While this isn't exactly what you want to hear, i'd really suggest moving to W2012 and WSUS 6.3.x.x
W2012 will properly update W10 clients (if needed) and WSUS 3 isn't supported anymore (or will be desupported here quickly).
notes about WSUS 3 deprecation... (the article calls the new WSUS v4 while I call it v6 because of the internal version numbering in the product)
To your question about whether or not the DB still holds the status of files... It does...
In fact, the tbFileDownloadProgress table has the pending download files listed, and their current progress... It's not as easy as just listing the files from that table, however, and in fact I haven't 100% figured out exactly what all SQL joins are needed to get the data to look presentable but it helps you see what it's currently looking for.
Another FYI.. WSUS 6 and WSUS 3 use basically the exact same DB Schema.. I.e. some pretty heavy SQL queries developed for WSUS 3 still work for WSUS 6.
I can say that I haven't ever run an air-gapped server before, so I can't help much in that arena, but if the server can't see the files you've downloaded, it's possible an issue with where the files are stored versus where the server is looking for them... possibly a permissions issue... or something else I can't think of off the top of my head at the moment...
Is this a new development in an old server implementation? or a new install? I saw you reinstalled, just wanted to validate how long this was running previously.
Post by Dan Thomas
I'm running Windows 2008R2 w/ WSUS 3.0 SP2 both on my internet connected server and my airgap/disconnected server
Been having trouble with the airgap server saying that files are still needed for updates. After wrestling with it for a while, I did a redo... reinstall WSUS 3.0SP2 on the disconnected server and created a new database on SQL 2008R2. The update files are still on the server and I re-ran the wsusutil import.
Still, the server is showing over 13K files (nearly 283GB) of updates that WSUS thinks needs files.
I've got my servers on both sides configured to recieve updates for Windows 2008, 2008R2, Windows 7, Windows 10, Windows 2012, Windows 2012 R2, a few versions of SQL, Silverlight, and some office products. They are both configured to store update classifications for Critical Updates, Definition Updates, Security Updates, Service Packs, Update Rollups, and Updates.
The auto approve rule is configured to approve updates for Critical Updates, Security Updates, and Service Packs.
When I check on an update that claims it still needs to download the files, I can find the referenced files in the WSUSContent directory structure.
Windows Update service is running as Local System.
I'm at a loss here. What am I missing? Why would the WSUS Service not be seeing the updates? My thought is permissions on the WSUSContent directory. Can anyone verify for me the minimum permissions needed?
Is there something else I should check?