I recently had an issue where a client needed to quickly download and install all windows updates. They originally had all clients pointed to a non-existent SUS server, so most of their servers and workstations were out of date.
We removed the line from the GPO that pointed the clients to the nonexistent SUS server, meaning that the agents will look on the internet for updates; however, they still didn’t get the updates.
Windows Update logs are located here: %systemdrive%\windows\SoftwareDistribution
When I opened the log file, I saw several errors that looked like this: Windows Update Client failed to detect with error 0x80072efd.
There errors are due to the fact that windows update uses WINhttp, and the client had a proxy server configured, but did not have a proxy server set using proxcfg.
You can check to see if a proxy server is configured for WINhttp by typing proxycfg at the command prompt.
I wrote a batch script to run on all agents that updates the proxy for WINhttp, stops the windows update service, removes the registry keys that indicate when windows update last ran, restarts the service, then forces an update download.
Here is the script, save as a .bat file, and run at will!:
REM Batch File
REM NAME: Force Auto Updates Download
REM AUTHOR: Ron Williams ,
REM DATE : 4/8/2009
REM COMMENT : Replace [proxyserverIP]:[proxyserverPort] with the ip and port of
REM your proxy server in the format 192.168.1.2:8080 (no brackets)
proxycfg -p [proxyserverIP]:[proxyserverPort]
net stop wuauserv
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
net start wuauserv