Troubleshooting Server/Client Side error's for wsus server 2003/2008

Basic WSUS 3.0 SP1 troubleshooting

When i check the log under c:\WINDOWS\WindowsUpdate.log i get the following error "Error 0x80072efd occurred while downloading update; notifying dependent calls"

• Solution to this is as follows

• go to RUN and type "gpedit.msc" on the client PC and check if server name/IP is correct or not.
• If you have installed a new Anti-virus/Firewall, check if it has blocked any ports (which may have blocked the updates)
• Clear the BITS queue
  
  • Click on start -> run
  • Type "services.msc"
  • Select "Background Intelligent transfer service", then restart this service. (stop and start resolved my problem)
• Run the ClientDiag tool. you can download it from http://download.microsoft.com/download/9/7/6/976d1084-d2fd-45a1-8c27-a467c768d8ef/WSUS%20Client%20Diagnostic%20Tool.EXE

installing another WSUS Server ?

 

you need another server with the same as the above requirements. we need to create this WSUS as a replica before doing anything, install the server and if you get an error like this application needs to be closed "microsoft.updateServices.UI.OOBEWizard.exe has stopped working"
please check for permission error
\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
Make sure that the NTAUTHORITY\Network Service account has *WRITE* permissions
here is the list of other errors i faced and their solution :-

if you get an error "Error 0x80244019" 

please check the port on which wsus services are setup by default it is setup on port no 80, if you have installed another wsus server, its services would be installed on another port, so the default secondary port is 8530
so when writing the server name in "gpedit.msc" under administrative tepmlates -> windows components -> windows updates -> specify the server name as http:\\serverip or http:\\serverip:8530, this should take care of that error. once you have completed this step please run the command "wuauclt /detectnow", make a note of the time that you executed this command and check the c:\WINDOWS\WindowsUpdate.log after a minute, everything should be ok.

if you get an error "One or more Update Service components could not be contacted. Check your server status and ensure that the Windows Server Update Service is running. Non-running services: WSUSservice"

• go to run and type "services.msc" make sure that "update services" entry has been started (if already started then please restart)
• also tried another command under run (you need to be admin to execute this command) go to run type "cmd" and then in dos type iisreset

this should resolve the issue.

if you notice some problem in your c:\WINDOWS\WindowsUpdate.log an error "Server URL = http:\\xxx.xxx.xxx.xxx/SimpleAuthWebService/SimpleAuth.asmx"

this is an error on the client and settings have to be changed on the client or through group policies.

Using group policies objects from server

• log into the server and open "Group Policy Management"
• open Group Policy Management -> Forest: "forest name" -> Domains -> "Domain name" -> Group Policy Objects -> select the policy in which you have defined WSUS settings
• click on the "Settings" tab on the right side of the window
• Select Computer Configuration -> policies -> Administrative Templates
• right click on "Windows Components/Windows Update" and select edit
• Select Computer Configuration -> Administrative templates -> windows Components -> Windows Update
  
  • 4th option on the right side of the window "Specify Intranet Microsoft Update Service Location" -> type http://servername/ or http://servername:8530/ instead of http:\\serverip or http:\\serverip:8530
  • Select Apply, Click on OK.
  • go to run and type "cmd" and then type "ipconfig /flushdns"

if you want your computer to look for windows updates on the WSUS server go to start -> Run type "wuauclt /detectnow"

Using group policies on local machine (non domain machine) but on the same network

• Go to start -> Run, type "gpedit.msc"
• Under Local Computer Policy select Computer Configuration -> Administrative templates -> windows Components -> Windows Update
• Under configure Automatic updates 
• Select enable
• Under configure select "auto download and notify for install"
• Select appropriate day and time you want the updates to occur
• Click Next Setting
•  Under Specify internet Microsoft update Service location
• Select Enable
• Set the intranet update service for detecting updates Type the name/ip e.g. http://server01/ or http://server01:8530/
• Click Next Setting
• Under Client side targeting
• Type the name of that computer
• Click Next Setting
• Under Reschedule auto updates scheduled installations
• Select Enable
• Under startup(minutes) select 1
• Click Next Setting
• Under No Auto-Restart with loged on users for scheduled automatic updates
• Select Enable
• Click Next Setting
• Under Automatic updates detection frequency
• Select Enable
• Interval houes : 22
• Click Next Setting
• Under Automatic updates immediate installation
• Select Enable
• Click Next Setting
• Under Delay restart of installation
• Select Enable
• Restart (minutes) : 30
• Click Next Setting
• Under reprompt to restart with schedulled installations (if you want the user to prompt for restart after scheduled installation)
• Select Enable/disable (as per your choice)
• Restart in (minutes) 1440
• Click Next Setting
• Under Allow non-administrators to recieve update notification
• Select Enable
• Click Next Setting
• Under Enable recommended updates via Automatic Updates
• Select Disable
• Click Next Setting
• Select Apply, Click on OK.
• go to run and type "cmd" and then type "ipconfig /flushdns"

If you want your computer to look for windows updates on the WSUS server

• go to start -> Run type "wuauclt /detectnow"
• Check "C:\WINDOWS\WindowsUpdate.log" if your client is trying to contact your WSUS server or microsoft