• State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 21 subscribers
  • Views 2179 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Patches download to servers but do not install

martin1963

I checked WSUS and Option #3 is checked.

Confirmed that servers are getting Windows Updates from PM server.

I scheduled task to run immediately, see task complete and the server will have the patches but they will never install.

Thanks

  • 0

    What settings do you have in your GPO besides the WSUS server?

  • 0 in reply to frgpugs

    Configure Automatic Updates - Enabled, Option #5 Allow Local Administrators to choose settings

    Allow Automatic Updates immediate installation - Enabled

  • 0 in reply to martin1963

    My guess for what frgpugs is getting at is:

    You need to have "Allow signed updates" enabled as well.

    Configure clients using Group Policy - SolarWinds Worldwide, LLC. Help and Support

    Three things at a minimum:

    1. WSUS certificate.
    2. WSUS Server location.
    3. Allow signed updates.

    This is working with third party updates, if it were only MS updates then you would only really need #2 in most cases.

  • 0 in reply to jrouviere

    I am only installing Microsoft updates, no third party ones.

    Thanks

  • 0

    OK, want to start at this from the top a bit and see what we can figure out:

    According to your posts you have these group policy settings set:

    • Configure Automatic Updates - Enabled, Option 5 which would let Admins schedule their own time.
    • Allow Automatic Updates immediate installation (which requires the above be enabled).
    • Specify intranet Microsoft update service location.

    Any others?

    These are only MS updates.  What is your process from the Patch Manager end?  You're approving updates only?  Do you have a task set to install certain updates?  Update Management or Update Management Wizard?

    If you are using the tasks you can set them to download only which could be a thing.

    If you are using the tasks, if you check your task history are you seeing any errors?

    If you go to Microsoft Update on the machine and manually install an update does it work or do you see any errors?

    Is the WSUS server that the machine is communicating with a downstream server or the primary WSUS server?

    I apologize for the kitchen sink approach, but what you've posted so far seems like it should work, so there's some other details that might help get at a resolution for you.

  • 0 in reply to jrouviere

    The issue is resolved, I changed the GPO to Option #4 Auto Download and Schedule the install. But before that I went through the install guide step by step and the certificates were not published correctly.

    Thanks

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.