The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

WSUS clients stopped reporting [Fix]

Download Windows Speedup Tool to fix errors and make PC run faster

Windows Server Update Services is configured on servers, and clients are attached to it to receive updates instead of directly downloading them from Microsoft’s website. However, we have noticed that in an environment, a few WSUS clients have stopped reporting to WSUS Servers and are unable to fetch updates. In this post, we will talk about this issue and see what you can do to resolve it.

WSUS clients stopped reporting

Fix WSUS clients stopped reporting

If the WSUS client has stopped reporting, you need to follow the solutions mentioned below.

  1. Check if the Client Connectivity is proper
  2. Run the troubleshooting script on the client
  3. Force Group Policy Refresh
  4. Repair Windows Update Component

Let us talk about them in detail.

1] Check if the Client Connectivity is proper

First, we need to ensure that our computer can connect to the WSUS Server. For that, you need to try pinging the server from the client. So, open the Command Prompt and run the following command.

ping WSUSServerName

Now, open a browser to test WSUS HTTP connectivity. Then, try visiting the server’s web address by typing https://WSUSServerName:portNumber (use the real server name and port number, like 80, 443, or 8530)”.

Also, check for an import file by typing this address.

https://WSUSServerName/selfupdate/wuident.cab.

If the WSUS server is working right, you’ll see a pop-up asking if you want to open or save that file. You can close this pop-up afterward.

If the connection is not established properly, you will need to reconfigure the connection and add the WSUS client to our Organizational Unit.

2] Run the troubleshooting script on the client

There are several steps that can be taken to resolve the issue. We have attempted to compress it into a single script that you can run on your client computer. This script resolves Windows Update issues by clearing your computer’s update history, stopping update services, deleting temporary update files, and then restarting everything from scratch. It ends by forcing your computer to check for updates immediately from your company’s WSUS server.

To do so, open Notepad and paste the following lines of code.

@Echo Off
Echo Resetting Windows Update connection...
REG Delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG Delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f
net stop wuauserv /y
net stop BITS /y
rd /s /q "C:\Windows\SoftwareDistribution"
del "C:\Windows\WindowsUpdate.log"
Echo Restarting services...
net start wuauserv
net start BITS
Echo Forcing update check...
UsoClient.exe StartScan
UsoClient.exe StartDownload
UsoClient.exe StartInstall
Echo Done! Wait 10 minutes for WSUS connection.
Pause

Now, save the Notepad file with a .bat extension on your Desktop (you can save it anywhere, it’s just that the Desktop is easily accessible). Finally, right-click on your batch and select Run as administrator. Click on “Yes” when prompted and let the batch file run. Hopefully, this will do the job for you.

3] Force Group Policy Refresh

If you have added the WSUS Client now to your Group Policy, you need to force it onto your client device. In case you missed it during the step of your client device or made some changes to the WSUS server settings, let’s update it.

First up, open Command Prompt and then run the following commands on the client

gpupdate /target:computer /force
or
gpupdate /force
net stop wuauserv
net start wuauserv
UsoClient.exe StartScan

This command sequence resets the client’s update agent, reloads its WSUS settings from Group Policy, and forces an immediate check-in with the WSUS server.

4] Repair Windows Update Component

If the client is unable to process the updates, we need to repair the Windows Update components using the steps mentioned below.

Open PowerShell as an administrator and run the following command.

Set-Service -Name BITS -StartupType Automatic

Set-Service -Name wuauserv -StartupType Automatic

The aforementioned commands ensure the following two critical services are set to auto-start:

  • BITS (Background Intelligent Transfer Service): Handles update downloads
  • wuauserv (Windows Update Service): Manages update installations

Stop the two services using the following command.

Stop-Service wuauserv, BITS -Force

Now, run the following command to create C:\Windows\SoftwareDistribution.old as a safety net to preserve old files.

New-Item -Path "$env:windir\SoftwareDistribution.old" -ItemType Directory -Force

Moves (not deletes) the entire content of C:\Windows\SoftwareDistribution to the backup folder using the following command.

Get-ChildItem "$env:windir\SoftwareDistribution" | Move-Item -Destination "$env:windir\SoftwareDistribution.old"

Once done, run the following command to start the services again.

Start-Service BITS, wuauserv
UsoClient.exe StartScan

Finally, check if the issue is resolved.

Hopefully, with the help of these solutions, you will be able to resolve the issue.

WSUS the reporting Web Service is not working

The WSUS Reporting Web Service typically stops working due to exhausted resources in IIS or database connectivity issues. When the IIS application pool (“WsusPool”) hits its memory limit or the request queue overflows, the service becomes unresponsive, often triggering Event ID 12002 errors. This frequently occurs during heavy reporting loads or when the WSUS database (SUSDB) is fragmented or oversized.

Additionally, expired or untrusted SSL certificates will break HTTPS communication for reporting. To resolve this, increase the IIS queue length to 25,000 and set the private memory limit to “0” (unlimited) for WsusPool, then perform an iisreset. Concurrently, reindex the SUSDB database and run the WSUS Cleanup Wizard to remove obsolete updates. If the issue persists after these changes, verify SSL certificate validity on the WSUS server and ensure all clients trust the certificate authority.

Read: How to import updates into WSUS using PowerShell

WSUS client not reporting but updating

A WSUS client may successfully download and install updates while failing to report its status due to corrupted local components (like reporting DLLs) that disrupt feedback mechanisms, Group Policy misconfigurations allowing content downloads but blocking reporting ports (especially HTTPS/8531) or specifying incorrect server URLs, server-side issues such as expired client approvals in the WSUS database or IIS resets during status submission, or significant time drift (>5 minutes) between the client and server that breaks authentication for reporting while still permitting update retrieval. Check out the solutions mentioned earlier to resolve the issue.

Also Read: Windows Server Update Services (WSUS) Troubleshooting

Yusuf@TWC

Yusuf is an Engineering graduate from Delhi. He has written over 1000 technical articles and has knowledge of programming languages including Java, and C++, and technologies such as Oracle 12C and MsSQL. Troubleshooting Windows is his favorite past-time.