Wsus not updating all clients
Group Policy is the primary means of configuring machines in an Active Directory domain to download updates from WSUS and is the first thing that should be checked if machines aren't appearing in the WSUS console.
The WSUS Group Policy settings are stored in the same location as other Windows Update settings: Computer Configuration\Administrative Templates\Windows Components\Windows Update.
You may discover that some or all of the machines in your environment are missing from the WSUS console.
Machines which don't appear in the WSUS console are probably not pulling updates from the WSUS server, so they may not be updating themselves at all and therefore may be more susceptible to software malfunctions and/or pose a threat to the security of the environment.
There are a number of possible reasons for this, and the most common ones are discussed in these articles: It is also possible to use a machine's local policy to configure WSUS settings.
This is useful on machines which are not members of a domain, for example, since those machines won't process Group Policy.
The WSUS settings are in the same location as their Group Policy counterparts.
Windows Server Update Services (WSUS) provides a convenient way to keep Windows servers and clients up to date as new updates are released by Microsoft.
Note: Microsoft recommends placing WSUS settings in their own Group Policy object (GPO) rather than one of the default GPOs.The two relevant settings are Configure Automatic Updates, which must be enabled, and Specify intranet Microsoft update service location, which specifies the URL of the WSUS server: When WSUS was installed, if it was configured to create its own custom website in IIS rather than use the default website, this URL must include the port number of the site (for example, or clients will not be able to locate WSUS. If the WSUS Group Policy settings are correct but computers still don't appear in the console, the computers may not be processing Group Policy successfully.This provides centralized update management and more efficient use of bandwidth than if every machine in the environment were to download updates directly from Microsoft.WSUS doesn't "push" updates to machines in the environment; rather, it stores them and waits for machines to "check in" and download the ones they need.The WSUS management console provides an administrator with the ability to easily see which updates are available and which machines require them.