Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
You may observe the following errors appearing in the SCCM client's logs, when SCCM clients cannot scan for updates:
Windowsupdate.log
2014-05-22 16:13:19:440 860 1994 PT Server URL = https://#####
2014-05-22 16:13:19:455 860 1994 PT WARNING: GetAuthorizationCookie failure, error = 0x8024400E, soap client error = 7, soap error code = 400, HTTP status code = 200
Wuahandler.log
Its a WSUS Update Source type ({##########}), adding it. 1/1/1601 12:00:00 πμ 0 (0x0000)
Existing WUA Managed server was already set (https://########), skipping Group Policy registration. 1/1/1601 12:00:00 πμ 0 (0x0000)
Added Update Source ({############}) of content type: 2 1/1/1601 12:00:00 πμ 0 (0x0000)
Async searching of updates using WUAgent started. 1/1/1601 12:00:00 πμ 0 (0x0000)
Async searching completed. 1/1/1601 12:00:00 πμ 0 (0x0000)
OnSearchComplete - Failed to end search job. Error = 0x8024400e. 1/1/1601 12:00:00 πμ 0 (0x0000)
Scan failed with error = 0x8024400e. 1/1/1601 12:00:00 πμ 0 (0x0000)
Updatesdeployment.log
Job error (0x8024400e) received for assignment ({###################}) action 1/1/1601 12:00:00 πμ 0 (0x0000)
Updates will not be made available 1/1/1601 12:00:00 πμ 0 (0x0000)
Updateshandler.log
Updates scan completion received, result = 0x8024400e. 1/1/1601 12:00:00 πμ 0 (0x0000)
- - - - - -Scan Failed for ToolUniqueID={#########}, with Error=0x8024400e 1/1/1601 12:00:00 πμ 0 (0x0000)
This error 0x8024400e leads us to the following troubleshooting steps:
Check the permissions on the windows\temp folder and C:\WINDOWS\Microsoft.NET\Framework\versionxxxxx\Temporary ASP.NET Files, if the NETWORK SERVICE Account is missing permissions:
- Check the Permissions for NETWORK SERVICE on %windir%\temp to allow "List Folder / Read Data" and "Delete"
- Typically this will be C:\WINDOWS\TEMP folder
- Add NETWORK SERVICE with FULL CONTROL of this folder > C:\WINDOWS\Microsoft.NET\Framework\versionxxxxx\Temporary ASP.NET Files
Run WSUS cleanup wizard with option "Computers not contacting the server".
Reboot the server.(just to be sure).
Check the issue again after initiating a scan on a “test” machine.
Does this resolve the issue?
If the issue still occurs, check if you have installed the WSUS hotfix https://support.microsoft.com/kb/2734608 . If not, please install it.
Then finally, you may check these stes: open IIS Console:
- Highlight WSUS Administration Website
- Double click "Authentication"
- Highlight ASP .NET Impersonation, on the right under "Action" pane click on "Disable"
- Check the following websites under WSUS Administration and make sure ASP .NET Impersonation is Disabled. If any of the below Web Applications have ASP .NET Authentication Enabled , then disable them.
- ApiRemoting30
- ClientWebService
- Content
- DssAuthWebService
- Inventory
- ReportingWebService
- Selfupdate
- ServerSyncWebService
- SipleAuthWebService
- Restart IIS
Initiate a scan on a “test” client and check the results.
From the client side of the troubleshooting, pick a “test” client and apply the following steps:
DISABLE any Antivirus running on the “test” client!
From command prompt >run the :
Net stop wuauserv
Net stop BITS
On registry editor delete the following if present: (Take a backup before deleting the key)
Delete all keys under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\
Rename the c:\windows\softwaredistribution folder to .old
Start Windows update service:
Net start wuauserv
Net start BITS
Run wuauclt.exe /resetauthorization /detectnow on the client machine.
Check if that resolves the issue.