Some Windows XP appear in WSUS as they need patches, but they don't get them

[terrassa5]

We have WSUS 3.0 SP2 working perfectly for almost all computers and servers, we have Windows XP, WIndows 7, Windows 2000 server, Windows 2003 R2 and Windows 2008 R2.

Now we have two computers with Windows XP SP3 reinstalled (formatted and reinstalled), and they don't get patches. We have executed gpupdated /force, wuauclt /detecnow and wuauclt /downloadnow (no errors in any of the commands). In WSUS these computers appear as they need a lot of patches, and all these patches are approved for installing, but windowsupdate.log file in PCs say that there are no updates detected, and they install nothing. There are no errors on log.

I copy content of windowsupdate.log:

2013-07-09 08:28:13:878 1388 744 AU AU received policy change subscription event
2013-07-09 08:28:16:427 1388 8fc AU Triggering AU detection through DetectNow API
2013-07-09 08:28:16:427 1388 8fc AU Triggering Online detection (non-interactive)
2013-07-09 08:28:16:427 1388 744 AU #############
2013-07-09 08:28:16:427 1388 744 AU ## START ## AU: Search for updates
2013-07-09 08:28:16:427 1388 744 AU #########
2013-07-09 08:28:16:427 1388 744 AU <<## SUBMITTED ## AU: Search for updates [CallId = {9C6914A0-483F-4BEA-9733-AF6E1C2172A8}]
2013-07-09 08:28:16:427 1388 918 Agent *************
2013-07-09 08:28:16:427 1388 918 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-07-09 08:28:16:427 1388 918 Agent *********
2013-07-09 08:28:16:427 1388 918 Agent * Online = Yes; Ignore download priority = No
2013-07-09 08:28:16:427 1388 918 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1"
2013-07-09 08:28:16:427 1388 918 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2013-07-09 08:28:16:427 1388 918 Agent * Search Scope = {Machine}
2013-07-09 08:28:16:427 1388 918 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab:
2013-07-09 08:28:16:443 1388 918 Misc Microsoft signed: Yes
2013-07-09 08:28:16:458 1388 918 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab:
2013-07-09 08:28:16:458 1388 918 Misc Microsoft signed: Yes
2013-07-09 08:28:16:474 1388 918 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wsus3setup.cab:
2013-07-09 08:28:16:489 1388 918 Misc Microsoft signed: Yes
2013-07-09 08:28:16:505 1388 918 Setup *********** Setup: Checking whether self-update is required ***********
2013-07-09 08:28:16:505 1388 918 Setup * Inf file: C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wsus3setup.inf
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\cdm.dll: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuapi.dll: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuapi.dll.mui: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuauclt.exe: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuaucpl.cpl: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuaucpl.cpl.mui: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:505 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuaueng.dll: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuaueng.dll.mui: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wucltui.dll: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wucltui.dll.mui: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wups.dll: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wups2.dll: target version = 7.6.7600.256, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup Update NOT required for C:\WINDOWS\system32\wuweb.dll: target version = 7.6.7600.257, required version = 7.6.7600.256
2013-07-09 08:28:16:521 1388 918 Setup * IsUpdateRequired = No
2013-07-09 08:28:17:005 1388 918 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2013-07-09 08:28:17:005 1388 918 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =

http://sistwsus/ClientWebService/client.asmx

2013-07-09 08:28:17:287 1388 270 AU Triggering AU detection through DetectNow API
2013-07-09 08:28:17:302 1388 270 AU Piggybacking on an AU detection already in progress
2013-07-09 08:28:17:772 1388 8fc AU Triggering AU detection through DetectNow API
2013-07-09 08:28:17:772 1388 8fc AU Piggybacking on an AU detection already in progress
2013-07-09 08:28:18:256 1388 8fc AU Triggering AU detection through DetectNow API
2013-07-09 08:28:18:256 1388 8fc AU Piggybacking on an AU detection already in progress
2013-07-09 08:29:21:860 1388 918 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2013-07-09 08:29:21:860 1388 918 PT + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =

http://sistwsus/ClientWebService/client.asmx

2013-07-09 08:29:22:657 1388 918 Agent * Found 0 updates and 64 categories in search; evaluated appl. rules of 1373 out of 2021 deployed entities
2013-07-09 08:29:22:657 1388 918 Agent *********
2013-07-09 08:29:22:657 1388 918 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-07-09 08:29:22:657 1388 918 Agent *************
2013-07-09 08:29:22:673 1388 b28 AU >>## RESUMED ## AU: Search for updates [CallId = {9C6914A0-483F-4BEA-9733-AF6E1C2172A8}]
2013-07-09 08:29:22:673 1388 b28 AU # 0 updates detected
2013-07-09 08:29:22:673 1388 b28 AU #########
2013-07-09 08:29:22:673 1388 b28 AU ## END ## AU: Search for updates [CallId = {9C6914A0-483F-4BEA-9733-AF6E1C2172A8}]
2013-07-09 08:29:22:673 1388 b28 AU #############
2013-07-09 08:29:22:673 1388 b28 AU Featured notifications is disabled.
2013-07-09 08:29:22:673 1388 b28 AU AU setting next detection timeout to 2013-07-09 13:31:49
2013-07-09 08:29:22:673 1388 b28 AU Setting AU scheduled install time to 2013-07-10 06:00:00
2013-07-09 08:29:27:660 1388 918 Report REPORT EVENT: {0335C3A9-4A6D-4A88-BBC2-4A66AEC65ACD} 2013-07-09 08:29:22:657+0200 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 0 updates.
2013-07-09 08:29:27:660 1388 918 Report REPORT EVENT: {920491F1-D61E-4F9F-9903-F852347C4192} 2013-07-09 08:29:22:657+0200 1 156 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Pre-Deployment Check Reporting client status.
2013-07-09 08:37:02:907 1388 918 Report Uploading 5 events using cached cookie, reporting URL =

http://sistwsus/ReportingWebService/ReportingWebService.asmx

2013-07-09 08:37:02:954 1388 918 Report Reporter successfully uploaded 5 events.

Does anybody know how to force these PCs to install patches?

Thank you very much.

 

[terrassa5]

Finally we found a solution to this problem. In PC that doesn't get patches we execute:

REM Stop the Automatic Updates service
net stop wuauserv

REM Stop the Windows Management Instrumentation service
net stop winmgmt

REM Backup ReportingEvents.log. Then, delete the contents of
REM %systemroot%\SoftwareDistribution and
REM %systemroot%\system32\WBEM\Repository
copy %systemroot%\softwaredistribution\reportingevents.log %homedrive%del /f /q %systemroot%\softwaredistribution\*.*
move %homedrive%\reportingevents.log %systemroot%\softwaredistribution

REM Delete SusClientID and AccountDomainSid keys from
REM HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
SET WU_KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
reg delete %WU_KEY% /v SusClientID
reg delete %WU_KEY% /v AccountDomainSid
SET WU_KEY=

REM Start the Automatic Updates service
net start wuauserv

REM Start the Windows Management Instrumentation service
net start winmgmt

REM Force a group policy update
gpupdate /force

REM Roll the WU Client...
wuauclt /resetauthorization /detectnow

When PC appears on WSUS console we execute:
REM Force a group policy update
gpupdate /force

REM Roll the WU Client...
wuauclt /resetauthorization /detectnow

This has worked with Windows XP, Windows 7 computers, and with Windows 2003 servers.