Yet again I’ve run into issues with Windows Updates when using the WSUS server. This time updates could not be installed automatically on Windows 10 client even though everything was fine with the client and the WSUS server. The user received the following error message:
Your device is missing important security and quality fixes. The Check for updates button was grayed out.
I have tried the usual steps like stopping the Windows Update, and BITS services along with renaming the Software Distribution folder but without luck. So, to solve this issue I just had to remove the troublesome client from the WSUS for a while.
In order to do that, open the registry editor by typing regedit in the Run prompt.
Navigate to the following handle to the registry key:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Update\AU
In the right pane change the Value of UseWUServer key to 0. Click OK and close the registry editor. You can also delete contents of the AU registry key leaving only the (Default) REG_SZ key.
Now, open the Services add-in by typing the services.msc in the Run prompt.
Browse to Windows Update service and Restart the service.
Wait for a few minutes and you should be able to check for updates and install them manually. Once the server restarts the AU key that we have changed/deleted will be recreated again by the Group Policy.
If you still haven’t managed to install updates you can also temporarily move the problematic PC to another Organizational Unit (OU) in AD so you can restart it without WSUS policy being applied until you’re done.
As you can see below, after the changes described in this article you should be able to update this PC.
Comments are welcome!