Windows Update + Active Directory/Group Policy == Pain

From: "David R" <david@xxxxxxxxxxxx>
Date: Wed, 1 Feb 2006 21:58:04 -0000

Ahoy

BTW, I'm not using WSUS/MOM/SUS/Whatever.

This is just a vanilla Windows 2003 Domain with 3 member computers, 1 DC, 
and 1 member server. (the member server is actually a WS2003 installation 
running under VirtualPC on one of the member computers)

On all the computers except the domain controller Windows Update/Microsoft 
Update both fail with the error code "0x8007F004". The error-message "You do 
not have sufficient permission to update Windows XP" is also displayed 
whenever I try to run patch programs manually.

This happens regardless of if I'm using the computer as the domain 
administrator, as a member of the administrators group, or as a local 
administrator.

I traced the problem back to my Active Directory installation, since this 
only affects domain computers.

I've made a thread about this on a forum where there's some more additional 
information and some screenshots: 
http://channel9.msdn.com/ShowPost.aspx?PostID=159840

Any ideas? 


.

Prev by Date: Re: Using same Netbios name
Next by Date: Re: Active directory Site Replication
Previous by thread: Re: Using same Netbios name
Next by thread: Re: modify sIDHistory
Index(es):
- Date
- Thread

Relevant Pages

Re: OU Administrator setup/Admin Shares
... My mistake on the Windows 2000 PC, it was not a member of my test OU. ... The $ shares are shared out to local administrators ... Create the gpo in the ou where the Computers reside, ...
(microsoft.public.windows.server.active_directory)
Windows Update + Active Directory/Group Policy == Pain
... Ahoy (sorry for cross-posting to this usenet group too, ... This is just a vanilla Windows 2003 Domain with 3 member computers, 1 DC, ... On all the computers except the domain controller Windows Update/Microsoft ...
(microsoft.public.windowsupdate)
Re: Add Computer to domain
... >> every PC and Member Server local administrators group in our domain. ... >> I have created an OU called 'Computers' which will house all the PC's ...
(microsoft.public.windows.server.active_directory)
Re: Add Computer to domain
... > every PC and Member Server local administrators group in our domain. ... > I have created an OU called 'Computers' which will house all the PC's ... > 'Computers' OU for the global group 'admins' ...
(microsoft.public.windows.server.active_directory)
Add Computer to domain
... I've created a global group called 'admins' which is a member of every PC ... and Member Server local administrators group in our domain. ... now be Computers. ...
(microsoft.public.windows.server.active_directory)