I believe Windows Server 2012 is using the Automatic Maintenance feature, how are these settings configured on the boxes?
From: [email protected] [mailto:[email protected]] On Behalf Of Michael Leone Sent: Friday, May 19, 2017 2:47 PM To: Patch Management Mailing List <[email protected]>; [email protected] Subject: [NTSysADM] Still having issues with WSUS and scheduled updates This has me scratching my head. I've been testing having my WSUS v3 automaticaly schedule and install updates. So I have 6 VMs, all in their own OU; a testing GPO that says install Thu @ 2PM. Couple of them did just that, exactly as expected. Couple more didn't need any patchs, and so did nothing - again, exactly as expected. Yet I have 2 - Win2012R2s - that didn't apply patches. In the event logs on those 2 machines, I see them say event ID 17 - updates downloaded and ready for installation; this is Thu @ 12:47PM. 5 updates needed, downloaded, ready for install. And then no install, no update, no nothing. Here's the odd thing - this is only happening on the 2 Win2012R2 machines; the 2 Win2008R2 machines rebooted, exactly as they should have. A Group Modeling Wizard shows me that the GPO is being applied, and has that setting. a gpresult /r /v tells me the same thing (shows GPP, Software\Policies\Microsoft\WindowsUpdate\AU\ScheduledInstallTime - 14,0,0,0). And in the WindowsUpdateLog, I see that for some reason, these 2 machines tried to make a request to https://sls.update/microsoft.com/SLS<https://urldefense.proofpoint.com/v2/url?u=https-3A__sls.update_microsoft.com_SLS&d=DwMFaQ&c=qI44ipyoBm0hVwhmy07quvdiOJrWojxKI35ez1PFJ8U&r=Kac8Pegr7M2MX2HilTc0vlqSzcWt-sBs5vkGfPqCaqQ&m=8uHDXCrDRIGyEJFD67SQEwqP-vKMng5LXV_UK_Prp5k&s=iWOj5amrxSPA3Mj7cCu_HUFwmx1Zcd0qWorPquD9AaQ&e=>. WTF? Why is it trying to go out to MS? I don't have network connectivity issues, nor is my WSUS server non-responsive, as the other 2 machines. All clients on the same subnet, server on different subnet. So it connected at 12:46 to my WSUS, got some updates; started downloading. Then at 12:47PM, it said it was going out to MS, not to my local WSUS (after downloading 3 updates from WSUS). I see no errors, nothing indicating "local update server unreachable, going out to the MS for updates". And there was no network connectivity problems then, and I don't see the other test machines go out to MS, who also went looking to get updates at 12:46. I can attach the log, or put it up on PasteBin.org or something, if anyone wants to look. So: 1. Why did it get 3 of 5 updates from WSUS, then decide to get the remaining from MS? 2. Why only the 2 Win2012R2 servers? 3. Is there someway I can set it not to go out to MS in cases like this? (if I manually tell it to go to MS, that's OK. But I don't want it to do it otherwise) Am I the only one who's had this happen?
