Share via

WSUS 2019/2012R2 Compatibility

Adino 31 Reputation points
2020-09-28T17:49:05.063+00:00

I have a 2012R2 WSUS server that sees our 2019 Servers and even makes downloads avaible but won't auto patch at 0300 like the 2012 servers. I mirrored the group policy that applies to the 2012 servers but the 2019 servers won't auto patch. Anyone else seeing this or am I missing something? I have Version: 6.3.9600.18694 installed.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,730 questions
0 comments

7 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amandayou-MSFT 11,141 Reputation points
    2020-09-29T06:04:47.697+00:00

    Hi @RichWines-9402,

    Could we check if the setting is configured as the following screenshot?

    29006-microsoftteams-image-17.png

    And we could check AUOptions is set as 4 in the registry editor, kindly navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU,

    28957-microsoftteams-image-20.png

    And here is the similar case we could refer to:
    https://community.spiceworks.com/topic/2242747-updates-download-but-won-t-install
    Note: the above links are not from MS, and just for your reference.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. Adino 31 Reputation points
    2020-10-02T14:48:49.13+00:00

    Well the reg settings check out for the 2019 server showing AUOptions set at 4

    0 comments
  3. Adino 31 Reputation points
    2020-10-02T14:57:30.277+00:00

    I can't be sure but wondering if there's something in our server image (not vanilla) that's locked down or conflicting...

  4. Adino 31 Reputation points
    2020-10-07T14:48:13.79+00:00

    Hi Amandayou, thanks for taking the time to address this issue. To clarify, we have a mostly 2012r2 sever environment run WSUS from a 2012r2 server. We are adding some 2019 servers to our environment and the 2012r2 WSUS server sees them, they check in, and are put in the correct group. It appears that the 2019 servers have 'updates available' but they don't attempt to install at scheduled time of 0300. I only assign important updates required for monthly rollups and security. I'll review again next week when MS updates sync up and are pushed out.

  5. Adino 31 Reputation points
    2020-10-08T15:31:04.633+00:00

    We normally keep that setting as 'not configured' and patch after hours at 0300. One other thought, I noticed from a gpedit.msc on that box it doesn't show assigned gp but when I run gpresult it does show the correct gp applied. I know you can't really trust the local gp settings but thought it odd. Just as a test i went ahead and edited the local gp with the correct settings and will know results next week when i patch. I can't roll back patches now for testing due to cyber restrictions.

    31014-image.png

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.