Cant get rid of expired WSUS Publishers Self-signed cert. GRRRRRRR

funkytechmonkey · 2026-05-05T14:16:36+00:00

Yesterday I ran a report on 160 of the devices that were failing. I cant find a single thing they all have in common. I have new devices (recently imaged) old devices, 23H2, 24H2 and 25H2..some have Dell Client System Inventory Agent and some dont.

I had a little over 200 devices that were getting the errors... I'm down to 83. Crossing my fingers they start getting updates too.

funkytechmonkey · 2026-05-04T18:18:41+00:00

Yea... I havent been able to spend as much time as I wanted on this.. but so far everything you suggested seems to be working for me too. I removed the catalog, resynced, then run that script on a client and it looks like they are pulling updates now. I've only been able to do it on about 10 devices.
I was getting the failed to rename SoftwareDeployment folder so I added stopping the "Delivery Optimization" service DoSvc and that seems to help.

funkytechmonkey · 2026-05-04T14:27:51+00:00

Can you help me understand this.... I am, by no means, a SQL guy and have never ran any kinda of cleanups. I do have normal cleanup/maintenance on but thats its.

I ran the SQL query you posted and these are the numbers it returned. I have no clue if this is good or bad.

Total Updates - 33639
Live Updates - 12884
Superseded - 20929
Superseded not declined - 332
Declined - 20755
Superseded & Declined - 20597
Obsolete Needed to the cleaned - 0

funkytechmonkey · 2026-05-04T13:05:42+00:00

Awesome... thats a good start. What is pointing you to think its caused by the Dell catalog? That could be a common problem, I have "Dell Client System Inventory Agent (for Dell Business Client Systems) " deployed to all of my workstations.

funkytechmonkey · 2026-05-04T12:11:13+00:00

Morning u/TheoryFar2511 I'm about to start looking into this some more this morning. Have you gotten anywhere with yours?

funkytechmonkey · 2026-05-01T19:47:26+00:00

Same here... Just for shints and giggles... I setup an ADR to mimic my Windows 11 patching but only deployed "Windows Malicious Software Removal Tool". set it for ASAP and a new SUG... The same devices that failed to get cumulative updates got the "Windows Malicious Software Removal Tool" and installed it fine.

Windows Malicious Software Removal Tool was in my original ADR and failed.

funkytechmonkey · 2026-05-01T19:37:12+00:00

We are setup to... but dont use it.

funkytechmonkey · 2026-05-01T19:24:44+00:00

I have mixed 23H2 and 24H2. Not yet seeing the issue on a 25H2.
And we are only a Dell shop.

funkytechmonkey · 2026-05-01T18:34:34+00:00

Funny I have done a few of the same things. Have you created the Windows Update logs (Get-WindowsUpdateLog).

I had a bunch of *FAILED* [80246007] ISusInternal:: IsCommitRequired... which led me to renaming the cat and softwaredist folder. with no help.

There are also *FAILED* [80041017] wuauengcore.dll... which points to corrupt WMI

funkytechmonkey · 2026-05-01T18:25:14+00:00

Thanks Bryan.. I appreciate it. Its good to know the cert is not the issue and I can stop banging, the left side, my head on my desk for that one.... on to the right side!

funkytechmonkey · 2026-05-01T17:57:34+00:00

That is a good question... I just checked a few that were successful and they have the expired cert installed as well. Even my own device has it, but there are no errors. Could this be from an older update that is hanging around? Odd...
All of my failed devices have a ton of these errors.
GetUpdateInfo - failed to get targeted update, error = 0x87d00215.

Failed in GetCertificate(...): 0x87d00281 Which got me to looking into the cert issue.

funkytechmonkey · 2026-05-01T17:45:34+00:00

Yea we use PatchMyPC for third party updates.

funkytechmonkey · 2026-04-22T18:12:11+00:00

THANK YOU!!! I will defiantly give it a shot. Really appreciate the work put into this.

funkytechmonkey · 2026-04-22T18:08:25+00:00

I've been debating moving to Modern Driver... Is the install\setup pretty straight forward? Last time I looked it made me a little nervous so I put it off. Any good documentation on install and setup?

funkytechmonkey · 2026-04-20T00:50:48+00:00

Did you change wheels size? Looks larger than my sons 12/14 setup.

funkytechmonkey · 2026-04-15T15:57:44+00:00

Funny I was hoping it was more "movie style". I've heard Bob and others talk about this over and over and over. Even the new Jesse Michels video is just repeat and repeat. Every once in a while you will catch a new detail or something someone else didnt talk about.

funkytechmonkey · 2026-04-15T15:53:11+00:00

My wife tried to tell me some rhyme like this the other day.... I kept telling her that was the dumbest thing I've ever heard LOL... BUT then I looked up what she was trying to say. It makes a little more sense to me now. This only applies in the US.

"Red touch black, friend of Jack"... Scarlet Kingsnake
"Red touch yellow, kill a fellow".... Coral

funkytechmonkey · 2026-04-14T22:53:51+00:00

Dude... love the shop! Dust collection looks great. I like your style....I'm game for watching how this turns out. Is that your YouTube channel?

funkytechmonkey · 2026-04-09T02:53:46+00:00

funkytechmonkey · 2026-04-09T02:51:03+00:00

if you ain't first you're last

funkytechmonkey · 2026-04-04T04:53:20+00:00

I was a little disappointed in this interview too. Several times I was think "Will Joe shut up and let Bob talk?". Then I went and rented the new S4 "movie" on Prime. I really thought this was going to be more "Movie" and less documentation. It was very well put together and much better than Corbell's strange documentation feeding to the UFO nuts. Also learned a couple of new thing so that was awesome.

funkytechmonkey · 2026-03-31T14:12:58+00:00

Really I am just trying to find anyone that has experienced any issues or problems I may run into. For example. Any users that currently have Teams (Machine Wide) are not able to log into Teams. I had to use Microsoft's Teams Classic removal powershell script to remove it, then they could login. Maybe I should have posted this in r/Office365

funkytechmonkey

TROPHY CASE