This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 99%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Hi Team,
Recently we are facing with very unexpected problem, where on few of the Windows OS machine (mostly running server 2012, server 2016 and Windows 10) are not detecting and installing Windows Update from configured WSUS server as per below registry settings. We also tried configuration from group policy and resetting the Windows Update Component (restarted all WU services), still Windows Update Agent as per WindowsUpdate.log goes to internet Microsoft Update server for searching the missing Windows updates. Registry configured settings for Custom WU server as below:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUASettingsChanged"=dword:00000001
"WUServer"="http://10.10.7.89:8530"
"WUStatusServer"="http://10.10.7.89:8530"
"UpdateServiceUrlAlternate"="http://10.10.7.89:8530"
"DoNotEnforceEnterpriseTLSCertPinningForUpdateDetection"=dword:00000001
"SetProxyBehaviorForUpdateDetection"=dword:00000001
"AcceptTrustedPublisherCerts"=dword:00000001
"DisableWUfBSafeguards"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"NoAutoUpdate"=dword:00000001
"DetectionFrequencyEnabled"=dword:00000000
"UseWUServer"=dword:00000001
"AUOptions"=dword:00000002
Is there any issue with Microsoft WUA component for this or any other kind of environment issue?
Please suggest the fix or any workaround for this.
Best Regards,
Sunil Pagare
From an Administrative Command Prompt on an affected client, run the following:
gpresult /h gpo.htm
and share the result with your favourite method or pastebin it so that we can see it.
Thanks @Adam J. Marshall and confirmed using gpresult /h gpo.htm. We observed that, the group policy templates were corrupted, and "Windows Update" component was not displayed. Now, we are re-installing the group policy template to resolve this.
It is likely environmental.
Dual Scan comes to mind
https://www.ajtek.ca/wsus/dual-scan-making-sense-of-why-so-many-admins-have-issues/
Also, use this to troubleshoot - work from the top to the bottom.
https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/
Hi, @Sunil Pagare
Thank you for posting in Microsoft Q&A forum.
It looks like dual scan like Adam said, you may try to enable the policy "Do not allow update deferral policies to cause scans against Windows Update" for the client machines.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
It is MUCH BETTER to UNSET (or rather Set to "Not Configured") any WUfB policies INSTEAD of setting the policy you're suggesting.
Hi @AllenLiu-MSFT , @Adam J. Marshall
Thanks for your inputs. We confirmed that there is no group policy configured regarding Windows Update, WUB. This issue is occurring only on 2 to 3 machines.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 35%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHS%3C/text%3E%3C/svg%3E)
Tem mais maquinas com esse problema sim