Wednesday, June 25, 2008

Fix for Self-Update is Not Working in WSUS 3.0


I've noticed a number of WSUS 3.0 servers are coming up with the following error in the Application event log:

Event Type: Error
Event Source: Windows Server Update Services
Event Category: Clients
Event ID: 13042
User: N/A
Computer: WSUS01
Description: Self-update is not working.


To fix the issue, follow these steps:
  • Open IIS Manager and ensure there is a Selfupdate virtual directory in the Default Web Site. If not, create it with the Local Path pointing to C:\Program Files\Update Services\Selfupdate

  • Click the Directory Security tab and ensure that Anonymous Access is allowed

  • Restart IIS

Verify that the problem is fixed by running the following command at the command prompt:

C:\Program Files\Update Services\Tools\wsusutil.exe checkhealth

Then examine the Application event log for the following event:

Event Type: Error
Event Source: Windows Server Update Services
Event Category: Clients
Event ID: 10000
User: N/A
Computer: WSUS01
Description: WSUS is working correctly.

As background, WSUS clients must connect to the SelfUpdate virtual directory to check for a new version of the WSUS client before checking for new updates. This always happens anonymously over port 80, even if WSUS is configured to use a custom port, such as port 8530.

9:13 AM