7 Replies Latest reply on Sep 29, 2015 11:55 AM by jpregenzer

    not all clients showing up in Patch Manager


      I've been trying to figure out why certain servers wont show up in the solarwinds patch manager. I can't seem to figure it out! I know some of the clients are clones and that can mess with this. i performed the following commands to get a new SUSclientID


      @echo on

      net stop wuauserv

      REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f

      REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f

      REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f

      net start wuauserv

      wuauclt /resetauthorization /detectnow


      I've ran the Solarwinds Diagnostics tool and there are three errors that i get.



      Windows Update Agent configuration settings

        Automatic Update:                                  Not found (There is no such key)

        Options:                                           Not found (There is no such key)

      WSUS Server Connectivity

        clientwebservice/client.asmx:                      Error: ServiceUnavailable (The request failed with HTTP status 503: Service Unavailable.)



      everything else is okay. The servers are in the same OU and are all getting the same wsus policy. i've ran a test on the client to see the policies and the wsus is showing up. Any help would be greatly appreciated!

        • Re: not all clients showing up in Patch Manager

          Hi jpregenzer,


          When I've had client issues I verify the following items.


          From the server not showing up, are you able to telnet to the port being used for WSUS communication (80, 443, 8530, 8531).  This depends on which port you chose during configuration. 

          If the telnet connection works, I like to use netstat on the WSUS server to watch for the incoming connection on the port being used above:  netstat -a 15 | find "8530" | find "servername"

          Does the server show up in WSUS but not patch manager? 

          This one got me a few times, did you happen to save a view that uses a filter to exclude the servers you are looking for? 

            • Re: not all clients showing up in Patch Manager

              hey thank you for the response. I wasnt the one who setup the wsus here.  what's the best way to find out which port was used during configuration? would it be by checking IIS? I've been reading that people have default web site and wsus administration sites in iis but I only have one, default web site. Thanks!

                • Re: not all clients showing up in Patch Manager

                  You can highlight the WSUS server name under the patch manager interface.  If the details tab is highlighted, scroll down to the bottom where it says "upstream server port".  The other option is to open the IIS interface on the WSUS server and highlight the WSUS Administration site.  On the right side under the actions pane, click on bindings to view what ports are being used.  Hope this helps!

                    • Re: not all clients showing up in Patch Manager

                      okay so it is port 80. Thanks I didn't know that info was there! I'll try your other suggestions and i'll come back.

                      • Re: not all clients showing up in Patch Manager

                        For a definitive, quick solution, I typically open the native WSUS console on the WSUS server and then click on the WSUS server name on the upper left.   It will then show the port used in the bottom right of the middle section.


                        If Patch Manager is showing a different port when you click on the WSUS server name in there, you should change it to show what was the native WSUS console said it was using (either 80, 443, 8530, or 8531).   You would change that in Patch Manager under Update Services -> Add or Configure WSUS Server option.

                  • Re: not all clients showing up in Patch Manager

                    A couple of other points: 


                    If the WSUS server is using port 8530 and you are pointing your client machines to that WSUS server using a domain GPO, you'll need to add that port to the URL in the GPO that points them there.

                    e.g. if my WSUS server is using port 80 it might just be   http://WSUSServer

                    but if it is using port 8530 i would need that URL to be:      http://WSUSServer:8530


                    Although you have a script that looks like it would work just fine, just FYI there is a tool in Patch Manager for the case where you have cloned some machines and you are not seeing them all due to a SUSID conflict (e.g. WSUS sees whichever one last checked in as the "real" machine and the others don't show up).   You can browse to an individual machine or to a group (like an OU or domain if desired) in the Patch Manager console, right-click, and select "Windows Update Agent Maintenance and Repair".  In the resulting wizard, you can choose the "reset windows update agent SUS Client ID" option.