IE. > > Okay. > > > > What is the Windows Update server URL that WSUS is hard-coded to go to if > > I > > tell it to use Windows Update as the source? Does it use > > "update.microsoft.com" or some other URL? > > I don't know the exact URL that's coded in WSUS, but you need to know that > the URL resolves to different IP addresses based on regional geography. > > In the U.S., as you've already noted, it points to > update.microsoft.com.nsatc.net, > and that domain is heavily regionalized. The actual IP Address that > comes back will vary depending on your locations. > > For me (Houston, Texas) it comes back to 65.55.25.61. > > > The firewall does NOT see ANY traffic from the WSUS server during > > synchronization. It's like the request never leaves the box. > > That's the key point here Brandon. If the firewall is not seeing any traffic > at all it means something is failing in the infrastruture of the WSUS > Server. > > Either the DNS cache is already populated, or there's a host table entry, or > the server is resolving to an internal DNS server and getting bad data. > > But even at that point, your firewall should at least see an outbound GET > request to whatever IP Address the WSUS Server has obtained for use. > > Any chance somebody has enabled an egress-filtered firewall on the WSUS > Server itself? > > Any chance the WSUS Server is being directed to a proxy server (other than > the firewall itself)? > > Is the Default Gateway on the WSUS Server set correctly? > > > > But if I PING from a command-line, I can get DNS resolution on > > "update.microsoft.com" This takes me back to my request for what URL does > > WSUS use when it's trying to get to Windows Update? > > I don't know exactly. It's really irrelevant at the moment, since the key > point here is that you're seeing NO TRAFFIC from the WSUS Server heading > outbound! > > First you need to find out where that traffic is actually going. > > The *best* way to do that is to run Network Monitor on the WSUS Server and > capture a packet trace during a manual synchronization. > > Then we'll see: > [a] What URL is being sent for DNS resolution. > [b] Where the DNS request is being sent for resolution. > [c] What address is being returned by DNS to the resolution request. > [d] Where WSUS is routing the GET request. > > -- > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > MS WSUS Website: http://www.microsoft.com/wsus > My Websites: http://www.onsitechsolutions.com; > http://wsusinfo.onsitechsolutions.com > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > >

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 5:11:33 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:EB757009-299C-44D0-8BA3-C90A6622F921[ at ]microsoft.com... [Quoted Text] > The only weird thing is there is an WSUS30RC1 in the header of the GET > statement. Please check the main page of the WSUS UI Admin Console, in the "Connection" section in the lower left corner of the center pane. What is the "Server version" reported? It *should* be 3.1.6001.65 indicating WSUS 3.0 Service Pack 1. -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 5:15:01 PM Going back to my comment on the WSUS30RC1 being in the GET header, I did a HELP: About Update Services from the WSUS MMC and got this version number back: Version: 3.0.6000.318 Am I actually still running the RC1 candidate? "Brandon I.T." wrote: [Quoted Text] > OK, I pulled actual packet traces off our firewall. I was wrong, the > synchronization is DEFINITELY going out the firewall. > > Take a look at these packet traces (I obscured out internal IP): It CLEARLY > shows the Microsoft server at 65.54.89.108 returning a 404 back to my WSUS > server during the synchronization. The only weird thing is there is an > WSUS30RC1 in the header of the GET statement. > ============================= > *Packet number: 64* > Header Values: > Bytes captured: 220, Actual Bytes on the wire: 220 > Packet Info(Time:11/14/2008 10:33:17.128): > in:X0*(interface), out:X2, Forwarded > Ethernet Header > Ether Type: IP(0x800), Src=[00:10:dc:cf:fd:f1], Dst=[00:06:b1:13:03:4a] > IP Packet Header > IP Type: TCP(0x6), Src=[192.168.X.XX], Dst=[65.54.89.108] > TCP Packet Header > TCP Flags = [ACK,], Src=[1568], Dst=[80], Checksum=0xc847 > Application Header > HTTP > Value:[0] > Hex and ASCII dump of the packet: > 0006b113 034a0010 dccffdf1 08004500 00ce0aaf 40008006 > *.....J........E.....[ at ]...* > 9216c0a8 021a4136 596c0620 00503aa3 41fc2514 47d35018 *......A6Yl. > .P:.A.%.G.P.* > ffffc847 00004745 54202f77 73757333 30726331 2f77696e *...G..GET > /wsus30rc1/win* > 646f7773 75706461 74652f72 65646972 2f736572 76657233 > *dowsupdate/redir/server3* > 30726377 75726564 69722e63 61623f38 31313134 31363131 > *0rcwuredir.cab?811141611* > 33333136 20485454 502f312e 310d0a43 61636865 2d436f6e *3316 > HTTP/1.1..Cache-Con* > 74726f6c 3a206e6f 2d636163 68650d0a 486f7374 3a20646f *trol: > no-cache..Host: do* > 776e6c6f 61642e77 696e646f 77737570 64617465 2e636f6d > *wnload.windowsupdate.com* > 0d0a436f 6e6e6563 74696f6e 3a204b65 65702d41 6c697665 *..Connection: > Keep-Alive* > 0d0a0d0a *.... > * > > *Packet number: 65* > Header Values: > Bytes captured: 1418, Actual Bytes on the wire: 1418 > Packet Info(Time:11/14/2008 10:33:17.416): > in:--, out:X0*, Forwarded > Ethernet Header > Ether Type: IP(0x800), Src=[00:06:b1:13:03:4a], Dst=[00:10:dc:cf:fd:f1] > IP Packet Header > IP Type: TCP(0x6), Src=[65.54.89.108], Dst=[192.168.X.XX] > TCP Packet Header > TCP Flags = [ACK,], Src=[80], Dst=[1568], Checksum=0xaf21 > Application Header > HTTP > Value:[0] > Hex and ASCII dump of the packet: > 0010dccf fdf10006 b113034a 08004500 057c32d7 40003206 > *...........J..E..|2.[ at ].2.* > b3404136 596cc0a8 021a0050 06202514 47d33aa3 42a25010 *.[ at ]A6Yl.....P. > %.G.:.B.P.* > ffffaf21 00004854 54502f31 2e312034 3034204e 6f742046 *...!..HTTP/1.1 404 > Not F* > 6f756e64 0d0a436f 6e74656e 742d4c65 6e677468 3a203136 > *ound..Content-Length: 16* > 33350d0a 436f6e74 656e742d 54797065 3a207465 78742f68 *35..Content-Type: > text/h* > 746d6c0d 0a536572 7665723a 204d6963 726f736f 66742d49 *tml..Server: > Microsoft-I* > 49532f36 2e300d0a 582d506f 77657265 642d4279 3a204153 > *IS/6.0..X-Powered-By: AS* > 502e4e45 540d0a44 6174653a 20467269 2c203134 204e6f76 *P.NET..Date: Fri, 14 > Nov* > 20323030 38203136 3a33333a 31362047 4d540d0a 436f6e6e * 2008 16:33:16 > GMT..Conn* > 65637469 6f6e3a20 6b656570 2d616c69 76650d0a 0d0a3c21 *ection: > keep-alive....<!* > 444f4354 59504520 48544d4c 20505542 4c494320 222d2f2f *DOCTYPE HTML PUBLIC > "-//* > 5733432f 2f445444 2048544d 4c20342e 30312f2f 454e2220 *W3C//DTD HTML > 4.01//EN" * > 22687474 703a2f2f 7777772e 77332e6f 72672f54 522f6874 > *"http://www.w3.org/TR/ht* > 6d6c342f 73747269 63742e64 7464223e 0d0a3c48 544d4c3e > *ml4/strict.dtd">..<HTML>* > 3c484541 443e3c54 49544c45 3e546865 20706167 65206361 *<HEAD><TITLE>The > page ca* > 6e6e6f74 20626520 666f756e 643c2f54 49544c45 3e0d0a3c *nnot be > found</TITLE>..<* > 4d455441 20485454 502d4551 5549563d 22436f6e 74656e74 *META > HTTP-EQUIV="Content* > 2d547970 65222043 6f6e7465 6e743d22 74657874 2f68746d *-Type" > Content="text/htm* > 6c3b2063 68617273 65743d57 696e646f 77732d31 32353222 *l; > charset=Windows-1252"* > 3e0d0a3c 5354594c 45207479 70653d22 74657874 2f637373 *>..<STYLE > type="text/css* > 223e0d0a 2020424f 4459207b 20666f6e 743a2038 70742f31 *">.. BODY { font: > 8pt/1* > 32707420 76657264 616e6120 7d0d0a20 20483120 7b20666f *2pt verdana }.. H1 > { fo* > 6e743a20 31337074 2f313570 74207665 7264616e 61207d0d *nt: 13pt/15pt > verdana }.* > 0a202048 32207b20 666f6e74 3a203870 742f3132 70742076 *. H2 { font: > 8pt/12pt v* > 65726461 6e61207d 0d0a2020 413a6c69 6e6b207b 20636f6c *erdana }.. A:link { > col* > 6f723a20 72656420 7d0d0a20 20413a76 69736974 6564207b *or: red }.. > A:visited {* > 20636f6c 6f723a20 6d61726f 6f6e207d 0d0a3c2f 5354594c * color: maroon > }..</STYL* > 453e0d0a 3c2f4845 41443e3c 424f4459 3e3c5441 424c4520 > *E>..</HEAD><BODY><TABLE * > 77696474 683d3530 3020626f 72646572 3d302063 656c6c73 *width=500 border=0 > cells* > 70616369 6e673d31 303e3c54 523e3c54 443e0d0a 0d0a3c68 > *pacing=10><TR><TD>....<h* > 313e5468 65207061 67652063 616e6e6f 74206265 20666f75 *1>The page cannot be > fou* > 6e643c2f 68313e0d 0a546865 20706167 6520796f 75206172 *nd</h1>..The page > you ar* > 65206c6f 6f6b696e 6720666f 72206d69 67687420 68617665 *e looking for might > have* > 20626565 6e207265 6d6f7665 642c2068 61642069 7473206e * been removed, had > its n* > 616d6520 6368616e 6765642c 206f7220 69732074 656d706f *ame changed, or is > tempo* > 72617269 6c792075 6e617661 696c6162 6c652e0d 0a3c6872 *rarily > unavailable...<hr* > 3e0d0a3c 703e506c 65617365 20747279 20746865 20666f6c *>..<p>Please try the > fol* > 6c6f7769 6e673a3c 2f703e0d 0a3c756c 3e0d0a3c 6c693e4d > *lowing:</p>..<ul>..<li>M* > 616b6520 73757265 20746861 74207468 65205765 62207369 *ake sure that the > Web si* > 74652061 64647265 73732064 6973706c 61796564 20696e20 *te address displayed > in * > 74686520 61646472 65737320 62617220 6f662079 6f757220 *the address bar of > your * > 62726f77 73657220 69732073 70656c6c 65642061 6e642066 *browser is spelled > and f* > 6f726d61 74746564 20636f72 72656374 6c792e3c 2f6c693e *ormatted > correctly.</li>* > ======================================== > > > > "Brandon I.T." wrote: > > > I could email you screenshots from the MMC showing that I am configured to > > use "Windows Update" as my source server. I have NOT misconfigured the > > upstream server or the proxy settings. > > > > Is there a way to check the configuration of my upstream server WITHOUT > > using the MMC? Some sort of INI file or something? > > > > I have flushed my DNS multiple times, rebooted the server 3 times, and > > applied all Microsoft available patches via a manual Windows Update through > > IE. > > > > What is the Windows Update server URL that WSUS is hard-coded to go to if I > > tell it to use Windows Update as the source? Does it use > > "update.microsoft.com" or some other URL? > > > > The firewall does NOT see ANY traffic from the WSUS server during > > synchronization. It's like the request never leaves the box. > > > > But if I PING from a command-line, I can get DNS resolution on > > "update.microsoft.com" This takes me back to my request for what URL does > > WSUS use when it's trying to get to Windows Update? > > > > "Lawrence Garvin (MVP)" wrote: > > > > > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > > > news:40D6240C-DD36-40BD-9541-6A32BCA51D9B[ at ]microsoft.com... > > > > > > > WSUS gives the following error in the MMC when trying to do a manual > > > > synchronization: "Unable to resolve the the specified upstream server > > > > name". > > > > > > NEW information is always so much more helpful! :-) > > > > > > This essentially confirms what I posted in my previous reply. Something in > > > the organizational =DNS= subsystem is broken, > > > and your WSUS Server is now unable to properly resolve the URL of the update > > > server. > > > > > > Or, you've misconfigured your WSUS Server and pointed it to a > > > non-existent/invalid "local" upstream WSUS Server. > > > > > > > > > > I can run Windows Update from IE on the WSUS server with no problem. > > > > > > > > A ping to "update.microsoft.com" from the WSUS server comes back with > > > > "update.microsoft.com.nsatc.net" [207.46.17.61] > > > > > > This is correct; 'update.microsoft.com' is a CNAME, and the services are > > > actually hosted at nsatc.net. > > > > > > > > > > I am not very familiar with running debugging on the WSUS server so if > > > > additional logs will be helpful, please provide necessary steps. > > > > > > 1. Verify your upstream server configuation is correct. > > > > > > 2. Run 'ipconfig /flushdns' on the WSUS Server. > > > > > > 3. Force a manual synchronization, observe the results, review the logs. > > > > > > but... "Unable to resolve the specified upstream server name" is about as > > > specific an error as you're going to get. > > > The rest of the process is verifying configurations and DNS functionality. > > > > > > > > > > > > > > > > > > -- > > > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > > > Principal/CTO, Onsite Technology Solutions, Houston, Texas > > > Microsoft MVP - Software Distribution (2005-2009) > > > > > > MS WSUS Website: http://www.microsoft.com/wsus > > > My Websites: http://www.onsitechsolutions.com; > > > http://wsusinfo.onsitechsolutions.com > > > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > > > > > >

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 5:39:56 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:C5A448B4-B420-4596-96FB-D50F8DC8A4AE[ at ]microsoft.com... [Quoted Text] > My apologies, Lawrence, if I'm getting hostile. No hostilities noted, and I certainly appreciate your frustrations, Brandon. I'm here to *help* you. :-) -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 5:50:41 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:24F87AD9-F413-4320-A52F-7E5C17A08782[ at ]microsoft.com... [Quoted Text] > Going back to my comment on the WSUS30RC1 being in the GET header, I did a > HELP: About Update Services from the WSUS MMC and got this version number > back: > Version: 3.0.6000.318 > > Am I actually still running the RC1 candidate? You are. :-) The RTW (release) version of WSUS 3.0 was build 3.0.6000.374 Download the WSUS3SP1 (v3.1.6001.65) installer from http://www.microsoft.com/wsus, and review the Release Notes concerning requirements for upgrading from the RC to RTW package. Of specific note, an undocumented, but well known, 'bug' in the WSUS3SP1 installer will fail to properly recreate the 'selfupdate' virtual directory, so you'll need to manually recreate it, set the pathname and permissions (anonymous). -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 5:56:07 PM Nope. "Server version: 3.0.6000.318" I wonder if April is running the same thing in her thread... Is it possible Microsoft cut off support for the RC1 recently? "Lawrence Garvin (MVP)" wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:EB757009-299C-44D0-8BA3-C90A6622F921[ at ]microsoft.com... > > > The only weird thing is there is an WSUS30RC1 in the header of the GET > > statement. > > Please check the main page of the WSUS UI Admin Console, in the "Connection" > section in the lower left corner of the center pane. > > What is the "Server version" reported? > > It *should* be 3.1.6001.65 indicating WSUS 3.0 Service Pack 1. > > -- > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > MS WSUS Website: http://www.microsoft.com/wsus > My Websites: http://www.onsitechsolutions.com; > http://wsusinfo.onsitechsolutions.com > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > >

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 6:06:59 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:C79772F2-7BFA-4085-8707-12F76D7C1C26[ at ]microsoft.com... [Quoted Text] > Nope. > > "Server version: 3.0.6000.318" > > I wonder if April is running the same thing in her thread... Is it > possible > Microsoft cut off support for the RC1 recently? Actually, support for the RC was cutoff eons ago... strictly speaking... but the URL embedded in the RC bits was most likely redirected to the LIVE servers once WSUS 3.0 launched, which would allow WSUS 3.0 RC to continue working for a period of time after release. What's more likely is that the host headers that supported accepting requests to that URL were removed from the Microsoft Update webservers, given that the server was still able to obtain an IP Address for directing the GET request -- this indicates the URL(s) are still in the DNS zone files, else your server would have received a DNS resolution failure, not an HTTP 