Overview

Error codes, causes, and solutions.

Errors

Client cannot update from WSUS server

Posts about these errors point to two issues.

• 0x8024400D is the result of having an unpatched WSUS server, possibly KB2938066 is not installed.
• 0x80244015 is related to the cache local on the client, i.e. the contents of the SoftwareDistribution folder in C:\Windows.
  
  

Resolution

• Ensure that the WSUS server in question is fully patched and up to date
• Ensure that the WSUS client on client systems is up to date (see KB2887535)

Once that is complete, perform the following steps on the client:

1. Point the computer in question to update against the WSUS server
2. Stop the Windows Update service on the client.
3. Stop the BITS service on the client.
4. Rename the c:\windows\softwaredistribution folder
5. Start BITS service
6. Start Windows Update service
7. From an elevated command prompt run: wuauclt.exe /resetauthorization /detectnow

Regarding wuauclt /resetauthorization /detectnow

The /resetauthorization parameter forces the targeting cookie to be immediately expired. Normally the cookie has an ~60 minute expiration. Typically this form of the command is used when server-side targeting is being used, and a client system has just been reassigned to new group(s) via the WSUS console. Use of this command forces the WUAgent to discard any previously known group memberships and to requery the WSUS server for the current memberships. This command should also be used when the SusClientID has been deleted and a detection was performed within the previous hour to ensure the WUAgent does not use the SusClientID that is cached in the targeting cookie.

Also note that the order of these parameters is critical -- the /resetauthorization flag must be the first of these flags on the command line.