Why would the Solarwinds patch manager show "No needed" updates (literally zero found!), even though lots of updates are found when doing a "Check online for updates with Microsoft" on the client?
First note to consider is that comparing what's available online with "Windows Update" or "Microsoft Update" with what's available from WSUS is comparing apples to oranges. The updates available to a client from a WSUS server are determined by many factors that do not affect update availability from WU or MU. For example:
- WU/MU contains all update classifications; WSUS only contains those that are being synchronized.
- WU/MU contains all product categories; WSUS only contains those that are being synchronized.
- WU/MU contains only the latest available updates (superseded updates are hidden); this may or may not be the case on a WSUS server depending on how the updates are being managed.
- WU/MU has all updates "approved"; WSUS only contains those that have been explicitly approved by the administrator.
- WU/MU shows all updates as "available"; WSUS only shows those updates that have actually downloaded files as "available" to clients.
- WU/MU does not have the concept of "groups"; WSUS only shows those updates approved for the group(s) that a client is assigned to.
- If the client is not opted into MU, then WU only shows operating system updates; WSUS shows both operating system and application updates regardless of the MU "opt-in" state.
So be aware that hardly ever will these two lists match. So why are NO updates available to a client from the WSUS server:
- It could be that there are no synchronized updates applicable to that client.
- It could be that there are no approved updates applicable to that client.
- It could be that there are no approved updates with downloaded files applicable to that client.
- It could be that the client is in a group where the updates are not approved, or that the updates are approved for the wrong group(s).
- It could be that the client is fully patched!
Having said that, let's return to the original question:
I have a view setup showing only "Needed updates" which I approve on the 2nd Wednesday of each month to test before deploying to all. However when i change the update status to "Needed" for all updates I get no results,
If there actually are no "Needed Updates" on the WSUS server, that's absolutely consistent with the behavior observed in the Windows Update applet of the client.
But let's check a couple of things to investigate. (Note: The below images are from the online Flash Demo of Patch Manager so the dates are not reflective of reality.)
- What is the Refresh Date on the update view?
Image may be NSFW.
Clik here to view.
- What's the most recent synchronization date of the WSUS server? (This is available from the root server node under the "Update Services" node.)
- Does the server have any pending downloads? (Best place to get this is from the WSUS native console, on the root node, details pane, right side under "Download Status".)
- Does the client appear in the correct WSUS Group(s)?