ccolonbackslash

Just another WordPress.com site

Tag Archives: WSUS

MDT 2013 – WSUS updates not installing in task sequence

Following this great technet KB, i had issues applying WSUS updates to a reference image.

The pre and post application installation tasks were not running properly, although they didn’t error they failed to actually do anything. When i reviewed the ZTIWindowsUpdate.log i found this:

Command Line Procesed Query=False Registered=False  UpdateCommand=[IsInstalled = 0 and IsHidden = 0 and Type = ‘Software’]

Error searching for updates: Not Connected to Internet? (-2145107924)

This is despite telling it to connect to my wsus box.This job was running after an Office 365 2013 pro plus click to run installation.

I created a new command line task to run ZTIWindowsUpdate before the application installation, immediately after Tatoo and it completed just fine. Googled for hours, found nothing – this worked for me.

“Code 800B0001 Windows update ran into a problem” on Windows 8 and 2012 when using WSUS or WSUS with SCCM

This issue is caused by Windows 8 using a newer update client than WSUS SP2 is aware of, consequently the client doesnt trust the server.

Despite having KB2720211-x64 installed, still see this error on Windows 8 and Windows 2012 machines in my SCCM lab.

Seems this recent KB solves the issue: http://support.microsoft.com/kb/2734608 

If I understand it correctly the issue is to related to the signing of the updates with a certificate that is not approved by Win8/2012 update client. This issue is corrected during the WSUS resync/reindex after the above update is applied.

Once the sync is complete, before you try to apply the updates to any new clients be sure to stop the local wu service client on the windows8/2012 client and delete the software distribution folder in C:\Windows. Be sure to start the Windows Update service again before you try to check for updates and then run the update installation again. Instructions below:

  1. Open an administrative command prompt on the affected computer
  2. Type the following:
  • net stop wuauserv
  • rd /s %windir%\softwaredistribution\
  • net start wuauserv

In my case i’d already tried to publish the SCCM client before i did the update and before i applied the SP1/CTP for SCCM and ran into problems even after the above because the SCCM client is not resigned during the WSUS update.

As i had not yet published the latest version of the SCCM client that came with SCCM SP1/CTP to WSUS, i published it AFTER applying KB2734608, to do this you go to Sites, Client Installation Settings and Software Update-Based Client Installation and it will tell you there is a new client available, agree, then apply and it will be correctly signed and will install on Server 2012 and Windows 8.


SO if you publish a version of the client through WSUS before you do the KB update and resync, it doesnt get re-signed, only if you distribute it AFTER the update. ( I think…..)

Phew.