新建的副本 WSUS 服务器的客户端找不到更新或报告状态

新建的副本 WSUS 服务器的客户端找不到更新或报告状态

Windows Server 2008 R2 上的 WSUS 3.0 SP2。

我构建了一个新盒子来替换仍在使用 Server 2003 的旧 WSUS 盒子。

所有使用 WSUS 服务器的客户端都无法找到更新并且无法报告状态。

其中一个客户端上的 C:\Windows\WindowsUpdate.log:

2013-05-09  10:04:48:629     764    494 AU  Triggering AU detection through DetectNow API
2013-05-09  10:04:48:629     764    494 AU  Triggering Online detection (non-interactive)
2013-05-09  10:04:48:630     764    7b0 AU  #############
2013-05-09  10:04:48:630     764    7b0 AU  ## START ##  AU: Search for updates
2013-05-09  10:04:48:630     764    7b0 AU  #########
2013-05-09  10:04:48:630     764    7b0 AU  <<## SUBMITTED ## AU: Search for updates [CallId = {E7AC5D1F-612A-4879-9B77-83C692868D11}]
2013-05-09  10:04:48:630     764    64c Agent   *************
2013-05-09  10:04:48:630     764    64c Agent   ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2013-05-09  10:04:48:630     764    64c Agent   *********
2013-05-09  10:04:48:630     764    64c Agent     * Online = Yes; Ignore download priority = No
2013-05-09  10:04:48:630     764    64c Agent     * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-05-09  10:04:48:630     764    64c Agent     * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2013-05-09  10:04:48:630     764    64c Agent     * Search Scope = {Machine}
2013-05-09  10:04:48:630     764    64c Setup   Checking for agent SelfUpdate
2013-05-09  10:04:48:630     764    64c Setup   Client version: Core: 7.6.7600.256  Aux: 7.6.7600.256
2013-05-09  10:04:48:630     764    64c Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
2013-05-09  10:04:48:637     764    64c Misc     Microsoft signed: Yes
2013-05-09  10:04:50:897     764    64c Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
2013-05-09  10:04:50:901     764    64c Misc     Microsoft signed: Yes
2013-05-09  10:04:50:902     764    64c Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
2013-05-09  10:04:50:907     764    64c Misc     Microsoft signed: Yes
2013-05-09  10:04:50:909     764    64c Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
2013-05-09  10:04:50:913     764    64c Misc     Microsoft signed: Yes
2013-05-09  10:04:50:927     764    64c Setup   Determining whether a new setup handler needs to be downloaded
2013-05-09  10:04:50:927     764    64c Setup   SelfUpdate handler is not found.  It will be downloaded
2013-05-09  10:04:50:928     764    64c Setup   Evaluating applicability of setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256"
2013-05-09  10:04:50:931     764    64c Setup   Setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
2013-05-09  10:04:50:931     764    64c Setup   Evaluating applicability of setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
2013-05-09  10:04:50:955     764    64c Setup   Setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
2013-05-09  10:04:50:955     764    64c Setup   Evaluating applicability of setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
2013-05-09  10:04:50:990     764    64c Setup   Setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
2013-05-09  10:04:50:990     764    64c Setup   SelfUpdate check completed.  SelfUpdate is NOT required.
2013-05-09  10:04:51:205     764    64c PT  +++++++++++  PT: Synchronizing server updates  +++++++++++
2013-05-09  10:04:51:205     764    64c PT    + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://wsus-server.company.local/ClientWebService/client.asmx
2013-05-09  10:04:51:266     764    64c PT  WARNING: Cached cookie has expired or new PID is available
2013-05-09  10:04:51:266     764    64c PT  Initializing simple targeting cookie, clientId = 9f4df40d-f61e-41d5-9fd2-3cdce1823f45, target group = Servers, DNS name = wsus-server.company.local
2013-05-09  10:04:51:266     764    64c PT    Server URL = http://wsus-server.company.local/SimpleAuthWebService/SimpleAuth.asmx
2013-05-09  10:04:51:286     764    64c PT  WARNING: GetCookie failure, error = 0x8024400D, soap client error = 7, soap error code = 300, HTTP status code = 200
2013-05-09  10:04:51:286     764    64c PT  WARNING: SOAP Fault: 0x00012c
2013-05-09  10:04:51:286     764    64c PT  WARNING:     faultstring:System.Web.Services.Protocols.SoapException: Fault occurred
   at Microsoft.UpdateServices.Internal.SoapUtilities.ThrowException(ErrorCode errorCode, String message, String[] clientIds)
   at Microsoft.UpdateServices.Internal.ClientImplementation.GetCookie(AuthorizationCookie[] authCookies, Cookie oldCookie, DateTime lastChange, DateTime currentClientTime, String protocolVersion)
2013-05-09  10:04:51:286     764    64c PT  WARNING:     ErrorCode:ConfigChanged(2)
