• Om

René Kierstein's Blog

~ There is no home without windows

René Kierstein's Blog

Monthly Archives: April 2014

WSUS at primary child site stopped synchronizing with WSUS

04 Friday Apr 2014

Posted by renekierstein in SCCM

≈ Leave a comment

Tags

HTTP status 401, SCCM, wcm.log, WSUS

The problem:
WSUS at primary child site stopped synchronizing with WSUS at central site with the error In the wcm.log:
System.Net.WebException: The request failed with HTTP status 401: Unauthorized.~~ at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)~~ at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber)~~ at Microsoft.SystemsManagementServer.WSUS.WSUSServer.ConnectToWSUSServer(String ServerName, Boolean UseSSL, Int32 PortNumber) SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 09:04:45 5600 (0x15E0)
Remote configuration failed on WSUS Server. SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 09:04:45 5600 (0x15E0)
Troubleshoot:
Look into the iis log for the WSUS website.
Find the timestamp for the error in the wcm.log
2014-04-04 07:04:45 10.50.235.100 POST /ApiRemoting30/WebService.asmx – 8530 – 10.50.235.100 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.5472) 401 2 5 5
2014-04-04 07:04:45 10.50.235.100 POST /ApiRemoting30/WebService.asmx – 8530 – 10.50.235.100 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.5472) 401 1 3221225581 1

Error 401 in the iis log indicates authentication issue, so look in the event viewer secutiry log and find the event with the same time stamp found in the iis log.
The event shows the error:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 04-04-2014 10:56:49
Event ID: 4625
Task Category: Logon
Level: Information
Keywords: Audit Failure
User: N/A
Computer: servername.fqdn
Description:
An account failed to log on.

Subject:
Security ID: NULL SID
Account Name: –
Account Domain: –
Logon ID: 0x0

Logon Type: 3

Account For Which Logon Failed:
Security ID: NULL SID
Account Name: servername$
Account Domain: YourDomain

Failure Information:
Failure Reason: An Error occured during Logon.
Status: 0xc000006d
Sub Status: 0x0

Solution
http://support.microsoft.com/kb/896861/en-us
Method 2: Disable the loopback check (less-recommended method)
The second method is to disable the loopback check by setting the DisableLoopbackCheck registry key.

To set the DisableLoopbackCheck registry key, follow these steps:
1. Set the
DisableStrictNameChecking
registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
4. Right-click Lsa, point to New, and then click DWORD Value.
5. Type DisableLoopbackCheck, and then press ENTER.
6. Right-click DisableLoopbackCheck, and then click Modify.
7. In the Value data box, type 1, and then click OK.
8. Quit Registry Editor, and then restart your computer.

WCM.log will then show and after the next WSUS synchronization from central site everything will be ok again.

Found WSUS Admin dll of assembly version Microsoft.UpdateServices.Administration, Version=3.0.6000.273, Major Version = 0x30000, Minor Version = 0x17700111 SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
Found WSUS Admin dll of assembly version Microsoft.UpdateServices.Administration, Version=3.1.6001.1, Major Version = 0x30001, Minor Version = 0x17710001 SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
The installed WSUS build has the valid and supported WSUS Administration DLL assembly version (3.1.7600.226) SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
Successfully connected to server: Server.fqdn, port: 8530, useSSL: False SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
Verify Upstream Server settings on the Active WSUS Server SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
WSUS Server settings are correctly configured and Upstream Server is set to Server.fqdn SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
Configuration successful. Will wait for 1 minute for any subscription or proxy changes SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:09:13 2992 (0x0BB0)
Successfully connected to server: Server.fqdn, port: 8530, useSSL: False SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:10:13 2992 (0x0BB0)
Successful published and approved package 72eb686f-b396-4d62-b16f-5284fd2543ee – 0 for Install to a0a08746-4dbe-4a37-9adf-9e7652c0b421, Deadline UTC time= 04-04-2014 09:07:23 SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:10:13 2992 (0x0BB0)
Successfully connected to server: Server.fqdn, port: 8530, useSSL: False SMS_WSUS_CONFIGURATION_MANAGER 04-04-2014 11:10:13 2992 (0x0BB0)

Recent Posts

  • With SCCM CB 1612 technical preview comes the RESTful OData API
  • Agent fail to download policies
  • Configmgr – list applications in tasksequence
  • Configmgr unattended install – SetupWpf.exe. return value 1
  • Ccmsetup.log – configmgr2012ac-sp2r2sp1-kb3100144-x64.msp installation failed

Archives

  • March 2017
  • February 2017
  • September 2016
  • July 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • January 2015
  • October 2014
  • April 2014
  • February 2013
  • September 2012
  • August 2012

Categories

  • bootimage
  • certificate
  • Collections
  • Configmgr
  • Database
  • Ikke kategoriseret
  • policies
  • Powershell
  • pxeboot
  • Reporting
  • REST API
  • SCCM
  • SCCM 2007
  • SCCM CB
  • Server 2012
  • SUP
  • UEFI
  • winpe
  • wsus

Twitter Updates

  • RT @djammmer: While today is Black Friday, it also is quite likely a #configmgr Friday. The 13th production release of current branch may… 1 week ago
  • Kom frisk.... lnkd.in/d7_UHT4 1 week ago
  • @SetupConfigMgr thnx a lot. 3 weeks ago
  • #PatchMyPC Software installed at non-standard path, will this be updated with PatchMyPC? 3 weeks ago
  • Had to rebuild my lab and saw this minor typo...#MEMCM #SCCM https://t.co/ofcuFS8sme 4 weeks ago
Follow @Renekierstein

Create a free website or blog at WordPress.com.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy