K kupkoid New member Joined Apr 20, 2017 Posts 3 Jun 7, 2018 #1 Hi All, I want to preface my post by disclaiming we are using SCCM CB (1710) for managing Windows Update. Also this issue is on one server and one server only. This one Windows Server 2008R2 SP1 is not finding new updates since December 2017. What I did to troubleshoot the isue (not necessarily in order): - dism / checksur - SFC /scannow - SFCFix - SCCM Agent policy flush - SCCM Agent reinstall - SoftwareDistribution folder rename - Catroot2 folder flush (moved all the content away to backup folder) - I've deleted Registry.POL file in C:\Windows\System32\GroupPolicy\Machine\ No errors. No entries in log files which would point me in any direction (I went through WindowsUpdate.log, CBS.log, various SCCM logs related to WU). The WSUS / SUP policy version is correct - this was checked on multiple places in WMI on the server. The only sign that the server is actually not receiving updates lays in WMI - Code: gwmi -ComputerName [computername] -Namespace "root\ccm\softwareupdates\updatesstore" -Class ccm_updatestatus | select Article,Bulletin,Title,Status,UniqueID | Out-GridView When I run this query, everything newer than 12/2017 is simply not there. The instances are not present in the object. Server is pointing to correct SUP. Double and triple checked. SUP is reachable from the server. There is no apparent issue with SCCM infra communication (apart from updates other policies and software distributions are working properly) Any ideas for further troubleshooting steps? PS: I can't upload any logs as per company policy but I can assure you there weren't any errors or weird entries present. No corruptions were found. Everything looks pristine.
Hi All, I want to preface my post by disclaiming we are using SCCM CB (1710) for managing Windows Update. Also this issue is on one server and one server only. This one Windows Server 2008R2 SP1 is not finding new updates since December 2017. What I did to troubleshoot the isue (not necessarily in order): - dism / checksur - SFC /scannow - SFCFix - SCCM Agent policy flush - SCCM Agent reinstall - SoftwareDistribution folder rename - Catroot2 folder flush (moved all the content away to backup folder) - I've deleted Registry.POL file in C:\Windows\System32\GroupPolicy\Machine\ No errors. No entries in log files which would point me in any direction (I went through WindowsUpdate.log, CBS.log, various SCCM logs related to WU). The WSUS / SUP policy version is correct - this was checked on multiple places in WMI on the server. The only sign that the server is actually not receiving updates lays in WMI - Code: gwmi -ComputerName [computername] -Namespace "root\ccm\softwareupdates\updatesstore" -Class ccm_updatestatus | select Article,Bulletin,Title,Status,UniqueID | Out-GridView When I run this query, everything newer than 12/2017 is simply not there. The instances are not present in the object. Server is pointing to correct SUP. Double and triple checked. SUP is reachable from the server. There is no apparent issue with SCCM infra communication (apart from updates other policies and software distributions are working properly) Any ideas for further troubleshooting steps? PS: I can't upload any logs as per company policy but I can assure you there weren't any errors or weird entries present. No corruptions were found. Everything looks pristine.
S Sysnative Windows Update Inactive Joined Oct 9, 2014 Posts 773 Jun 28, 2018 #2 Hello and welcome to Sysnative! Apologies for the delay. We are very sorry, but we need the logs to be able to assist you.
Hello and welcome to Sysnative! Apologies for the delay. We are very sorry, but we need the logs to be able to assist you.
K kupkoid New member Joined Apr 20, 2017 Posts 3 Jul 1, 2018 #3 Hi, no problem. I've got into call with MS support in the meantime and the issue is solved. The culprit was some ancient Symantec installation which wasn't properly cleaned up. Some remnant dll files were preventing the detection of January security updates as those were the first with Meltdown / Spectre fixes. Or at least that was the official explanation. After getting rid of the Symantec garbage the detection was immediately fixed.
Hi, no problem. I've got into call with MS support in the meantime and the issue is solved. The culprit was some ancient Symantec installation which wasn't properly cleaned up. Some remnant dll files were preventing the detection of January security updates as those were the first with Meltdown / Spectre fixes. Or at least that was the official explanation. After getting rid of the Symantec garbage the detection was immediately fixed.
S Sysnative Windows Update Inactive Joined Oct 9, 2014 Posts 773 Jul 1, 2018 #4 Ah, thanks for letting us know! Glad to hear the issue has been resolved!