When a system doesn’t show up in WSUS, do these steps on the system not showing up:
1) Verify this registry setting (usually set via a GPO):
reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
2) Verify the System can resolve the hostname of the WSUS server, if specified. If IP, move on.
3) Use telnet against the specified port (if different from 8530), this verifies layer 4 and that not firewall ports are in the way.
4) Ensure the Windows Service is actually running via services.msc
5) All else fails try this:
net stop wuauserv reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIdValidation /f net start wuauserv wuauclt /resetauthorization /detectnow wuauclt /reportnow
Wait a couple mins and hard refresh the WSUS MMC Snap-in. I noticed this trick also works for systems that are in WSUS but won’t report an install percentage of 100%.
I noticed one system was not showing up with 100% install rate, and a yellow icon indicating needed updates still required, however checking for updates on the system kept reporting all updates, even after step 5 a couple times.
So… to get updates WSUS doesn’t have on Desktop based version of Windows there’s usually a nice link that states “Check for updates from Windows Update Online”, but this was a core hyper-v server, and no GUI, so…
*Note ByPassing WSUS on Core, without GPO changes.
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer /t REG_DWORD /d 0 net stop wuauserv net start wuauserv sconfig
run option 6 and check for all updates (this assumes the server/system has access to internet servers).
Don’t forget to set the setting off again:
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer /t REG_DWORD /d 1
Then run Step 5 again.