Symptoms:
WSUS console reports machines not reported in for 30+ days. Checking the log of the client machines after forcing an Automatic Updates client check-in via the command line "wuauclt /detectnow", and checking the log @ "C:\Windows\WindowsUpdate.log" shows the error: "Can not perform non-interactive scan if AU is interactive-only".
Cause:
Automatic Updates disabled via Group Policy.
("someone" utilized security filtering on the policy object controlling AU to be applied to their machine only.)
Fix:
Remove said machine from the security filtering of the group policy object and add Authenticated Users.
GPUpdate /force on the client machines resulted immediately in machines checking in and the count of machines not checking in to drop drastically.
Tuesday, June 16, 2009
WSUS - Can not perform non-interactive scan if AU is interactive-only
Labels:
Active Directory,
AD,
AU,
GP,
Group Policy,
Security Filtering,
Windows Updates,
WSUS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment