SendRequest failed with hr = 800710dd
rino
i have http://serverA:8530 in my GPO and have checked my registry. the wsus
server is present in the proper registry location. default website (port 80)
is available for everyone.
when i checked the %windir%\windowsupdate.log, i get this:
2008-12-01 12:40:47:712 1160 1608 PT Server URL =
http://serverA:8530/SimpleAuthWebService/SimpleAuth.asmx
2008-12-01 12:40:50:526 1160 1608 Misc WARNING: SendRequest failed with hr =
800710dd. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes
used : <>
2008-12-01 12:40:50:526 1160 1608 PT + Last proxy send request failed with
hr = 0x800710DD, HTTP status code = 401
2008-12-01 12:40:50:526 1160 1608 PT + Caller provided credentials = No
2008-12-01 12:40:50:526 1160 1608 PT + Impersonate flags = 2
2008-12-01 12:40:50:526 1160 1608 PT + Possible authorization schemes used
=
2008-12-01 12:40:50:526 1160 1608 PT WARNING: GetAuthorizationCookie
failure, error = 0x800710DD, soap client error = 5, soap error code = 0, HTTP
status code = 200
2008-12-01 12:40:50:526 1160 1608 PT WARNING: Failed to initialize Simple
Targeting Cookie: 0x800710dd
2008-12-01 12:40:50:526 1160 1608 PT WARNING: PopulateAuthCookies failed:
0x800710dd
2008-12-01 12:40:50:526 1160 1608 PT WARNING: RefreshCookie failed: 0x800710dd
2008-12-01 12:40:50:526 1160 1608 PT WARNING: RefreshPTState failed:
0x800710dd
2008-12-01 12:40:50:526 1160 1608 PT WARNING: PTError: 0x800710dd
2008-12-01 12:40:50:526 1160 1608 Report WARNING: Reporter failed to upload
events with hr = 800710dd.
anoymous user is allowed on the default website (port 80) and all ip address
are granted to all. i am also able to manage wsus from my workstation
correctly thru port 8530.
is there anything i missed?
Lawrence Garvin (MVP)
news:C587E4D8-E142-410C...@microsoft.com...
> wsus 3.1 sp1, win2k3 sp2
>
> i have http://serverA:8530 in my GPO and have checked my registry. the
> wsus
> server is present in the proper registry location. default website (port
> 80)
> is available for everyone.
>
> when i checked the %windir%\windowsupdate.log, i get this:
>
> 2008-12-01 12:40:47:712 1160 1608 PT Server URL =
> http://serverA:8530/SimpleAuthWebService/SimpleAuth.asmx
> 2008-12-01 12:40:50:526 1160 1608 Misc WARNING: SendRequest failed with hr
> =
> 800710dd. Proxy List used: <(null)> Bypass List used : <(null)> Auth
> Schemes
> used : <>
> 2008-12-01 12:40:50:526 1160 1608 PT + Last proxy send request failed with
> hr = 0x800710DD, HTTP status code = 401
This is an access permissions error.
> anoymous user is allowed on the default website (port 80) and all ip
> address
> are granted to all.
Merely having anonymous access on the default website (particularly when you
have a port 8530 server installed) is near not enough.
Unless somebody has mucked with the default IIS permissions, this should not
be an issue.
Mucking with default NTFS permissions on system resources can also cause
this error.
> i am also able to manage wsus from my workstation
> correctly thru port 8530.
This tells us that the APIRemoting virtual directory on the port 8530 server
is set correctly, but that's all.
> is there anything i missed?
Review Appendices C and D of the WSUS Operations Guide for the correct
permissions settings.
--
Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
MS WSUS Website: http://www.microsoft.com/wsus
My Websites: http://www.onsitechsolutions.com;
http://wsusinfo.onsitechsolutions.com
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
rino
i'm slowing making progress. i just can't seem to comprehend why managing
IIS is this difficult. i mean anonymous user is allowed the it should work!
rino
somehow, i can't use "http://serverA:8530" in my GPO anymore. before with
wsus 2.0, i only have "http://serverA" but now i must use
"http://serverA.acme.com:8530" in my GPO and also use "Integrated Windows
Authentication" instead of anonymous access.
now my PCs starts appearing in wsus.
Lawrence Garvin (MVP)
> i'm slowing making progress. i just can't seem to comprehend why managing
> IIS is this difficult. i mean anonymous user is allowed the it should
> work!
To be very honest, managing IIS is *not* this difficult, provided that
you're working with a normally configured operating system, and a fresh
installation of IIS.
However, if you're working on a machine that's had security configurations
"tweaked" by somebody who doesn't know, or somebody has "tweaked" IIS, then
things are going to be a lot more complicated.
Just as a comparison, I would encourage you to take a 2 hour break, set up a
virtual machine somewhere, install Windows Server 2003 *with* IIS6, and then
install a default (express) installation of WSUS. I promise you, on a virgin
system, it'll work perfectly right out of the box.
Lawrence Garvin (MVP)
> somehow, i can't use "http://serverA:8530" in my GPO anymore. before with
> wsus 2.0, i only have "http://serverA" but now i must use
> "http://serverA.acme.com:8530" in my GPO and also use "Integrated Windows
> Authentication" instead of anonymous access.
See... here's some *more* information!! :-)
The reason that WSUS "moved" the WSUS server from the Default Web Site (port
80) to the alternate "WSUS Administration" website (port 8530) during the
upgrade is because something new has been installed on that server making
the Default Web Site now "unavailable" for use by WSUS.
As for the "Integrated Windows Authentication", exactly where are you having
to use IWA instead of anonymous access?
And... pursuant to the previous question concerning the availability of the
Default Web Site --
What else is installed on this machine???