Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: The CSI WSUS Group Policy exists, but is not valid

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
CSI

This thread has been marked as resolved.
mbacke The CSI WSUS Group Policy exists, but is not valid
Member 11th Apr, 2013 13:30
Ranking: 0
Posts: 3
User Since: 12th Mar, 2013
System Score: N/A
Location: SE
All of a sudden it will not work to update the clients with THIRD-party updates, get error code 800B0109 in Windows Update, and in CSI (CSI WSUS Configuration Wizard), I get this error: The CSI WSUS Group Policy exists, but is not valid - please check Secunia CSI FAQ.
What do I need to do, to get this working?

--
Kind regards
M.B

Post "RE: The CSI WSUS Group Policy exists, but is not valid" has been selected as an answer.
c.cleiren RE: The CSI WSUS Group Policy exists, but is not valid
Secunia Official 12th Apr, 2013 09:17
Score: 6
Posts: 2
User Since: 30th Nov 2012
System Score: N/A
Location: Copenhagen, DK
Last edited on 12th Apr, 2013 09:20
Hi M.B.,

800B0109 points to the fact that the WSUS self signed certificate is not present on the host, or is present but invalid(see blog post : http://secunia.com/blog/327/ ) or a setting is missing in the administrative template for Windows update, “allow installation of locally published packages” that needs to be set and distributed by the “WSUS-CSI” GPO.

If you get an error when using the CSI WSUS Configuration Wizard in regards to the creation of the GPO, it’s best that you verify the settings manually, you can do this by following the guidelines in our technical user manual : http://secunia.com/?action=fetch&filename=Secunia_...

On the failing client, your first step should be to check the validity and presence of the certificate:
- open the MMC, insert the certificate snapshot, and open Trusted root certification Authorities /Trusted publishers, locate the WSUS self signed certificate and doubleclick it, now have a look at the details and public key, this should be an RSA 2048bits, if lower then follow the recommendations in the blog post above.

If the certificate is correct and added to Trusted root certification authorities as well as Trusted publishers, then have a look at the GPO, likely settings are missing and the link above will point out which settings need to be in place.

If you have verified all points above and you still encounter problems you are more then welcome to contact our Customer Support Center.

C Ccleiren
Solution Specialist

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability