Submit a ticketCall us
Home > Success Center > Patch Manager > Unable to publish packages from Patch Manager to the WSUS server

Unable to publish packages from Patch Manager to the WSUS server

Overview

When you publish packages from Patch Manager to the WSUS server, the process fails and the Patch Manager Publishing Wizard returns the following error message: 

Message: Failed to publish packageName. Publishing operation failed because the console and remote server versions do not match.

Environment

All Patch Manager versions

Cause

Microsoft® Windows Server® Update Services (WSUS) requires all components in the WSUS publishing to be identical. If they are not identical, the Patch Manager Publishing Wizard return an error message.

For example, if the WSUS server API is at version 6.2, all of the other WSUS servers (including any Patch Manager Automation servers) must also be at version 6.2 with the same patches installed on both servers.

Resolution

The following table describes the different combinations of Patch Manager and WSUS. The table also shows the ones that connect locally and others that require an additional Automation Role server (typically installed on the WSUS server, but it can also be a third system).
 

 

Patch Manager on 2008R2 SP1

(WSUS v3 console)

Patch Manager on WS2012 (WSUS v6.2 console)

Patch Manager on WS2012 R2 (WSUS v6.3 console)

WSUS v3

(2008R2 SP1)

Direct Connection from PAS works

Requires AutoServer on WSUS v3 server or other system running Windows Server 2008 R2 SP1

Requires AutoServer on WSUS v3 server or other system running 2008 R2 SP1

WSUS v6.2 (on WS2012)

Requires Automation Server on WSUS v6.2 server or other system running Windows Server 2012

Direct Connection from PAS works

Requires AutoServer on WSUS v6.2 server or other system running Windows Server 2012

WSUS v6.3 (on WS2012R2)

Requires Automation Server on WSUS v6.3 server or other system running Windows Server 2012 R2

Requires AutoServer on WSUS v6.3 server or other system running Windows Server 2012 R2 

Direct Connection from PAS works

During publishing, if you select Verify WSUS version compatibility and required signing certificate is distributed, it displays the client and server API mismatch such as version 6.3.XXXX versus 6.3.YYYY.  If that is the case, you may be able to uncheck this box to proceed without changes. If you continue receiving an error and failure to publish, follow the steps for CASE 1. 

See Issues with the latest WSUS Update for additional information. 

CASE 1 (Direct connection from PAS)

All WSUS servers and Patch Manager Automation servers must have the same Microsoft patches installed.

  1. Log onto the server you need to check.
  2. Open Control Panel > Programs and Features.
  3. In the left pane, click View installed updates.
  4. Scroll until you find the Windows Server Update Services section.
  5. Record the KB numbers (in parentheses) at the end of each entry.
  6. Install any missing patches to the applicable servers.

CASE 2 (Requires Automation Server)

The Automation Server role is required to route requests when a WSUS console and WSUS server API mismatch occurs.

  1. If Patch Manager and WSUS have different major versions, install an additional Automation Role server for each WSUS server.
  2. Create an Automation Server Routing Rule (ASRR). The ASRR tells the Patch Manager server to route all requests for the WSUS server through the appropriate Automation Role server.

See Install and configure an Automation Server for WSUS for details about deploying an Automation Server and building an ASRR. 

 

Last modified
15:21, 19 May 2017

Tags

Classifications

Public