Server 2016 with Win 10 clients - looks broken

Topics: Misc., Publishing Issue
Dec 31, 2016 at 10:40 AM
Edited Dec 31, 2016 at 11:38 AM
I have a new environment with a 2016 Essentials Server and x86 / amd64 Windows 10 v1607 clients. While WSUS seems to run properly, the Package Publisher is not.

I have done all necessary steps: created and distributed the certificate, opened the Firewall and set the update policies.

I can send "detect now" and "report now" without errors, but nothing happens, the "last updated" value doesn't change - it remains the timestamp from where i locally searched for updates.

If I publish an update, also no errors are shown, but then also nothing happens. The id from the update doesn't show up in the update log (this function too is broken, you have to command get-windowsupdatelog in powershell to generate the log on the desktop). For some, it even says "installed" in WPP, but it is definitively not.

I tried a custom update with a simple *.exe with doesn't do more than create a "helloworld.txt" in c:\windows, but on creation i got an "SQL Server error" and and of course, nothing happens. I tried to let it show in WSUS console, but it doesn't show up. The Updates are in the Folder "UpdateServicesPackages" in my WSUS folder, but it looks like they aren't called from the clients.

As much as I'd like to get it working - and so far that meant a lot of hours trying - it doesn't.
Jan 1 at 5:47 PM
After further re-thinking, there are three issues here:
  • first, the "show Update Log" - that is definitively broken inside WSUS Package Publisher. That command should be changed to create the log first, and after that command returns display the file - see above.
  • second, the RPC commands. This can be an firewall issue, so I'm going to test that again with all firewalls down. I set all the rules I could find and WPP shows "OK" after executing the command, but it's worth a try.
  • third and most important, why doesn't my Win10 1607 clients don't detect either the custom updates nor the msi updates? This question can be broken up into multiple parts:
  • is the update really advertised? My version info says Update Services 10.0.14393 - so the "publish" can simply failing. I have all my clients upgraded to that Win10 version, so unfortunately, I can't test it with an earlier Windows version myself. The "publish visible on WSUS console" is broken, there I get that SQL server error.
  • or is it a question of Win10 - it is advertised, but doesn't get sought out for installation. I don't know how the Windows Update works inside, which side picks what is to update.
Jan 10 at 8:33 PM
Be award that the Wsus Client is broken in Windows 10 1607 if the computer is pointing to a Wsus Server instead Microsoft Update.
Install KB3213522 and test after.