2013-05-09  10:04:51:286     764    64c PT  WARNING:     Message:(null)
2013-05-09  10:04:51:286     764    64c PT  WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/GetCookie"
2013-05-09  10:04:51:286     764    64c PT  WARNING:     ID:f50afcf7-2117-495c-9123-9aa4bf683520
2013-05-09  10:04:51:296     764    64c PT  WARNING: Cached cookie has expired or new PID is available
2013-05-09  10:04:51:296     764    64c PT  Initializing simple targeting cookie, clientId = 9f4df40d-f61e-41d5-9fd2-3cdce1823f45, target group = Servers, DNS name = wsus-server.company.local
2013-05-09  10:04:51:296     764    64c PT    Server URL = http://wsus-server.company.local/SimpleAuthWebService/SimpleAuth.asmx
2013-05-09  10:04:55:116     764    64c PT  +++++++++++  PT: Synchronizing extended update info  +++++++++++
2013-05-09  10:04:55:116     764    64c PT    + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://wsus-server.company.local/ClientWebService/client.asmx
2013-05-09  10:04:55:170     764    64c PT  WARNING: GetExtendedUpdateInfo failure, error = 0x8024400E, soap client error = 7, soap error code = 400, HTTP status code = 200
2013-05-09  10:04:55:170     764    64c PT  WARNING: SOAP Fault: 0x000190
2013-05-09  10:04:55:170     764    64c PT  WARNING:     faultstring:System.Web.Services.Protocols.SoapException: Fault occurred
   at Microsoft.UpdateServices.Internal.SoapUtilities.ThrowException(ErrorCode errorCode, Exception e, Int32 eventLogEntryId, String[] clientIds, Boolean logToEventLog)
   at Microsoft.UpdateServices.Internal.ClientImplementation.GetExtendedUpdateInfo(Cookie cookie, Int32[] revisionIds, XmlUpdateFragmentType[] fragmentTypes, String[] locales)
2013-05-09  10:04:55:170     764    64c PT  WARNING:     ErrorCode:InternalServerError(5)
2013-05-09  10:04:55:170     764    64c PT  WARNING:     Message:(null)
2013-05-09  10:04:55:170     764    64c PT  WARNING:     Method:"http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/GetExtendedUpdateInfo"
2013-05-09  10:04:55:170     764    64c PT  WARNING:     ID:37740867-4b9f-4394-b58b-12aad48d7b97
2013-05-09  10:04:55:170     764    64c PT  WARNING: PTError: 0x8024400e
2013-05-09  10:04:55:170     764    64c PT  WARNING: GetExtendedUpdateInfo_WithRecovery: 0x8024400e
2013-05-09  10:04:55:170     764    64c PT  WARNING: Sync of Extended Info: 0x8024400e
2013-05-09  10:04:55:170     764    64c PT  WARNING: SyncServerUpdatesInternal failed : 0x8024400e
2013-05-09  10:04:55:171     764    64c Agent     * WARNING: Exit code = 0x8024400E
2013-05-09  10:04:55:171     764    64c Agent   *********
2013-05-09  10:04:55:171     764    64c Agent   **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2013-05-09  10:04:55:171     764    64c Agent   *************
2013-05-09  10:04:55:171     764    64c Agent   WARNING: WU client failed Searching for update with error 0x8024400e
2013-05-09  10:04:55:180     764    bf4 AU  >>##  RESUMED  ## AU: Search for updates [CallId = {E7AC5D1F-612A-4879-9B77-83C692868D11}]
2013-05-09  10:04:55:180     764    bf4 AU    # WARNING: Search callback failed, result = 0x8024400E
2013-05-09  10:04:55:180     764    bf4 AU    # WARNING: Failed to find updates with error code 8024400E
2013-05-09  10:04:55:180     764    bf4 AU  #########
2013-05-09  10:04:55:180     764    bf4 AU  ##  END  ##  AU: Search for updates [CallId = {E7AC5D1F-612A-4879-9B77-83C692868D11}]
2013-05-09  10:04:55:180     764    bf4 AU  #############
2013-05-09  10:04:55:180     764    bf4 AU  Successfully wrote event for AU health state:0
2013-05-09  10:04:55:180     764    bf4 AU  AU setting next detection timeout to 2013-05-09 13:04:55
2013-05-09  10:04:55:181     764    bf4 AU  Successfully wrote event for AU health state:0
2013-05-09  10:04:55:181     764    bf4 AU  Successfully wrote event for AU health state:0
2013-05-09  10:05:00:171     764    64c Report  REPORT EVENT: {1C2D6590-41BD-464D-AE18-289CB7D6E254}    2013-05-09 10:04:55:171+0200    1   148 101 {00000000-0000-0000-0000-000000000000}  0   8024400e    AutomaticUpdates    Failure Software Synchronization    Windows Update Client failed to detect with error 0x8024400e.
2013-05-09  10:05:00:191     764    64c Report  CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-05-09  10:05:00:191     764    64c Report  WER Report sent: 7.6.7600.256 0x8024400e 00000000-0000-0000-0000-000000000000 Scan 101 Managed
2013-05-09  10:05:00:191     764    64c Report  CWERReporter finishing event handling. (00000000)

我发现了一些旧博客和论坛条目,它们将此问题与 Office 2003 SP1 中的故障联系起来,解决方法是拒绝/批准/拒绝该更新,但这并没有为我解决问题。

Microsoft WSUS 客户端和服务器诊断工具不能在 x64 系统上运行。

以前有人成功过这个吗?

