WUA handler Patching Issues

Question

Hi All, i am facing issue in one of the machine with pushing Software Updates through SCCM. the machine is in boundary group. Checked few logs,WUA handler – scan is fine, Update store – showing updates already exist, Update deployment – showing no actionable updates. However when i am trying to search for updates manually through windows updates, machine is showing few updates to install. can you please let me know why through sccm it is showing as no actionale updates

All below mentioned logs have no error.
WUA handler
Update store
Update deployment

in progress 0
sumit malik 4 months 15 Answers 144 views Beginner 0

Answers ( 15 )

  1. Hello Sumit Malik,

    Any update on this would be greatly appreciated.

    Regards,
    Deepak.

  2. This behaviour is there from SMS 2007 and few points you need to rethink.
    1. Software Updates fetched from Legacy method (Windows Update Online from MS Update Catalog) and reported generated through SCCM for the same machine will always differ and will never be same.
    2. Scanning from Windows Update checks the OS Update Repository and Scanning from SCCM checks the SCCM Update store.
    3. Best way to figure it out is to check if those patches exposed from internet are in our SCCM Environment or not. Also to check if they are standalone or dependent on some other updates which you install and these patches become applicable. Make sure the patches exposed via internet are not superseded.
    4. Make sure your WMI Repository is healthy. We have seen it sometimes if WMI corrupt it gives you garbage data.
    5. If the OS running on the machine is Windows Server 2008 R2 then i will not even think twice to ignore it. IF OS Windows Server 2012 R2 then we will check because 2012 OS has a lot of improvements compare to 2008 R2 SP1.
    6.What happens if you download those patches which are exposed over internet and try to install manually in the server? If says not applicable then leave it.
    7. Generally this could also happen because of REGPOL file corrupted or Software Distribution folder tosted.
    8. When you initiated the scan over internet did you tried installing them from Windows update place itself like Control Panel and install?
    9. What’s the OS running on this client and CB Version please?
    10. This will help you to read logs.
    https://www.anoopcnair.com/sccm-logs-files-configmgr-memcm/

    • Hi Deepak,

      The OS version is 2012 R2 & yes when i am trying to install same updates from Windows update, updates are getting installed.
      WMI repository is healthy.
      All those Patches are also part of Monthly SUG which is being targeted to all the servers. Same patches got deployed to all other servers of same AD sitesubnet.
      Also patches were getting deployed on this server since last month.
      Below mentioned are those 4 patches:
      1.KB5556798 – 2020-05 Cumulative security update for IE 11
      2. KB4556401 – 2020-05 Security & quality roll up for .Net framework
      3. KB4556853 – 2020-05 Security update for windows server 2012 R2
      4. KB4556405 – 2020-05 Security only update for .Net framework

      • You missed few of my questions but that’s fine and let’s go deep dive.

        So you mean to say the same patches you are able to install using internet and the same ones you are able to deploy using SCCM as well and it’s getting exposed in software center to install again and again?

        Can you test it on some other server? I am assuming you had only one client with this issue.
        Download the patch from site below and copy to the server. Try installing and see result.
        https://www.catalog.update.microsoft.com/Search.aspx?q=KB4556853

        I am assuming you have already rebooted the server after installing these patches.
        Also you checked there is no “Reboot Required” flag set into registry?

        From an elevated command prompt run “winmgmt /verifyrepository “. If the repository has an issue, it will respond “repository is not consistent”.

        The server is physical or virtual?

        Once you install the patch and reboot the server then keep an eye until it comes back online after the reboot because i am suspecting the OS is reverting changes once you install the patch and reboot.
        How about the OS and Drive status?
        Can you do SFC /SCANNOW? Open command as admin and enter that command. Share the result.
        can you also verify if you are able to connect to rootccm using WBEMTEST?
        Did you recreate software distribution folder?
        Did you recreate REGPOL file on the server?
        What do you see when entered GPUPDATE /FORCE?
        I am assuming this server is in domain.

        • Thanks for suggestion!
          As this being a Prod Application servwer & any further troubleshooting which may requires a reboot won’t be applicable on this server as MW got over.
          I will try implementing all these steps in next MW.

  3. Have you targeted all those updates via SCCM which are showing manually to install?

  4. Pls post the question with an appropriate title so that we can try to help you in a better way.

    • sure from next time i will post it with appropriate title..as this was my first time to post a question..

      • The flows which you need to check things from client side
        1. Locationservices.log – Check whether it’s able to find WSUS Path= and Distribution Point with patches
        2. WUAHandler.log to check whether scan is completed or not
        3. Updatedeployment.log – Check for deadline of the assignment and Software Updates client configuration policy, DetectJob completion received for assignment, Added update (Site_, PercentComplete, etc…
        4. Execmgr.log – Execution is complete for program Software Updates Program
        5. RebootCoordinator.log – Reboot related things

        Let’s us know where did you stuck in details

        • I have checked all the logs:
          1. Locationservices.log – Its is displaying WSUS path and MP as well. Cannot see list of patches to be installed though there is no error.
          2. WUAHandler.log – Scan is completed sucessfully.
          3. Updatedeployment.log – It is also running fine. Its displaying several updates with their Update ID being added to target list of deployment…After which Raising Client SDK for class CCM_Software Update with all Update IDs. At last displaying No Actionalbe updates..No error in log.
          4.Execmgr.log – I cannot see anything related to completion of Software update program here.
          5. Rebootcoordinator.log – There is no pending reboot for that server.

          I am actually new to sccm, so i don’t know if i am able to provide you with the info you needed.

Leave an answer

Sorry, you do not have a permission to answer to this question .