Quantcast
Channel: WSUS forum
Viewing all 12874 articles
Browse latest View live

WSUS Disconnected network

June 6, 2015, 6:23 am
$
0
0

Hi,

I am having a very strange problem and would really appreciate some help. We have 10 different field offices around the world connected to HQ with 2Mpbs MPLS link. I have a 2012 R2 WSUS server in HQ as an upstream server and catering to the users in HQ. In all field offices there is one 2008 R2 WSUS server connected to the HQ WSUS acting as downstream servers. All downstream servers are configured as Replica of the upstream so they are getting all approvals, groups, settings, etc from the upstream server but they are all configured to download the updates from MS directly so that we don't choke the MPLS link. So this is working perfectly fine without any issues. Client reports in and get updates from the server and I can see the status in HQ of the whole environment.

Now we have around 40 offshore locations in our environment which are connected to the corporate network via slow VSAT link. On these locations I want to configure 2008 R2 WSUS server but don't want to download updates because of the slow link. So I am configuring the WSUS server using the "Set Up a Disconnected Network" instructions mentioned in deployment guide. I have copied the WSUSContent folder and exported the metadata from one of the downstream servers to external drive and shipped it to the remote location. Now after copying the WSUSContent and then importing the metadata I am not able to see anything in WSUS console. I don't see any groups and it still shows that updates are not approved. Express download option is not set and only English is selected on all the servers.

I have also trying the same process in the lab environment with the same result. It's been a week now and I am out of ideas. Any help will be appreciated. Sorry for the long post.

Regards,

Azeem.

Search

Backups failing after moving WSUS repository... VSS/SQL problem?

June 6, 2015, 12:26 pm
$
0
0

Not long ago I realized that the WSUS database and related files on my SBS2011 server were about to overwhelm the partition (O/S partition) where they were originally installed. Realizing this was a problem that was only going to get worse I decided to relocated the WSUS files and databases to a larger partition on the same server.  To do this I used the Microsoft instructions (How to Move WSUS Content and Database Files to a Different Volume) to move the content and the databases to the new partition.  Everything seemed to go as planned.

Apparently I must've messed up somewhere along the line because the SUSDB.mdf files on the original drive (C-Drive) appear to still be in use, and the SUSDB.mdf files on the new, larger drive (E-Drive) aren't being touched.  There does appear to be current activity in the E:\WSUS\WsusContent\ folder, but the "Modified date" of the .mdf file located in E:\WSUS\SUSDB\UpdateServicesDbFiles directory hasn't changed since I moved it (two months ago).

As an added "gotcha", soon after I tried to move the WSUS files I started encountering problems with my backups (which are dependent on Microsoft's VSS service to complete normally).  A server reboot would clear up backup problems for a few days, then after a few days backups would start failing again.  A review of my server's log files revealed a bunch of MSSQL$MICROSOFT##SSEE errors (3197, 3198, and 18264).

So I feel like I'm up against some problems here related to MYSQL and VSS that are over my head.  Can anyone help me clear these up?  Many advance thanks.

SBS 2011 Standard, SP1, 64-Bit

Joe

How to find WSUS server in unknown environment?

March 7, 2011, 7:26 am
$
0
0

I've got what I consider to be an odd task facing me.  In an server environment where I have no knowledge of the infrastructure, I need to find out where the WSUS server is, and how it's configured.  I can't ask questions of those who are in charge of the environment and I need to identify the WSUS environment ASAP.  I've tried running GPresult and I'm getting access denied for most of the GPResult data even though I'm a domain admin in the environment.

I need to find where the console is installed and whether I have access to it. 

 

Problems After Changing WSUS Port

October 9, 2013, 6:32 pm
$
0
0

Hello Everyone,

I am running a fresh install of Windows Server 2012.  I installed WSUS from server manager.  To the best of my memory, I was NOT asked which ports to use for WSUS.

I want to use custom ports for WSUS.  I went into IIS and I changed the bindings for the WSUS website.  After doing so, my server ran for days and didn't have problems.  My clients are actively checking in to my server and things look good.

But when I reboot my server, I am getting a lot of errors.  The primary error is shown below.  The most important thing is that there are still services attempting to connect to port 8530.  It looks like I have more work to do to change the port for WSUS.  What can I do to fix this error?  The port should NOT be 8530.

Thank you for your help.

-----------------------------------------

The WSUS content directory is not accessible.
System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it192.168.10.100:8530
   at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
   at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
   --- End of inner exception stack trace ---
   at System.Net.HttpWebRequest.GetResponse()
   at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)

WSUS Console Connection Error Event 7032

May 7, 2015, 12:18 pm
$
0
0

Background:

Server 2008 r2 enterprise

WSUS 3.0 Sp2

KB 2734608

sql server 2008 R2 SP3

Problem: when I click on "Synchronizations" or "All updates" it shows loading 99% takes several minutes and the connections displays "connection error". The following error below is in event viewer. How do I fix this?

I have reinstalled wsus + IIS and restarted multiple times.

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The operation has timed out

Source
System.Web.Services

Stack Trace:
   at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
   at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.ApiRemotingCompressionProxy.GetWebResponse(WebRequest webRequest)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, Int32 publicationState)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, ExtendedPublicationState publicationState)
   at Microsoft.UpdateServices.Internal.BaseApi.Update.SearchUpdates(UpdateScope searchScope, ExtendedPublicationState publicationState, UpdateServer updateServer)
   at Microsoft.UpdateServices.UI.AdminApiAccess.UpdateManager.GetUpdates(ExtendedUpdateScope filter)
   at Microsoft.UpdateServices.UI.AdminApiAccess.WsusSynchronizationInfo.InitializeDerivedProperties()
   at Microsoft.UpdateServices.UI.AdminApiAccess.WsusSynchronizationInfo.get_NewUpdatesCount()
   at Microsoft.UpdateServices.UI.SnapIn.Pages.SyncResultsListPage.GetSyncInfoRow(WsusSynchronizationInfo syncInfo)
   at Microsoft.UpdateServices.UI.SnapIn.Pages.SyncResultsListPage.GetListRows()

Replica-WSUS doesn't contain locally published updates

June 9, 2015, 12:03 am
$
0
0

Hello erveryone,

I've successfully set up a SCUP on our main WSUS Server. The deployment of locally pubished updates works perfectly for WSUS-Clients which are directly connected to this main WSUS. We also have 15 Replica-Servers syncing to our main WSUS. The Replica-Servers doesnt contain the locally published updates and so they cant deploy these updates to their clients. The sychronizations are successfully without errors.

What I'm doing wrong? Do I have to set up a SCUP on every Replicaserver as well to get this working?

Thanks in advice

Butters

One client cannot install any WSUS updates from WSUS server; others can, error "FATAL: CBS called Error with 0x80070308" in log

May 27, 2015, 1:16 pm
$
0
0
Sorry if have duplicated another question but have looked in forum for hours; decided to ask my own question. This client was doing WSUS updates from the server fine until about April then stopped. About 23 updates now waiting, even trying to run one of them (that wasn't even one of the .NET updates) fails. Client hasn't had any new software that I can remember installed since then, and runs same Kaspersky anti-virus that everyone else does. (Disabling it doesn't seem to help, and it doesn't block anyone else's updates.) Have already run the Microsoft automatic update Fix-It, still have the problem. Have already restarted services like wuaueng, wuauserv, bits. Looking for some guidance on what other steps to try first. Thanks! SC

Linux agent

June 9, 2015, 1:38 am
$
0
0

Hi! I have tried to install the linux agent on a ubuntu server. It is discovered but I get these errors

sed: can't read /opt/microsoft/configmgr/bin/reset_policy.sh: No such file or directory
sed: can't read /opt/microsoft/configmgr/bin/reset_hinv.sh: No such file or directory
Starting Configuration Manager...

I noticed that the files exists but they are 0 bytes?

Search

Client API Inconsistent on Windows 2012 R2

June 8, 2015, 4:03 pm
$
0
0

The AU Client API in Windows 2012 R2 seems to have changed. I have a vbscript that pulls back the day updates are configured to be applied based on this:

The 2012 R2 server is set to auto-install each Monday as are my 2008/2008 R2/2003 servers but the value returned from a call to auSettings.ScheduledInstallationDay is 0 whereas on all other OS versions its 2 as expected. Here's the simple code to re-create:

Set agentInfo = CreateObject("Microsoft.Update.AutoUpdate")
Set auSettings = agentInfo.Settings

Wscript.echo auSettings.ScheduledInstallationDay

Cannot connect to remote WSUS 3.0 server using API adminproxy.getupdateserver("servername", false)

April 21, 2009, 9:24 pm
$
0
0
Would really appreciate any help. I've been googling for hours and can't find a solution.

Our WSUS 3.0 server is running fine. It uses a SQL 2005 database on a remote machine. I'm writing an ASP.NET app (using vb.net) that will query the remote WSUS server using the WSUS 3.0 API. For some reason, I always get a runtime error on my page from ASP.NET stating "The System cannot find the specified file. at iUpdateServer = adminproxy.GetUpdateServer("servername", false).

I've tried about everything I can think of: using IP address in servername, using FQDN of WSUS server, using UNC path, checking permissions to WSUS server and SQL database....nothing has worked so far.

