Windows update not updating
The added problem is the server install media has a bug in it which prevents the Dual Scan from changing.
It just ignores the policy and keeps the default update source Windows Update.
The problem is with Dual Scan trying to connect to Windows Update (online) and failing.
When it fails the system just stops trying and refuses to connect to WSUS.
These KBs fix the dual scan issue so the server will respond to the GPO telling it which default source to use.
If I run a report on one of the servers and I set the product filter to "Windows Server 2016" I get 31 updates installed or not applicable. The status for all of them is "Not Applicable" They are all Critical updates and Security Updates.
WSUS will detect but not send updates to any of the 2016 servers.
It shows 0 updates needed, all updates show "installed or not applicable".
I created a completely new 2016 server installation with absolutely nothing installed on it; no roles, no firewalls no virus scanner no nothing, just a blank server and tried to force it to connect.
WSUS detects that the server exists but that is about it.