更新:我在 C:\Program Files\UpdateServices\LogFiles\SoftwareDistribution.log 中找到了这个:

2013-05-13 14:02:46.437 UTC Warning w3wp.6  SoapUtilities.CreateException   ThrowException: actor = http://wsus-server.company.local/ClientWebService/client.asmx, ID=4db89865-40da-4520-a126-d196e3db07b6, ErrorCode=ConfigChanged, Message=, Client=d9ce7281-379b-49b8-8944-7f593c32397b
2013-05-13 14:02:50.867 UTC Error   w3wp.6  ClientImplementation.GetExtendedUpdateInfo  System.ArgumentException: The database does not contain a URL for the file 3F7E7915F44A6133B990A22A87604854C34BDF4E.

如果我搜索“3F7E7915F44A6133B990A22A87604854C34BDF4E”,Google 会彻底失败,因此我不确定那到底是什么,但似乎它的数据库条目不完整。与上游 WSUS 同步日志未显示任何错误。

更新 2:所以看起来我的上游似乎有些奇怪。我发现,如果我安装一个新的 WSUS 实例并从 Microsoft 同步它,一切都会顺利进行。如果我在配置期间或之后将其作为现有 WSUS 服务器的下游副本,它就会中断。更奇怪的是,我的上游本身和另一个现有副本似乎运行良好。看起来我只需要在所有 3 个站点中构建新的 WSUS 实例并重新开始,忽略现有的上游。

更新 3:我构建了一个新的 WSUS 上游服务器,从头开始,以免带来原始上游数据库中发生的任何异常。将我的 2 个副本指向我的新上游。几天内一切都很好。5 天前,副本再次停止从客户端获取状态更新。WTF?!?!

更新 4:我已经向微软提交了相关支持请求,希望能取得一些成果。

更新 5:在 Microsoft 产品支持人员花费了无数个小时检查并重新检查我已经检查过的所有相同内容之后,我怀疑自己偶然发现了原因。我们的初级系统管理员最近发现本地更新发布者并开始使用它向工作站推送 Adob​​e 和 Java 更新。Local Update Publisher 的安装时间与下游客户端上次报告状态的时间完全吻合。我正在查看产品文档以确定需要做什么来解决这个问题。

答案1

不久前,我在 Windows Server 2008 R2 上迁移到 WSUS 3.0 SP2 时也遇到了类似的问题。经过几个小时的折腾,我终于用 KB2720211 解决了这个问题。我不知道为什么它有效,因为它似乎并没有直接解决我当时从客户端收到的错误代码 (800b0001),但在进一步诊断之前确保 WSUS 版本已完全修补似乎是合乎逻辑的。

您可以使用以下说明http://support.microsoft.com/kb/2720211

由于我的设置仅涉及一台 WSUS 服务器,因此下载补丁后我只需使用网站上的以下说明即可。

1.设置 WSUS。为此,请在命令提示符下键入以下命令之一(适用于您的系统):
WSUS-KB2720211-x64.exe /q C:\MySetup.log
WSUS-KB2720211-x86.exe /q C:\MySetup.log

更新将立即安装,无需任何提示。

2.查看安装日志以验证升级是否成功。为此,请在命令提示符下键入C:\MySetup.log

3.确保 IIS 和 WSUS 服务已停止。为此,请在命令提示符下键入以下命令:

iisreset/stop
net stop wsusservice

答案2

0x8024400D/SOAP 0x12c 错误几乎总是(如今)客户端具有重复的 SusClientID 的表现。请参阅 MicrosoftKB903262以获取补救说明。

0x8024400E/SOAP 0x190 错误通常是 WSUS 数据库中存在不良更新的表现。请确保您已拒绝所有过期更新(通常为“不良”更新),并拒绝所有被取代/不需要的更新。

答案3

因此,经过近 3 个月的时间以及在 Microsoft PSS 上花费了数十个小时之后,我终于偶然找到了答案。

事实证明,根本原因是本地更新发布者

当你实现 Local Update Publisher 时,你应该作为受信任的发布者和受信任的根证书颁发机构将 WSUS SSL 证书分发给所有 WSUS 客户端事实证明,我的同事只将其分发到了工作站,而不是服务器。

我不清楚内部的具体细节,但一旦我将 SSL 证书分发给所有 WSUS 客户端,他们就会开始正常接收更新和报告状态。

相关内容