SCCM 2007 - WSUS scan fails on client machines

  • Article

You may observe the following errors appearing in the SCCM client's logs, when SCCM clients cannot scan for updates:

Windowsupdate.log
2014-05-22 16:13:19:440 860 1994 PT Server URL = https://#####
2014-05-22 16:13:19:455 860 1994 PT WARNING: GetAuthorizationCookie failure, error = 0x8024400E, soap client error = 7, soap error code = 400, HTTP status code = 200

Wuahandler.log
Its a WSUS Update Source type ({##########}), adding it. 1/1/1601 12:00:00 πμ 0 (0x0000)
Existing WUA Managed server was already set (https://########), skipping Group Policy registration. 1/1/1601 12:00:00 πμ 0 (0x0000)
Added Update Source ({############}) of content type: 2 1/1/1601 12:00:00 πμ 0 (0x0000)
Async searching of updates using WUAgent started. 1/1/1601 12:00:00 πμ 0 (0x0000)
Async searching completed. 1/1/1601 12:00:00 πμ 0 (0x0000)
OnSearchComplete - Failed to end search job. Error = 0x8024400e. 1/1/1601 12:00:00 πμ 0 (0x0000)
Scan failed with error = 0x8024400e. 1/1/1601 12:00:00 πμ 0 (0x0000)

Updatesdeployment.log
Job error (0x8024400e) received for assignment ({###################}) action 1/1/1601 12:00:00 πμ 0 (0x0000)
Updates will not be made available 1/1/1601 12:00:00 πμ 0 (0x0000)

Updateshandler.log
Updates scan completion received, result = 0x8024400e. 1/1/1601 12:00:00 πμ 0 (0x0000)
- - - - - -Scan Failed for ToolUniqueID={#########}, with Error=0x8024400e 1/1/1601 12:00:00 πμ 0 (0x0000)

This error 0x8024400e leads us to the following troubleshooting steps:

Check the permissions on the windows\temp folder and C:\WINDOWS\Microsoft.NET\Framework\versionxxxxx\Temporary ASP.NET Files, if  the NETWORK SERVICE Account is missing permissions:
-      Check the Permissions for NETWORK SERVICE on %windir%\temp to allow "List Folder / Read Data" and "Delete"
-      Typically this will be C:\WINDOWS\TEMP folder
-      Add NETWORK SERVICE with FULL CONTROL of this folder >  C:\WINDOWS\Microsoft.NET\Framework\versionxxxxx\Temporary ASP.NET Files

Run WSUS cleanup wizard with option "Computers not contacting the server".
Reboot the server.(just to be sure).
Check the issue again after initiating a scan on a “test” machine.
Does this resolve the issue?

If the issue still occurs, check if you have installed the WSUS hotfix https://support.microsoft.com/kb/2734608 . If not, please install it.
Then finally, you may check these stes: open IIS Console:

  • Highlight WSUS Administration Website
  • Double click "Authentication"
  • Highlight ASP .NET Impersonation, on the right under "Action" pane click on "Disable"
  • Check the following websites under WSUS Administration and make sure ASP .NET Impersonation is Disabled. If any of the below Web Applications have ASP .NET Authentication Enabled , then disable them.
    • ApiRemoting30
    • ClientWebService
    • Content
    • DssAuthWebService
    • Inventory
    • ReportingWebService
    • Selfupdate
    • ServerSyncWebService
    • SipleAuthWebService
  • Restart IIS

 Initiate a scan on a “test” client and check the results.

From the client side of the troubleshooting, pick a “test” client and apply the following steps:

DISABLE any Antivirus running on the “test” client!
From command prompt >run the :
Net stop wuauserv
Net stop BITS
On registry editor  delete the following if present: (Take a backup before deleting the key)
Delete all keys under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\
Rename the c:\windows\softwaredistribution folder to .old
Start Windows update service:
Net start wuauserv
Net start BITS

Run wuauclt.exe /resetauthorization /detectnow on the client machine.

Check if that resolves the issue.