Hallo,
seit einigen Tagen erhalten meine Windows Clients keine Systemupdates mehr die in der Vergangenheit erfolgreich via WSUS verteilt wurden.
zum Setup
Server
##
* Windows 2003 SBS SP2
* WSUS 3.1.60001.65
* keine Windows-Domäne
Clients:
##
* Windows XP Pro
* Windows Vista Business
Auf der Clientseite wurden die Update-Settings via gpedit.msc manuell eingetragen - die Gruppenzuordnung erfolgt am Server.
Ein Blick in die Update Logs eines Test-Clients
Windows XP - der die Updates quasi Termin aufgedrückt kriegt.
<code>
2009-08-05 14:25:26:259 988 5d0 AU AU found 0 updates for install at shutdown
2009-08-05 14:25:26:306 2312 934 Misc =========== Logging initialized (build: 7.2.6001.788, tz: +0200) ===========
2009-08-05 14:25:26:306 2312 934 Misc = Process: C:\WINDOWS\Explorer.EXE
2009-08-05 14:25:26:306 2312 934 Misc = Module: C:\WINDOWS\system32\wuaueng.dll
2009-08-05 14:25:26:306 2312 934 Shutdwn Install at shutdown: no updates to install
2009-08-05 14:25:33:025 988 570 AU ########### AU: Uninitializing Automatic Updates ###########
2009-08-05 14:25:33:916 988 570 Agent Sending shutdown notification to client
2009-08-05 14:25:33:931 988 570 Service *********
2009-08-05 14:25:33:931 988 570 Service ** END ** Service: Service exit [Exit code = 0x240001]
2009-08-05 14:25:33:931 988 570 Service *************
2009-08-05 14:26:58:562 988 834 Misc =========== Logging initialized (build: 7.2.6001.788, tz: +0200) ===========
2009-08-05 14:26:58:562 988 834 Misc = Process: C:\WINDOWS\System32\svchost.exe
2009-08-05 14:26:58:577 988 834 Misc = Module: C:\WINDOWS\system32\wuaueng.dll
2009-08-05 14:26:58:562 988 834 Service *************
2009-08-05 14:26:58:577 988 834 Service ** START ** Service: Service startup
2009-08-05 14:26:58:593 988 834 Service *********
2009-08-05 14:26:58:952 988 834 Agent * WU client version 7.2.6001.788
2009-08-05 14:26:58:968 988 834 Agent * Base directory: C:\WINDOWS\SoftwareDistribution
2009-08-05 14:26:59:109 988 834 Agent * Access type: No proxy
2009-08-05 14:26:59:109 988 834 Agent * Network state: Connected
2009-08-05 14:27:44:202 988 834 Agent *********** Agent: Initializing Windows Update Agent ***********
2009-08-05 14:27:44:202 988 834 Agent *********** Agent: Initializing global settings cache ***********
2009-08-05 14:27:44:202 988 834 Agent * WSUS server: http:/name.des.servers:8530
2009-08-05 14:27:44:202 988 834 Agent * WSUS status server:
(Du musst Dich Einloggen oder Registrieren um Multimediadateien oder Links zu sehen).2009-08-05 14:27:44:202 988 834 Agent * Target group: (Unassigned Computers)
2009-08-05 14:27:44:202 988 834 Agent * Windows Update access disabled: No
2009-08-05 14:27:44:843 988 834 DnldMgr Download manager restoring 0 downloads
2009-08-05 14:27:44:843 988 834 AU ########### AU: Initializing Automatic Updates ###########
2009-08-05 14:27:44:843 988 834 AU # WSUS server:
(Du musst Dich Einloggen oder Registrieren um Multimediadateien oder Links zu sehen).2009-08-05 14:27:44:843 988 834 AU # Detection frequency: 1
2009-08-05 14:27:44:843 988 834 AU # Approval type: Pre-install notify (Policy)
2009-08-05 14:27:44:843 988 834 AU # Auto-install minor updates: Yes (Policy)
2009-08-05 14:27:44:843 988 834 AU AU finished delayed initialization
2009-08-05 14:27:44:984 988 834 Report *********** Report: Initializing static reporting data ***********
2009-08-05 14:27:44:984 988 834 Report * OS Version = 5.1.2600.3.0.65792
2009-08-05 14:27:45:015 988 834 Report * Computer Brand = VMware, Inc.
