• WSUS not getting any updates


    I believe support for WSUS 3.2 because of old TLS has ended. I use Win 2012 R2, which is WSUS 5.1, yes?

    Since May patch Tuesday I have not seen any patches. One patch a few days ago for Office 2016 but that’s all. Last patch was 2021-05 SSU for 1809 (but no CU)

    All of our client devices are 1809 LTSC.

    I was going to reinstall Windows et al but it’s a full days work then I came across this site and thought I’d just ask.

    Did I Miss something else?


    Viewing 15 reply threads
    • #2369594

      WSUS 3.0 SP2: No longer usable after October 31, 2021 | Born’s Tech and Windows World (borncity.com)ย  It’s getting close to not working but still should be operational at this time.ย  Anything in the sync logs?

      Susan Bradley Patch Lady

    • #2369595

      Isn’t Win 2012 R2 WSUS 5.1? So the end of support for 3.2 is not applicable?

      No, syncing is fine, just 0 updates detected since May’s Patch Tuesday.

      I usually only install the Security Only updates for the server, but as there was an issue in May with the updates, the fix being listed as KB5003209, I installed that patch.

      Nothing unusual in the event logs.

      I noted that in Sept 2020 that Microsoft made changes to the group policy re proxies, and I’ve tried each of the different values for that but no luck

      • #2369597

        True that, it’s Server 2008 R2 that’s going out in October.ย  I’ve not seen anything reported on the patchmanagement.org list. What products are selected?

        Susan Bradley Patch Lady

    • #2369599

      Windows 10, Windows 10 1809 and later servcing drivers, Windows 10 LTSB, Windows 10S 1809, and of course, Windows 2012 R2.

      I’ve tried several different W10 products thinking I may have had something missing, but it hasn’t made any difference.

      I better start planning for a long weekend of rebuilding next weekend ๐Ÿ™

    • #2369610

      That’s $100 per year in Au. IIRC, I used at my old job it when it was free. That would be 3 or 4 years ago now. When he made it a subscription service I did ask the boss. In the interest of keeping things clean, I’ll not repeat her response here ๐Ÿ™‚

      I’ll have a look around.. Maybe I still have the old script here somewhere

    • #2369618

      I think spiceworks may still have the script. Welcome to the world of computing – everything is subscription.

      Susan Bradley Patch Lady

    • #2369643

      $100 per year for a WSUS server is not even a cost. Spend 1 hour doing maintenance once a month and you have spent $600 minimum.

      cheers, Paul

    • #2369829

      Well, it ran for 6 hours, got me back 13GB of disk space but doesn’t appear to have fixed the problem.

      I will now try remove the role then re-add it and see if that solves the problem.

      byw: I get paid $21 per hour ๐Ÿ™‚ But I don’t make the financial decisions. It doesn’t help when you boss has no technical knowledge whatsoever.


      • #2369865

        That’s what you get paid but the cost to the employer is probably twice that – taxes, insurance etc.ย  ๐Ÿ™‚

        And why does your employer not trust your judgement when it comes to technical matters?

        cheers, Paul

    • #2369876

      The clean-wsus script did not resolve the matter.

      I removed and re-added the role, and that took most of the day as it kept failing. Then I stumbled across a post that said the post installation configuration is not compatible with .net 4.7. So once I removed the role/features, cleaned everything up I managed to get it installed.

      It only found one patch; the remove flash patch for one PC.

      I have put a couple of PCs back to 2021-03 CU level to see if a synchronize would detect 2021-04 and 2021-05 would be offered. No luck.

      Also, the office 2016 patch, which was still needed for a few PCs is no longer offered.

      Enough for today.

      It’s a simple matter of money. I get paid regardless of what I’m working on. Having WSUS not working is not a big issue to management. It doesn’t cost them $600 more to have me manually touch the PCs, but with all costs considered, it will cost more to purchase the subscription.ย  We are enduring our 4th lock down and business is bad. If it isn’t a matter of life or death, it isn’t going to happen.

      I found a copy of the script (v3) that I had used a few years ago. Since it didn’t resolve the issues, that didn’t help my case to pay for a subscription.

      But, with all due respect, I’d rather focus on getting things working than on office politics.



    • #2370054

      I gave it another try this morning. I’ve got the server back to where it was before I started looking into this. The 2021-04 updates are now available for the PCs I rolled back to 2021-03, but I am still only seeing the 2021-05 SSU.

      When I look at unapproved updates, they are all there (eg 2021-05 CU), but are showing as needed by 0 computers. All the PCs are on LTSC. Why would WSUS think no PCs need the updates? Even today’s Patch Tuesday updates are showing as unapproved and needed by 0 computers.

      Or am I missing something else?

      Did Microsoft change how updates are handled in May? WSUS does service LTSC, right?

    • #2370095

      There are no stupid questions. Yes, I definitely have the category ticked.

    • #2370097

      Is there anything in the event logs on the server itself?ย  It syncs okay (even if it doesn’t get new updates)?

      Susan Bradley Patch Lady

    • #2370127

      Yes, it syncs ok. Nothing in the event logs that I can see.

      Looks like the next step is to install Windows from scratch and all the other applications. Joy ๐Ÿ™

    • #2370829

      Got in this morning, and the updates were showing. They showed up on the latest sync. Took a week for them to be detected, but at least I don’t have to re-install Windows now.

      No idea why they didn’t show up for so long.

      Will monitor and see how it goes.

    • #2370853

      Actually, I should clarify; No new updates showed since the April 21 updates except the 2021-05 CUs. Despite these being applied to PCs, no new updates showed after that either, including office 2016 updates.

      Running the clean up script didn’t appear to resolve the problem. It was only several days after completely removing the WSUS role and reinstalling it that updates eventually showed up.

      PCs report daily, and when checking the console I could see them reporting in.

      Seems WSUS just had a mind of it’s own and eventually decided to cooperate. Gosh, I do so love Windows ๐Ÿ™

    • #2371026

      Correction “…except to 2021-05 SSUs”

    • #2371653

      The company I work for creates Master drives with an OEM Windows 10 1909 IoT Enterprise key. The issue is that the three updates for 1909 that were released in June refuse to install from our WSUS server. All previous updates installed on this version of windows, but no matter what we do we cannot get them to install. If I use a different key, the updates immediately apply. Additionally, if the drive was at 1809 (not IoT) Enterprise and we update it to 1909 with the feature update then the updates DO apply. The Master drive for 20H2 is also an IoT and it installs the June updates. Is anyone else on the planet having the same issue with this version of windows this month? We have been searching high and low for anyone having similar issues this month but cannot find anything. Microsoft gave us a different key to try and it’s not working either.

      It looks like it could be the applicability rules for that update, but then I would think someone else would have the same issue we are having. Is there something wrong with Windows 10 IoT Enterprise?

      Thoughts anyone? I’m out of ideas and we are talking about 2000 machines that will not get updates.

      Thank you in advance,

    Viewing 15 reply threads
    Reply To: WSUS not getting any updates

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: