WSUS clients install updates properly but don't send any status reports back to the server

Here's a cool tip and a cool tool that was sent to me by Joe Tindale, one of the top Support Escalation Engineers in our WSUS group.  If you find that your WSUS clients are not sending status updates back to the server then this is something you'll want to check out:

=================

Issue: You may notice that your clients will check into WSUS and install updates properly but don't send any status reports back to the server even though you can see that events were being generated locally.  If you review the IIS logs you may also see that the client IP addresses never attempt to post to the WSUS servers "reportingwebservice".

We saw the following in the windowsupdate.log so we know it was generating local reporting events:

2008-02-21 05:22:58:989 668 1408 Report REPORT EVENT: {91CFE792-1064-473B-8AA0-C9E392F2E76C} 2008-02-21 05:22:53:989-0500 1 162 101 {671ACCFF-0C42-4DDF-AF69-50DA8004EC29} 100 0 AutomaticUpdates Success Content Download Download succeeded.
2008-02-21 05:22:58:989 668 1408 Report REPORT EVENT: {1060A038-6F4D-49BB-9CA6-E02FADD13DE9} 2008-02-21 05:22:54:001-0500 1 188 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ?Friday, ?February ?22, ?2008 at 3:00 AM: - Definition Update for Microsoft Forefront Client Security (Antimalware 1.27.6904.0)

What we didn't see was something like the following which would tell us that the client was uploading those reporting events to the WSUS server:

2008-02-16 00:39:00:494 668 8d0 Report Uploading 2 events using cached cookie, reporting URL = https://some_WSUS_server/ReportingWebService/ReportingWebService.asmx
2008-02-16 00:39:00:932 668 8d0 Report Reporter successfully uploaded 2 events.

Even if you try forcing a report and taking a network trace you'll never see any traffic to the reportingwebservice. 

Note: You can force a report from the command line with the following: wuauclt /reportnow

Cause: This can occur if ConfigMgr 2007 had been previously installed on the server as a Software Update Point (SUP) and Automatic Update reporting events was set to "Do not create WSUS reporting events":

image

Note: These settings were added specifically for ConfigMgr 2007 to reduce the number of reporting events sent back to the WSUS server. This configuration sets a value within WSUS and then WSUS tells the Automatic Update agent on each client to configure reporting accordingly.

Resolution: In my case ConfigMgr 2007 had already been uninstalled so we could not revert the setting back to "Create all WSUS reporting events" unless ConfigMgr 2007 was reinstalled, however the above settings are exposed via a "clientreportinglevel" property of "IUpdateServerConfiguration" so  I wrote a tool to configure the various members of this property:

All = Clients should send all reporting information to the server
None = Clients should not report update status or activity reports to the server
StatusOnly = Clients should send update status reports to the server, but not activity reports.

For more information on these properties see:

The tool I wrote has a "/?" option which will display the help menu.  It first displays the current reporting level and then gives you the options to change the reporting level:

C:\Users\Administrator\Desktop>WSUS_Reporting_Level.exe /?

Current Reporting Level: All

Please enter a numeric option:
Press '1' to set the client reporting level to 'ALL'.
Press '2' to set the client reporting level to 'NONE'.
Press '3' to set the client reporting level to 'STATUS ONLY'.
Press '4' to exit.

Once you set the clientreportinglevel to "All" the clients should start to send status reports within a short period of time.

To download my WSUS_Reporting_Level tool visit https://www.codeplex.com/WSUS/Release/ProjectReleases.aspx?ReleaseId=19272.

========

Keep in mind that the standard disclaimers apply (e.g. Microsoft has not fully tested this tool, use at your own risk, we make no warranties or guarantees as to the suitability of this tool, etc. etc.).

Thanks Joe!

J.C. Hornbeck | Manageability Knowledge Engineer