Technology Tips and News
Hi,
I want to setup a new wsus replica server.
I installed the WSUS service , then imported the updates and then an imported the metadata.
A soon as I pressed synchronize , it started to pull lots of updates (18GB) and more coming up.
Why is this? Why does it start to download as I already imported all updates ....
How can I fix this?
Kr,
Joeri
I installed the WSUS service , then imported the updates and then an imported the metadata.
A soon as I pressed synchronize , it started to pull lots of updates (18GB) and more coming up.
Why is this? Why does it start to download as I already imported all updates ....
The logical answer is that its because you improperly performed the import procedure.
We discuss it almost monthly in this forum.
Any particular reason you did it this way in the first place, instead of just letting the replica naturally synchronize and download what it needed from the upstream server?
Hi Lawrence,
We have a small internet line that's why we did an export of the updates and an export of the metadata on the master server.
On the replica we did an import on the data and after that an import of the metadata.
Because of the small line we imported the updates & the data to make sure it would not download everything..
Any idea what is wrong?
Can we still fix it?
Kr,
Joeri
Any idea what is wrong?
Based on the dozens, if not hundreds, of scenarios displaying this exact same symptom, my guess would be that you restored the ~\WSUSContent folder, thus overwriting the existing (empty) ~\WSUSContent folder, and as a result, modified the ACLs of that folder. The ACL modification results in the removal of the *LOCAL* WSUS Administrators group and replaces it with the SID of the WSUS Administrators group of the source server (which cannot be translated on the local server).
As a result, the WSUSService loses its right to read from the folder tree, and that translates to "no files exist, we need to download them".
You can fix the ACL by adding the WSUS Administrators group back, deleting the orphaned SID reference to the source server, and then clearing the BITS Download Queue.
After cleaning up the filestore issue, rerun the WSUSUTIL IMPORT.
Hi Lawrence,
I think I did a select all + cut of all the updates folders 0a 0b .. and a paste in the empty WSUSContent folder.
Is there a way I could check if this ACL issue is going on?
What I am thinking of on the source master server the WSUSContent was on D: and the new replica server the WSUSContent is on W: does that matters?
Kr,
Joeri
Hi Lawrence,
Attached a screenshot of the rights on my system:
http://i.imgur.com/a1vOugn.png
How can i check in my wsus that it sees my imported updates?
Kr,
Joeri
Hi Lawrence,
On the MS site there are 4 steps:
1) In the WSUS Administration snap-in, go to Options, then select Update Source and Proxy Server.
2) On the Update Source tab, clear the This server is a replica server of the upstream server check box, and then click OK to save the setting.
3) Follow the procedures for exporting and importing metadata described in Step 3: Copying Metadata from the Database.
4) After completing the import, go back to the Update Source tab of the Update Source and Proxy Server page, and then select the This server is a replica server of the upstream server check box. Click OK to save the setting.
I forgot step 2 to uncheck this is a replica server ... i checked it from the start and then imported the data and db.
What now , can i still fix this?
Kr,
Joeri
Read the ACLs?Is there a way I could check if this ACL issue is going on?
Attached a screenshot of the rights on my system:
Unfortunately the relevant information is wider than this image. Please scroll to the right in that dialog and ensure that the rights are being inherited to "folders, subfolders, and files".
Otherwise, these are the correct security principles for this folder.
I forgot step 2 to uncheck this is a replica server ... i checked it from the start and then imported the data and db.
Yeah... the import server definitely needs to be configured as an upstream server.
At this point, you should just re-do the import with the correct settings. If it doesn't work, worse case is that you uninstall/reinstall to get a fresh/clean database, and initially configure the server as an upstream server and implement it as an active replica.
Hi Lawrence,
Attached a status of my wsus:
http://i.imgur.com/AaABnxz.png
This is the disk:
http://i.imgur.com/GGnPTa8.png
The rights of the wsus content folder:
http://i.imgur.com/b2FfDqol.jpg
The rights of wsus folder:
The rights of the disk:
http://i.imgur.com/aacvxPN.png
As I can see there are a 2 edited folders so I think it is not a rights issue
See here: http://imgur.com/delete/ctDVJMf8m0TY4r5
Do you think a wsusutil reset wil fix this?
Kr,
Joeri
Attached a status of my wsus:
Your WSUS server currently shows that NO computers are registered to receive updates.
Also, you have TWO updates needing files totally 4GB. That makes absolutely no sense at all because there has never been an update >1GB in size. I would suggest finding out what those *TWO* updates are, removing the approval, and be done with the problem.
You do have 28,000+ updates on the server, which seems particularly excessive to me, but only half as excessive as the 3,539 approved updates!
Do you think a wsusutil reset wil fix this?
No.
Hi Lawrence,
It kept downloading , but there went no gigabytes over the line or network adapter.
On another forum i have read that it checks the files imported files against the source files on the internet.
After 1.5 hour waiting everything was fine and working :).
Kr,
Joeri
This topic is archived. No further replies will be accepted.
Other recent topics
Click here to get your free copy of Network Administrator. Over 25 plugins to make your life easier
