WSUS 客户端找不到更新

tag-icon tag-icon windows-server-2012 windows wsus windows-update
WSUS 客户端找不到更新

我在 Windows Server 2012 R2 上安装了 WSUS,并通过组策略配置了工作站和客户端,以便自动从 WSUS 安装更新。WSUS 检测到服务器并向 WSUS 服务器报告。在 WSUS 服务器中,我可以看到服务器缺少 53 个更新。我昨天为包含该服务器的计算机组批准了这些更新。但如果我在服务器上搜索更新,则找不到任何更新。到目前为止,我已检查了以下内容:

  • 服务器被 WSUS 服务器检测到
  • 服务器正在联系并向 WSUS 服务器报告
  • 包含服务器的计算机组所需的更新已获批准(计算机组名称:“Prod_01”)
  • GPO 应用正确
  • 多次尝试这些命令没有任何影响:wuauclt /resetauthorization /detectnow /reportnow

如果我查看 windowsupdate.log,我可以看到以下内容:

2015-01-06  08:34:36:715      12    1508    Setup   Checking for agent SelfUpdate
2015-01-06  08:34:36:808      12    1508    Setup   Client version: Core: 7.6.7600.320  Aux: 7.6.7600.320
2015-01-06  08:34:36:824      12    1508    Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2015-01-06  08:34:36:840      12    1508    Misc     Microsoft signed: NA
2015-01-06  08:34:36:840      12    1508    Misc    WARNING: Cab does not contain correct inner CAB file.
2015-01-06  08:34:36:840      12    1508    Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2015-01-06  08:34:36:855      12    1508    Misc     Microsoft signed: NA
2015-01-06  08:34:36:855      12    1508    Setup   Wuident for the managed service is valid but not quorum-signed. Skipping selfupdate.
2015-01-06  08:34:36:855      12    1508    Setup   Skipping SelfUpdate check based on the /SKIP directive in wuident
2015-01-06  08:34:36:855      12    1508    Setup   SelfUpdate check completed.  SelfUpdate is NOT required.
2015-01-06  08:34:38:462      12    1508    PT  +++++++++++  PT: Synchronizing server updates  +++++++++++
2015-01-06  08:34:38:462      12    1508    PT    + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://wsus.schule.local:8530/ClientWebService/client.asmx
2015-01-06  08:34:38:571      12    1508    PT  WARNING: Cached cookie has expired or new PID is available
2015-01-06  08:34:38:571      12    1508    PT  Initializing simple targeting cookie, clientId = 0c4aed4f-6c60-46a0-b29b-f2080ea315c1, target group = , DNS name = wsus-server
2015-01-06  08:34:38:571      12    1508    PT    Server URL = http://wsus.schule.local:8530/SimpleAuthWebService/SimpleAuth.asmx
2015-01-06  08:34:53:844      12    1508    Agent     * Found 0 updates and 76 categories in search; evaluated appl. rules of 699 out of 1392 deployed entities
2015-01-06  08:34:53:844      12    1508    Agent   *********
2015-01-06  08:34:53:844      12    1508    Agent   **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2015-01-06  08:34:53:844      12    1508    Agent   *************
2015-01-06  08:34:53:859      12    16b4    AU  >>##  RESUMED  ## AU: Search for updates [CallId = {95840C02-E405-419D-9DA4-260BC14AA845}]
2015-01-06  08:34:53:859      12    16b4    AU    # 0 updates detected
2015-01-06  08:34:53:875      12    16b4    AU  #########
2015-01-06  08:34:53:875      12    16b4    AU  ##  END  ##  AU: Search for updates [CallId = {95840C02-E405-419D-9DA4-260BC14AA845}]
2015-01-06  08:34:53:875      12    16b4    AU  #############
2015-01-06  08:34:53:875      12    16b4    AU  Successfully wrote event for AU health state:0
2015-01-06  08:34:53:875      12    16b4    AU  Featured notifications is disabled.
2015-01-06  08:34:53:875      12    16b4    AU  AU setting next detection timeout to 2015-01-06 10:20:45
2015-01-06  08:34:53:875      12    16b4    AU  Setting AU scheduled install time to 2015-01-11 01:00:00
2015-01-06  08:34:53:875      12    16b4    AU  Successfully wrote event for AU health state:0
2015-01-06  08:34:53:875      12    16b4    AU  Successfully wrote event for AU health state:0
2015-01-06  08:34:58:851      12    1508    Report  REPORT EVENT: {73BBAB28-58E9-45AC-B910-731F8958C456}    2015-01-06 08:34:53:844+0100    1   147 101 {00000000-0000-0000-0000-000000000000}  0   0   AutomaticUpdates    Success Software Synchronization    Windows Update Client successfully detected 0 updates.

在第 12 行,我可以看到客户端正在连接到正确的 WSUS 服务器,但在第 14 行,“目标组”为空,应该是“Prod_01”。那么有人能解释一下我做错了什么吗?或者为什么目标组至少 24 小时没有更新?

答案1

由于我看到了 cookie 警告,请按照那里的步骤重新同步;http://support.microsoft.com/kb/903262(克隆机器?)

引自 KB;

Click Start, click Run, type cmd in the Open box, and then click OK.
At the command prompt, type net stop wuauserv, and then press ENTER.
Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
In the details pane of Registry Editor, delete the following registry entries:
    PingID
    AccountDomainSid
    SusClientId
    SusClientIDValidation
Note Windows Update Agent 3.0 adds the SusClientIDValidation value. This value was released in May 2007. The other registry entries

存在于 Windows Update Agent 2.0 和 Windows Update Agent 3.0 中。退出注册表编辑器。在命令提示符下,键入 net start wuauserv,然后按 ENTER。在命令提示符下,键入 wuauclt.exe /resetauthorization /detectnow,然后按 ENTER。等待 10 分钟以完成检测周期。启动 WSUS 控制台以确保客户端出现在 WSUS 控制台中。

答案2

又过了一天,我终于“解决”了这个问题,但说实话,这并不是什么大问题。WSUS 服务器仍在下载更新,如果更新尚未下载,客户端将无法识别这些更新。现在一切都正常了。

无论如何感谢您的贡献。

答案3

根据我的经验,WSUS 客户端需要一段时间才能检测到变化,但在我看来,它应该在 25 小时内检测到。

您可以尝试:

  1. 关闭 WSUS 客户端服务
  2. 将 SoftwareDistribution 文件夹重命名为 SoftwareDistribution-back
  3. 重新打开 WSUS 客户端服务
  4. 跑步wuauclt /resetauthorization /detectnow

这应该可以让服务器再次下载其配置,从而有望让服务器检测到更新。

相关内容