Recently on adding some machines and updates to a existing WSUS server that had been stable for a whole year, I was getting the server being unresponsive , and the reset server node would not work

After restarting the Windows Update Server Service , the error below would display in the event log : 

The WSUS content directory is not accessible. System.Net.WebException: The remote server returned an error: (503) Server Unavailable. at System.Net.HttpWebRequest.GetResponse() at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)

Running IISRest in the Command prompt brought the site back online  , however clearly this was a workaround to teh crash , Turns out you need some tweaking of the Website in IIS to stop this!

1. On your WSUS Server, launch the IIS Manager
2. Open Application Pools
3. Right click ‘WsusPool’ and select ‘Advanced Settings…’
4. To support the maximum SCCM Software Update Point clients, change ‘Queue Length’ from the default 1,000 to 25,000
   
5. If your server is NUMA aware, change ‘Maximum Worker Processes’ from the default 1 to 0. If you don’t know if your server is NUMA aware, leave this value default
   
6. Change ‘”Service Unavailable” Response Type’ from the default HttpLevel to TcpLevel
7. Change ‘Failure Interval (minutes) from the default 5 to 30
8. Change ‘Maximum Failures’ from the default 5 to 60
   
9. Click ‘OK’ to save the App Pool changes
10. From an administrative command prompt, type IISRESET

This is also a good Cleanup script to schedule : 

https://community.spiceworks.com/scripts/show/2998-wsus-automated-maintenance-formerly-adamj-clean-wsus

• No Comments

The first step is to make sure you see the actual WSUS server name in the log – if not that indicates a policy or registry setting used for the policy is not in place.
Next get the errors for the client trying to contact WSUS and check the error code against the error code reference for Windows Update agent. For a reference see:

Windows Update information is stored in c:\%windir%\Windowsupdate.log.

Perform the following on the client workstation.
1. Delete the registry keys in
HKLM\Software\Microsoft\Windows\Currentversion\Windowsupdate
2. Restart Automatic Updates service.
3. Issue the command wuauclt /resetauthorization /detectnow.
Updates will start downloading

Removing managed by your system administrator message to update them manually

Set Group Policy Manually
Start -> Run -> gpedit.msc
 
Computer configuration -> Administrative Templates -> Windows Components -> Windows Update
Configure Automatic updates
Choose enabled
Choose option 5 – Allow local admin to choose setting
 
User configuration -> Administrative Templates -> Windows Components -> Windows Update
Remove access to use all Windows Update features
Choose Disabled

After above clients where still not showing up in the WSUS gui after downloading the updates from the server. I checked

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate (SusClientId) which was cloned across all the servers. We had to run this:

• No Comments