404. -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 april <april[ at ]123.com> 11/14/2008 6:10:04 PM Brandon I.T. wrote: [Quoted Text] > Nope. > > "Server version: 3.0.6000.318" > > I wonder if April is running the same thing in her thread... Is it possible > Microsoft cut off support for the RC1 recently? Yes I am running server version 3.0.600.318. Also I also locate at Baton Rouge. > > "Lawrence Garvin (MVP)" wrote: > >> "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message >> news:EB757009-299C-44D0-8BA3-C90A6622F921[ at ]microsoft.com... >> >>> The only weird thing is there is an WSUS30RC1 in the header of the GET >>> statement. >> Please check the main page of the WSUS UI Admin Console, in the "Connection" >> section in the lower left corner of the center pane. >> >> What is the "Server version" reported? >> >> It *should* be 3.1.6001.65 indicating WSUS 3.0 Service Pack 1. >> >> -- >> Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP >> Principal/CTO, Onsite Technology Solutions, Houston, Texas >> Microsoft MVP - Software Distribution (2005-2009) >> >> MS WSUS Website: http://www.microsoft.com/wsus >> My Websites: http://www.onsitechsolutions.com; >> http://wsusinfo.onsitechsolutions.com >> My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin >> >>

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 8:02:01 PM Well, then that means the only fix for my problem will be to download and install the new version. I am downloading WSUS 3.0 SP1 from the link you provided. I'll read through the release notes and see if I can do a successful upgrade. Thanks for the headsup on the SelfUpdate virtual directory as well. I'll report back to this thread when I make some progress. "Lawrence Garvin (MVP)" wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:24F87AD9-F413-4320-A52F-7E5C17A08782[ at ]microsoft.com... > > Going back to my comment on the WSUS30RC1 being in the GET header, I did a > > HELP: About Update Services from the WSUS MMC and got this version number > > back: > > Version: 3.0.6000.318 > > > > Am I actually still running the RC1 candidate? > > You are. :-) > > The RTW (release) version of WSUS 3.0 was build 3.0.6000.374 > > > Download the WSUS3SP1 (v3.1.6001.65) installer from > http://www.microsoft.com/wsus, > and review the Release Notes concerning requirements for upgrading from the > RC to RTW package. > > Of specific note, an undocumented, but well known, 'bug' in the WSUS3SP1 > installer will fail to properly recreate the 'selfupdate' virtual directory, > so you'll need to manually recreate it, set the pathname and permissions > (anonymous). > > -- > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > MS WSUS Website: http://www.microsoft.com/wsus > My Websites: http://www.onsitechsolutions.com; > http://wsusinfo.onsitechsolutions.com > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > >

Re: WSUS Stopped Syncing on Nov. 3 april <april[ at ]123.com> 11/14/2008 8:09:47 PM Lawrence Garvin (MVP) wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:24F87AD9-F413-4320-A52F-7E5C17A08782[ at ]microsoft.com... >> Going back to my comment on the WSUS30RC1 being in the GET header, I >> did a >> HELP: About Update Services from the WSUS MMC and got this version number >> back: >> Version: 3.0.6000.318 >> >> Am I actually still running the RC1 candidate? > > You are. :-) > > The RTW (release) version of WSUS 3.0 was build 3.0.6000.374 > > > Download the WSUS3SP1 (v3.1.6001.65) installer from > http://www.microsoft.com/wsus, > and review the Release Notes concerning requirements for upgrading from > the RC to RTW package. > > Of specific note, an undocumented, but well known, 'bug' in the WSUS3SP1 > installer will fail to properly recreate the 'selfupdate' virtual > directory, so you'll need to manually recreate it, set the pathname and > permissions (anonymous). > Thank you all so much. After I applied sp1, it does fix the problem. My WSUS started back to sync now.

