WSUS clients install updates properly but don't send any status reports back to the server

WSUS clients install updates properly but don't send any status reports back to the server

  • Comments 6
  • Likes

Here's a cool tip and a cool tool that was sent to me by Joe Tindale, one of the top Support Escalation Engineers in our WSUS group.  If you find that your WSUS clients are not sending status updates back to the server then this is something you'll want to check out:

=================

Issue: You may notice that your clients will check into WSUS and install updates properly but don't send any status reports back to the server even though you can see that events were being generated locally.  If you review the IIS logs you may also see that the client IP addresses never attempt to post to the WSUS servers "reportingwebservice".

We saw the following in the windowsupdate.log so we know it was generating local reporting events:

2008-02-21    05:22:58:989     668    1408    Report    REPORT EVENT: {91CFE792-1064-473B-8AA0-C9E392F2E76C}    2008-02-21 05:22:53:989-0500    1    162    101    {671ACCFF-0C42-4DDF-AF69-50DA8004EC29}    100    0    AutomaticUpdates    Success    Content Download    Download succeeded.
2008-02-21    05:22:58:989     668    1408    Report    REPORT EVENT: {1060A038-6F4D-49BB-9CA6-E02FADD13DE9}    2008-02-21 05:22:54:001-0500    1    188    102    {00000000-0000-0000-0000-000000000000}    0    0    AutomaticUpdates    Success    Content Install    Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ?Friday, ?February ?22, ?2008 at 3:00 AM:  - Definition Update for Microsoft Forefront Client Security (Antimalware 1.27.6904.0)

What we didn't see was something like the following which would tell us that the client was uploading those reporting events to the WSUS server:

2008-02-16    00:39:00:494     668    8d0    Report    Uploading 2 events using cached cookie, reporting URL = http://some_WSUS_server/ReportingWebService/ReportingWebService.asmx
2008-02-16    00:39:00:932     668    8d0    Report    Reporter successfully uploaded 2 events.

Even if you try forcing a report and taking a network trace you'll never see any traffic to the reportingwebservice. 

Note: You can force a report from the command line with the following: wuauclt /reportnow

Cause: This can occur if ConfigMgr 2007 had been previously installed on the server as a Software Update Point (SUP) and Automatic Update reporting events was set to "Do not create WSUS reporting events":

image

Note: These settings were added specifically for ConfigMgr 2007 to reduce the number of reporting events sent back to the WSUS server.  This configuration sets a value within WSUS and then WSUS tells the Automatic Update agent on each client to configure reporting accordingly.

Resolution: In my case ConfigMgr 2007 had already been uninstalled so we could not revert the setting back to "Create all WSUS reporting events" unless ConfigMgr 2007 was reinstalled, however the above settings are exposed via a "clientreportinglevel" property of "IUpdateServerConfiguration" so  I wrote a tool to configure the various members of this property:

All = Clients should send all reporting information to the server
None = Clients should not report update status or activity reports to the server
StatusOnly = Clients should send update status reports to the server, but not activity reports.

For more information on these properties see:

The tool I wrote has a "/?" option which will display the help menu.  It first displays the current reporting level and then gives you the options to change the reporting level:

C:\Users\Administrator\Desktop>WSUS_Reporting_Level.exe /?

Current Reporting Level: All

Please enter a numeric option:
Press '1' to set the client reporting level to 'ALL'.
Press '2' to set the client reporting level to 'NONE'.
Press '3' to set the client reporting level to 'STATUS ONLY'.
Press '4' to exit.

Once you set the clientreportinglevel to "All" the clients should start to send status reports within a short period of time.

To download my WSUS_Reporting_Level tool visit http://www.codeplex.com/WSUS/Release/ProjectReleases.aspx?ReleaseId=19272.

========

Keep in mind that the standard disclaimers apply (e.g. Microsoft has not fully tested this tool, use at your own risk, we make no warranties or guarantees as to the suitability of this tool, etc. etc.).

Thanks Joe!

J.C. Hornbeck | Manageability Knowledge Engineer

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • I have this problem on a freshly installed WSUS 3 SP2 server.  I ran the tool thought and it said I am set to "all".  Any other ideas on this?  Right now when I find one of these machines, I run a script on it that stops the server, creates a new WSUS SID (not A.D.) SID and it reconnects to the server.  This works 90% of the time.  But I would like to fix this on the server end if possible.

  • Amazing - this has been baffling me for 2 months - could not get my clients to report in any more.

    Thanks!

  • Awesome, this was driving me crazy for a while too.  I was working on moving to SCCM, but had issues with it working correctly, so for the time being, I reverted back to WSUS until I get SCCM configured correctly on a new server. Thanks much for this all is working good now.

  • Thanks so much.  The WSUS_Reporting_Level executable, works as described, on the x64 bit WSUS::Server 2008 R2, transitively instructing the WSUS client machines to once again, begin sending the ReportingWebService update results back upstream.

  • Anyone able to run this on WSUS for Server 2012? gives me an error, even running as Administrator

  • Thank you for this article!
    I've had similar issues after SUP role removed on SCCM 2012 and WSUS Clients went "The computer has not reported status yet".
    You saved me from setting a test virtual machine with second wsus server.