Symptoms:
WSUS console reports machines not reported in for 30+ days. Checking the log of the client machines after forcing an Automatic Updates client check-in via the command line "wuauclt /detectnow", and checking the log @ "C:\Windows\WindowsUpdate.log" shows the error: "Can not perform non-interactive scan if AU is interactive-only".
Cause:
Automatic Updates disabled via Group Policy.
("someone" utilized security filtering on the policy object controlling AU to be applied to their machine only.)
Fix:
Remove said machine from the security filtering of the group policy object and add Authenticated Users.
GPUpdate /force on the client machines resulted immediately in machines checking in and the count of machines not checking in to drop drastically.
Tuesday, June 16, 2009
Subscribe to:
Posts (Atom)