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 8:33:02 PM I've run into a problem trying to perform an "upgrade installation" command-line switch. The install is reporting that I already have 3.0 SP1 installed. If I try to run the .EXE in Windows, then it starts by trying to uninstall my WSUS instance. Is there a way to preserve my WSUS settings (approvals, etc.) during this process of upgrading from the RC to SP1? Should I upgrade to 3.0 RTM then upgrade to 3.0 SP1? "Brandon I.T." wrote: [Quoted Text] > Well, then that means the only fix for my problem will be to download and > install the new version. I am downloading WSUS 3.0 SP1 from the link you > provided. I'll read through the release notes and see if I can do a > successful upgrade. Thanks for the headsup on the SelfUpdate virtual > directory as well. > > I'll report back to this thread when I make some progress. > > "Lawrence Garvin (MVP)" wrote: > > > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > > news:24F87AD9-F413-4320-A52F-7E5C17A08782[ at ]microsoft.com... > > > Going back to my comment on the WSUS30RC1 being in the GET header, I did a > > > HELP: About Update Services from the WSUS MMC and got this version number > > > back: > > > Version: 3.0.6000.318 > > > > > > Am I actually still running the RC1 candidate? > > > > You are. :-) > > > > The RTW (release) version of WSUS 3.0 was build 3.0.6000.374 > > > > > > Download the WSUS3SP1 (v3.1.6001.65) installer from > > http://www.microsoft.com/wsus, > > and review the Release Notes concerning requirements for upgrading from the > > RC to RTW package. > > > > Of specific note, an undocumented, but well known, 'bug' in the WSUS3SP1 > > installer will fail to properly recreate the 'selfupdate' virtual directory, > > so you'll need to manually recreate it, set the pathname and permissions > > (anonymous). > > > > -- > > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > > Principal/CTO, Onsite Technology Solutions, Houston, Texas > > Microsoft MVP - Software Distribution (2005-2009) > > > > MS WSUS Website: http://www.microsoft.com/wsus > > My Websites: http://www.onsitechsolutions.com; > > http://wsusinfo.onsitechsolutions.com > > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > > > >

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/14/2008 8:56:00 PM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:EFA634DD-B4F3-478C-9268-1C4BB7A72037[ at ]microsoft.com... [Quoted Text] > I've run into a problem trying to perform an "upgrade installation" > command-line switch. The install is reporting that I already have 3.0 SP1 > installed. If I try to run the .EXE in Windows, then it starts by trying > to > uninstall my WSUS instance. > > Is there a way to preserve my WSUS settings (approvals, etc.) during this > process of upgrading from the RC to SP1? Yes. When you uninstall WSUS it gives you an option to KEEP the database, content, and logs. Check all three. When you reinstall WSUS, it will find the pre-existing database and content (provided you give it the same pathname during install). > Should I upgrade to 3.0 RTM then upgrade to 3.0 SP1? I don't believe that will make any difference -- assuming you can even find a WSUS 3.0 RTM installer packge. (It was pulled from the downloads site when 3.0SP1 went live.) -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/14/2008 9:56:00 PM Well, Lawrence, this project continues to spiral out of control. :-) I have downloaded a 3.0 RTM from Microsoft and it will allow me to perform an "upgrade" installation on my 3.0 RC1. So I will upgrade my 3.0 RC1 to 3.0 RTM then perform another upgrade to 3.0 SP1. However, 3.0 RTM (unlike 3.0 RC1) requires SQL 2005 *SP1* which we have not installed yet. So now I will have to upgrade my SQL Server to SP1 before I can continue with the WSUS upgrade. Talk about the cart before the horse. Anyway, there are 5 applications that use our SQL Server so it's going to be a bit before we can schedule the downtime necessary for the upgrade. So... Since I may not respond to this thread for a while, I'd like to thank you Lawrence for all your kind help during this process. I am certainly happy we were able to find the problem. Now, if only fixing it were as easy... "Lawrence Garvin (MVP)" wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:EFA634DD-B4F3-478C-9268-1C4BB7A72037[ at ]microsoft.com... > > I've run into a problem trying to perform an "upgrade installation" > > command-line switch. The install is reporting that I already have 3.0 SP1 > > installed. If I try to run the .EXE in Windows, then it starts by trying > > to > > uninstall my WSUS instance. > > > > Is there a way to preserve my WSUS settings (approvals, etc.) during this > > process of upgrading from the RC to SP1? > > Yes. When you uninstall WSUS it gives you an option to KEEP the database, > content, and logs. Check all three. > > When you reinstall WSUS, it will find the pre-existing database and content > (provided you give it the same pathname during install). > > > > Should I upgrade to 3.0 RTM then upgrade to 3.0 SP1? > > I don't believe that will make any difference -- assuming you can even find > a WSUS 3.0 RTM installer packge. > (It was pulled from the downloads site when 3.0SP1 went live.) > > -- > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > MS WSUS Website: http://www.microsoft.com/wsus > My Websites: http://www.onsitechsolutions.com; > http://wsusinfo.onsitechsolutions.com > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > >

Re: WSUS Stopped Syncing on Nov. 3 "Lawrence Garvin \(MVP\)" <lawrence[ at ]news.postalias> 11/15/2008 3:42:04 AM "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message news:91B79FC2-1BAE-412E-90E1-03E94E39C565[ at ]microsoft.com... [Quoted Text] > Well, Lawrence, this project continues to spiral out of control. :-) > > I have downloaded a 3.0 RTM from Microsoft and it will allow me to perform > an "upgrade" installation on my 3.0 RC1. So I will upgrade my 3.0 RC1 to > 3.0 > RTM then perform another upgrade to 3.0 SP1. > > However, 3.0 RTM (unlike 3.0 RC1) requires SQL 2005 *SP1* which we have > not > installed yet. So now I will have to upgrade my SQL Server to SP1 before > I > can continue with the WSUS upgrade. Talk about the cart before the horse. > Anyway, there are 5 applications that use our SQL Server so it's going to > be > a bit before we can schedule the downtime necessary for the upgrade. So... There are many who would say you should have upgraded your SQL Server 2005 to =SP1= eons ago! <VBG> There are also as many who would be surprised that you've not yet applied =SP2= to your SQL Server(s). There are an equal number who would have never allowed SQL Server 2005 =RTM= to even go into production. :-) Personally, myself, I can't think of a single reason *not* to have SP2 applied to all SQL Server 2005 installations! > Since I may not respond to this thread for a while, I'd like to thank you > Lawrence for all your kind help during this process. I am certainly happy > we > were able to find the problem. Now, if only fixing it were as easy... What can I say... ! Best of luck in all that you need to do. Hint: Don't try to reuse the existing SQL Server installation (btw, ALL of your clients do have SQL CALs to use WSUS, don't they?), but rather, try installing WSUS with the supplied "Windows Internal Database" as a short-term solution. The WID database can be later migrated to your SQL Server 2005 SP2 installation when it's ready. -- Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) MS WSUS Website: http://www.microsoft.com/wsus My Websites: http://www.onsitechsolutions.com; http://wsusinfo.onsitechsolutions.com My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

Re: WSUS Stopped Syncing on Nov. 3 Brandon I.T. 11/24/2008 4:21:01 PM Update to the problem as of November 24th. I have installed SQL 2005 SP1 to our SQL Server. Currently, one of the applications on the server is not certified for SP2 yet so I couldn't upgrade the server all the way. I tried to do an upgrade to 3.0 RTM but ran into the error: "There is a problem with this Windows Installer package. A program run as part o the setup did not finish as expected. Contact your support personel or package vendor." Unfortunately, the WSUS RC1 instance had already been uninstalled at this point in the install process. Once the installer finished rolling back, I had no WSUS server installed. So I'm starting over from scratch with WSUS 3.0 SP1. It's installing right now with a local database which I will migrate later to our SQL Server. What a hassle. :) "Lawrence Garvin (MVP)" wrote: [Quoted Text] > "Brandon I.T." <BrandonIT[ at ]discussions.microsoft.com> wrote in message > news:91B79FC2-1BAE-412E-90E1-03E94E39C565[ at ]microsoft.com... > > Well, Lawrence, this project continues to spiral out of control. :-) > > > > I have downloaded a 3.0 RTM from Microsoft and it will allow me to perform > > an "upgrade" installation on my 3.0 RC1. So I will upgrade my 3.0 RC1 to > > 3.0 > > RTM then perform another upgrade to 3.0 SP1. > > > > However, 3.0 RTM (unlike 3.0 RC1) requires SQL 2005 *SP1* which we have > > not > > installed yet. So now I will have to upgrade my SQL Server to SP1 before > > I > > can continue with the WSUS upgrade. Talk about the cart before the horse. > > Anyway, there are 5 applications that use our SQL Server so it's going to > > be > > a bit before we can schedule the downtime necessary for the upgrade. So... > > There are many who would say you should have upgraded your SQL Server 2005 > to =SP1= eons ago! <VBG> > > There are also as many who would be surprised that you've not yet applied > =SP2= to your SQL Server(s). > > There are an equal number who would have never allowed SQL Server 2005 =RTM= > to even go into production. :-) > > Personally, myself, I can't think of a single reason *not* to have SP2 > applied to all SQL Server 2005 installations! > > > > Since I may not respond to this thread for a while, I'd like to thank you > > Lawrence for all your kind help during this process. I am certainly happy > > we > > were able to find the problem. Now, if only fixing it were as easy... > > What can I say... ! > > Best of luck in all that you need to do. > > Hint: Don't try to reuse the existing SQL Server installation (btw, ALL of > your clients do have SQL CALs to use WSUS, don't they?), > but rather, try installing WSUS with the supplied "Windows Internal > Database" as a short-term solution. > > The WID database can be later migrated to your SQL Server 2005 SP2 > installation when it's ready. > > -- > Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > MS WSUS Website: http://www.microsoft.com/wsus > My Websites: http://www.onsitechsolutions.com; > http://wsusinfo.onsitechsolutions.com > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin > >