I have no clue – but I just love to skate on thin ice

Try using regedt32 (as opposed to regedit) and search for the policy keys, and check the security permissions on the policies.

As I mentioned above, I don’t know much about GPO’s, but I have seen some spyware (and retro viruses) that lock down registry key permissions so that they cannot be removed easily. Whether or not it’s spyware, viruses, or simply an ambitious user who wants more freedom with a rigged machine, I wouldn’t know, but that’s where I would start looking.

Bob

Try this on the machine that does not update:

Open the Registry Editor and navigate to the following key:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto Update

Find the value named NextDetectionTime (I’m not sure if it’s a DWORD or String Value) and delete it. Wait about 1/2 hour to 1 hour for the computer to try to connect to the update server again.

Also, navigate to the following key:
HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate

Find the values named WUServer and WUStatusServer and verify that they are pointing to the correct SUS/WSUS server. (Keep in mind that I use WSUS so the values may be named differently if you use SUS.)

To refresh a GPO on an XP box use gpupdate /force, this will force the refreshing of the gpo’s to be applied to the workstation.
also use gpresult to look to see what gpo’s have been applied to the workstation.
if you dont have these utilities, pop on to microsofts web site and down load the win2003 resource kit.

first thing we should start from is the errors in the event viewer. From there we could tell if it’s DNS issue, or any other security settings.