WUAHandler.log - Failed to Add Update Source for WUAgent - Error = 0x80040692

  • Article

Here's a great tip on an issue you may run into if your using WSUS and ConfigMgr 2007 for updates and defining settings via a Group Policy.  This one comes from Anjana Kaku Tyagi, a Support Engineer in our Manageability group:

========

Issue: While trying to configure Software Update Point in SCCM we get following error in WUAHandler.log

*******************************************************************************
Its a WSUS Update Source type ({63897A13-E330-463A-B09E-101151D25935}), adding it.
Enabling WUA Managed server policy to use server: :8530">:8530">:8530">https://<server>:8530
Waiting for 2 mins for Group Policy to notify of WUA policy change...
Group policy settings were overwritten by a higher authority (Domain Controller) to: Server ">">">https://<server> and Policy ENABLED
Failed to Add Update Source for WUAgent of type (2) and id ({63897A13-E330-463A-B09E-101151D25935}). Error = 0x80040692.
*******************************************************************************

Cause: This can happen when there is a Group policy set in the domain that is managing updates and patching machines in the domain.

Resolution: We have two options for resolving this issue:

1. Remove the group policy at the domain level

or

2. Use the same WSUS server as the Software Update Point for the SCCM as well

In this particular case we opted for the second workaround: To configure the WSUS server and the software update point server to be the same server with the same port number as well so that both the group policy and the SCCM use the same server as the update point. To do this follow these steps:

1.    Configure the software update point to use a particular server and port #

2.    Configure the group policy to use the same port and server name for the updates to be distributed.

a.    We can do the same by configuring the policy “Specify intranet Microsoft update service location” at Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update to the same server and port as used by SCCM

or

b.    Re-configure the group policy, such that the Configuration Manager clients are not assigned part of the container that has Active Directory Group Policy object that specifies a WSUS server other than their active software update point

For more information please refer to Troubleshooting Group Policy Configuration for Software Updates

Here's a snippet from the above article:

"The software updates feature automatically configures a local Group Policy setting for the Configuration Manager 2007 client so that it is configured with the software update point source location and port number. Both the server name and port number is required for the software updates client to find the software update point. If an Active Directory Group Policy setting is applied to computers for software update point client installation, this overrides the local Group Policy setting. Unless the value of the setting is exactly the same (server name and port), this causes the Configuration Manager 2007 software updates feature to fail on the client."

========

Thanks Anjana!

J.C. Hornbeck | Manageability Knowledge Engineer