2009-08-05 14:27:45:015 988 834 Report * Computer Model = VMware Virtual Platform
2009-08-05 14:27:45:015 988 834 Report * Bios Revision = 6.00
2009-08-05 14:27:45:015 988 834 Report * Bios Name = PhoenixBIOS 4.0 Release 6.0
2009-08-05 14:27:45:015 988 834 Report * Bios Release Date = 2008-12-18T00:00:00
2009-08-05 14:27:45:015 988 834 Report * Locale ID = 1031
2009-08-05 14:41:46:202 736 630 Misc =========== Logging initialized (build: 7.2.6001.788, tz: +0200) ===========
2009-08-05 14:41:46:202 736 630 Misc = Process: C:\Programme\Microsoft Security Essentials\msseces.exe
2009-08-05 14:41:46:202 736 630 Misc = Module: C:\WINDOWS\system32\wuapi.dll
2009-08-05 14:41:46:202 736 630 COMAPI -------------
2009-08-05 14:41:46:202 736 630 COMAPI -- START -- COMAPI: Search [ClientId = Microsoft Security Essentials]
2009-08-05 14:41:46:202 736 630 COMAPI ---------
2009-08-05 14:41:46:218 736 630 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = Microsoft Security Essentials]
2009-08-05 14:41:46:218 988 c58 Agent *************
2009-08-05 14:41:46:218 988 c58 Agent ** START ** Agent: Finding updates [CallerId = Microsoft Security Essentials]
2009-08-05 14:41:46:218 988 c58 Agent *********
2009-08-05 14:41:46:218 988 c58 Agent * Online = Yes; Ignore download priority = No
2009-08-05 14:41:46:218 988 c58 Agent * Criteria = "(IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains'6cf036b9-b546-4694-885a-938b93216b66' and CategoryIDs contains '0FA1201D-4330-4FA8-8AE9-B877473B6441') OR (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains'6cf036b9-b546-4694-885a-938b93216b66' and CategoryIDs contains 'E6CF1350-C01B-414D-A61F-263D14D133B4') OR (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains'6cf036b9-b546-4694-885a-938b93216b66' and CategoryIDs contains '28BC880E-0592-4CBF-8F95-C79B17911D5F') OR (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains'6cf036b9-b546-4694-885a-938b93216b66' and CategoryIDs contains 'B54E7D24-7ADD-428F-8B75-90A396FA584F') OR (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains'6cf036b9-b546-4694-885a-938b93216b66' and CategoryIDs contains 'CD5FFD1E-E932-4E3A-BF74-18BF0B1BBD83') OR (IsInstalled = 0 and IsHidden = 0 and CategoryIDs contains'6cf036b9-b546-4694-885a-938b93216b66' and CategoryIDs contains '68C5B0A3-D1A6-4553-AE49-01D3A7827828')"
2009-08-05 14:41:46:218 988 c58 Agent * ServiceID = {00000000-0000-0000-0000-000000000000}
2009-08-05 14:41:46:218 988 c58 Agent * Search Scope = {Machine}
2009-08-05 14:41:46:609 988 c58 PT WARNING: StartCategoryScan failed : 0x80240436
2009-08-05 14:41:46:609 988 c58 Agent WARNING: Server does not support CatScan. Falling back to full catalog sync...
2009-08-05 14:41:46:609 988 c58 Agent Server changed and need resyncing with server
2009-08-05 14:41:47:140 988 c58 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2009-08-05 14:41:47:140 988 c58 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =
(Du musst Dich Einloggen oder Registrieren um Multimediadateien oder Links zu sehen).2009-08-05 14:41:51:187 988 c58 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2009-08-05 14:41:51:187 988 c58 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =
(Du musst Dich Einloggen oder Registrieren um Multimediadateien oder Links zu sehen).2009-08-05 14:41:51:546 988 c58 Agent * Found 0 updates and 6 categories in search; evaluated appl. rules of 284 out of 527 deployed entities
2009-08-05 14:41:51:562 988 c58 Agent *********
2009-08-05 14:41:51:562 988 c58 Agent ** END ** Agent: Finding updates [CallerId = Microsoft Security Essentials]
2009-08-05 14:41:51:562 988 c58 Agent *************
2009-08-05 14:41:51:577 736 698 COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = Microsoft Security Essentials]
2009-08-05 14:41:51:577 736 698 COMAPI - Updates found = 0
2009-08-05 14:41:51:577 736 698 COMAPI ---------
2009-08-05 14:41:51:577 736 698 COMAPI -- END -- COMAPI: Search [ClientId = Microsoft Security Essentials]
2009-08-05 14:41:51:577 736 698 COMAPI -------------
2009-08-05 14:41:56:562 988 c58 Report REPORT EVENT: {38918E77-CE87-4320-A0C6-7E35011FEB6F} 2009-08-05 14:41:51:562+0200 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 Microsoft Security Essentials Success Software Synchronization Windows Update Client successfully detected 0 updates.
2009-08-05 14:41:56:562 988 c58 Report REPORT EVENT: {DDD9AD8E-C482-4809-BFA1-7D5061F7CBDB} 2009-08-05 14:41:51:562+0200 1 156 101 {00000000-0000-0000-0000-000000000000} 0 0 Microsoft Security Essentials Success Pre-Deployment Check Reporting client status.
</code>
Alternative Log-auszüge von anderen Testclients kann ich gerne nachreichen - aktuell bin ich wohl ans Zeichenlimit eines Posts gestoßen.
Lt. WSUS-Client Report fehlen diesem Rechner auch noch Patches - was ich mit annäherend 100% bestätigen kann.
Die Frage ist nun ... an welchen Stellen kann ich als Nächstes nach der Ursache suchen ?
Gibt es vergleichbar zum WindowsUpdate.log der Clients ein Log des WSUS-Servers in dem er die einzelnen Verbindugsaufnahmen der Clients mitprotokolliert ?
Sehr ihr ggf schon ein Problem in obigem Log ?
Über Ideen / Anregungen etc würde ich mich sehr freuen.
Gruss
fidel