We've been using WSUS on Server 08 for several years now with no issues. We recently set up a 2012 R2 server with WSUS on it and have created an active directory policy to point a few machines to it for testing. Initially it auto-detected the machines and they all reported in at least once if not more (several on 5/5, some on 5/7 and one on 5/8). However, since then none of machines have reported in. The machines are Windows 8.1 - we recently moved to Win 8, however if I check the old WSUS server all the Win 8 machines are reporting in daily (or thereabouts). I looked around on the net and the general consensus seems to be that there is no way to force a machine to immediately report? I've tried running wuauclt.exe /detectnow which didn't help.

Any thoughts on why these machines would be found initially but then pretty much immediately stop reporting? Could it be some conflict with the AD policy which had originally pointed them to the old WSUS server (I didn't set up that policy so I'm not terribly familiar with it)?
0 Comments   [ - ] Hide Comments


Please log in to comment

Answer this question or Comment on this question for clarity


Open a CMD window and do a gpresult /v, you can see what WSUS policy is applied to the machine.

you may need to reset authorization and there is a way to get it to report it is /updatenow.

You can try to delete the WSUS keys on a machine, reboot a couple of times and see if it starts communicating properly, I have seen instances where you change WSUS servers and the client does not follow due to registry ghosts.

For all the available switches you can use sysintenals strings.exe and disect the exe for its built in switches
strings.exe c:\windows\system32\wuauclt.exe > %temp%\wuauclt_strings.txt && %temp%\wuauclt_strings.txt
Here are the switches in wuauclt

Answered 05/14/2015 by: SMal.tmcc
Red Belt

Please log in to comment