After CMG implementation Client software SCAN keep failing


Hi Sir,

We have implemented CMG in our environment and our VPN/Internet devices are receiving windows update from CMG server.

but today, i have noticed so many devices are failed to software SCAN and error are showing in WUAHandler.log.

CMG - HTMD Forum - Welcome to the world of Device Management! This is community build by Device Management Admins for Device Management Admins❤️ Ask your questions!! We are here to help you! - After CMG implementation Client software SCAN keep failing

i confirmed that no GPO is applied and on registry setting CMG is server which is shows.

Role which we installed on CMG server are DP/site System

Answers ( 3 )


    If you enable allow cmg traffic on wsus server then the cmg will be shown as a scan source. If you see any failure then check the proxy connector log on cmg connection point. Also check cmg service log on service connection point.

    Best answer

    First of all, can you confirm whether there is any Software Update group created to deploy patches? If so, is that a software update group without any software update package?

    And moreover software update content won’t come from CMG … it’s coming down directly from Windows update (Microsoft update) service in the cloud.

    To troubleshoot further you need to look into the following logs and answer the above questions pls

    The flows which you need to check things from client side
    1. Locationservices.log – Check whether it’s able to find WSUS Path= and Distribution Point with patches
    2. WUAHandler.log to check whether scan is completed or not
    3. Updatedeployment.log – Check for deadline of the assignment and Software Updates client configuration policy, DetectJob completion received for assignment, Added update (Site_, PercentComplete, etc…
    4. Execmgr.log – Execution is complete for program Software Updates Program
    5. RebootCoordinator.log – Reboot related things
    Software Update Troubleshooting –


      Hi Sir,
      Thanks for reply.
      We have configured CMG so our device whether on VPN or not; they should get patch. i have noticed when device on internet (not connected VPN), it shows status Green (Device Online from internet Status=True) but unable to get ‘C’ Drive access.
      Unable to check above logs as device connected through internet and no access on C Drive.
      I need to confirm if this default behavior for device when we configured CMG so WUAhandler.log shows the GPO error.
      I confirmed with Microsoft and they saying; because CMG; registry value also change, earlier it was indicate primary server (SUP Role) but now indicate CMG.

Leave an answer

Sorry, you do not have permission to answer to this question .