Can anybody point me in the right direction?

Thanks,

Chris

WSUS clients are not reporting

June 9, 2015, 4:09 am
$
0
0

Hi,

I had installed WSUS server on Windows 2012 Std R2 edition and i am having Windows 7 and Windows 8 clients in 110 no. I am deploying the patches through Group Policy. 

Issue is "very less clients are reporting to WSUS server'. Out of 110 clients, only 5-6 computers are there. Please help to fix this issue.

WSUS keeps timing out when access update services console from server or remotely.

May 29, 2015, 10:53 am
$
0
0

Keep getting error message when accessing Updates, Synchronizations and reports. I have restarted all the server services associated with WSUS, SQL and IIS which didn't help solve the problem. Reset Server Node but keep get the same message every time. All Computers have an acclimation mark that they have not reported status in 57 or more days.

Information about Servers: Windows Server 2012r2, connecting to a SQL Server 2012 WSUS database

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The operation has timed out

Source
System.Web.Services

Stack Trace:
   at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
   at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.ApiRemotingCompressionProxy.GetWebResponse(WebRequest webRequest)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, Int32 publicationState)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPSearchUpdates(String updateScopeXml, String preferredCulture, ExtendedPublicationState publicationState)
   at Microsoft.UpdateServices.Internal.BaseApi.Update.SearchUpdates(UpdateScope searchScope, ExtendedPublicationState publicationState, UpdateServer updateServer)
   at Microsoft.UpdateServices.UI.AdminApiAccess.UpdateManager.GetUpdates(ExtendedUpdateScope filter)
   at Microsoft.UpdateServices.UI.AdminApiAccess.WsusSynchronizationInfo.InitializeDerivedProperties()
   at Microsoft.UpdateServices.UI.SnapIn.Pages.SyncResultsListPage.GetSyncInfoRow(WsusSynchronizationInfo syncInfo)
   at Microsoft.UpdateServices.UI.SnapIn.Pages.SyncResultsListPage.GetListRows()



WSUS Unable to complete Post Installation

April 29, 2015, 5:16 pm
$
0
0

We had WSUS working until we decided to install Trend Micro Control Manager on it. Soon after we realized it broke WSUS. Since then we've uninstalled all traces of both applications as much as possible. Now WSUS won't complete installation. I've searched many different forums topics and couldn't find a solution that matched my particular issue yet. The error log looks fine except for the last portion that looks like this... 

Can anyone help me pinpoint what the problem might be?

2015-04-29 17:08:29  FixSubscriptionCategories failed. Exception: System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.TypeInitializationException: The type initializer for 'Microsoft.UpdateServices.Internal.ApiRemoting' threw an exception. ---> System.UnauthorizedAccessException: Access to the path 'Update Services' is denied.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, Object dirSecurityObj, Boolean checkHost)
   at System.IO.Directory.InternalCreateDirectoryHelper(String path, Boolean checkHost)
   at System.IO.Directory.CreateDirectory(String path)
   at Microsoft.UpdateServices.Log.GetUsableLogFileName(String fileName, LogFileLocation& actualLogLocation)
   at Microsoft.UpdateServices.Log.InitializeFromConfig()
   at Microsoft.UpdateServices.Log.InitializeIfNeeded()
   at Microsoft.UpdateServices.Internal.ApiRemoting..cctor()
   --- End of inner exception stack trace ---
   at Microsoft.UpdateServices.Internal.ApiRemoting..ctor()
   --- End of inner exception stack trace ---
   at Microsoft.UpdateServices.Internal.BaseApi.SoapExceptionProcessor.DeserializeAndThrow(SoapException soapException)
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.GetServerVersion()
   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServer.CreateUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber)
   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServer..ctor(Boolean bypassApiRemoting)
   at Microsoft.UpdateServices.Setup.StartServer.StartServer.FixSubscriptionCategories()
2015-04-29 17:08:29  StartServer encountered errors. Exception=System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.TypeInitializationException: The type initializer for 'Microsoft.UpdateServices.Internal.ApiRemoting' threw an exception. ---> System.UnauthorizedAccessException: Access to the path 'Update Services' is denied.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, Object dirSecurityObj, Boolean checkHost)
   at System.IO.Directory.InternalCreateDirectoryHelper(String path, Boolean checkHost)
   at System.IO.Directory.CreateDirectory(String path)
   at Microsoft.UpdateServices.Log.GetUsableLogFileName(String fileName, LogFileLocation& actualLogLocation)
   at Microsoft.UpdateServices.Log.InitializeFromConfig()
   at Microsoft.UpdateServices.Log.InitializeIfNeeded()
   at Microsoft.UpdateServices.Internal.ApiRemoting..cctor()
   --- End of inner exception stack trace ---
   at Microsoft.UpdateServices.Internal.ApiRemoting..ctor()
   --- End of inner exception stack trace ---
2015-04-29 17:08:29  Microsoft.UpdateServices.Administration.CommandException: Failed to start and configure the WSUS service
   at Microsoft.UpdateServices.Administration.PostInstall.Run()
   at Microsoft.UpdateServices.Administration.PostInstall.Execute(String[] arguments)

In-Place upgrading 2003 DC (non-PDC) with WSUS 3.0sp2 to 2008R2 w/ WSUS.

June 9, 2015, 12:40 pm
$
0
0

Hello folks, is it possible and if so what is the general procedure for upgrading a 2003 DC with WSUS installed on it (3.0sp2) to 2008R2? Do I need to move the WSUS installation before the upgrade or will the 2008R2 setup pick that up and just roll it right up with the OS?

Thanks!

Moving Windows Internal Database and Patches

May 18, 2015, 11:11 am
$
0
0

I have a 2012 WSUS server I am trying to salvage. I believe the WID Database is having issues. My server is a downstream server. Clients will have issues occasionally downloading and installing patches. Usually 1-2 patches per cycle it seems. I am running the WSUS cleanup weekly as well.

The WID DB and patches all live on the same C: drive with the OS. This is not recommended best practice. Like I said, I believe the WID DB has some issues, so I would like to move it to a newly created drive, and off the C: drive.

What is the process of accomplishing this? Also, once done, does my WSUS server re-download all patches from the upstream server? Meaning, this would be better done over a weekend to allow the download time.

At this point, will the DB and patches be on the new drive, or will the patches need to be moved as well?

Thanks!

Search

Windows Updates and WSUS

May 20, 2015, 10:21 pm
$
0
0

Hi All,

 I have set our servers for WSUS but when checking on Windows Updates got 50 + more updates?

As

error 0x80070005 and impossible to Update and grant permission with subinacl

May 27, 2015, 1:48 am
$
0
0

sorry, this is a fork from

https://social.technet.microsoft.com/Forums/en-US/4d8b6205-db63-4f21-8001-a0ea9fa79266/error-0x80070005-and-impossible-to-grant-permission-with-subinacl?forum=w7itprosecurity

My trouble are error 80070005 that does not permit to update my server and clients on local private lan. I use wusus to update systems. just security, critical and service pack...

system are only 2008 r2 enterprise and 7 enterprise.

when i try tu update domain servers they answer with error  0x80070005 on other server and on clients error appear 0x800B0001

I run some AV and anti malaware but nothing...

on servers are impossible to install any patch or upgrade (kb947821 still gives me auth denied) but I m able to install other things.

I had a fresh 2008r2 installed, put in in domain and updated via gpo... result: after reboot and update error  0x800B0001 appears. I was able to install kb947821 but no way.

on clients same issue... so I think there is an upgrade on wsus that does not work well... or i made a missconfiguration on wusus... :(

at last I tried to restore permissions with subinacl... it is imppossible to accomplice it because in some items there is no permission to system ... just trustedinstaller are permitted and subinacl returns  error  0x80070005... I tried to change mannually on the fresh installation ( no data and no troubles if the system die :D):

regedit hkey_local_machine\software\microsoft\assistance rigth click and add system and administrators full access... reboot and ... still same issue...

  • subinacl /errorlog=a.txt /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f
  • subinacl /errorlog=b.txt /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f
  • subinacl /errorlog=c.txt /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f
  • subinacl /errorlog=d.txt /subDIRECTORIES %SYSTEMDRIVE% /grant=administrators=f /grant=system=f

errors are present just in HKEY_LOCAL_MACHINE and HKEY_CLASSES_ROOT plus one warning in HKEY_CURRENT_USER where it says there is a wild char *

tnx

Getting past WSUS Cleanup Wizard time out, removing unnecessary updates.

August 1, 2014, 8:10 am
$
0
0

Standard problem with WSUS Cleanup Wizard timing out without removing any unnecessary updates. SBS2K8. WSUS 3. 6000+ unnecessary updates awaiting approval. Huge database. Unresponsive SQL server. Lot of people have this problem:
http://social.technet.microsoft.com/Forums/en-US/9724778f-c1a0-4d24-82e4-8b2d054257d6/wsus-hangs-on-cleanup-wizard-for-unused-updates-then-disconnects-from-console?forum=winserverwsus

Drives are regularly defragged in the background. Not gonna shut down the server and have down time just to fix this.

Tried the reindexing script from
http://technet.microsoft.com/en-us/library/dd939795(WS.10).aspx
, (don't copy the command line, it has weird characters in it, just type it in manually.) and it completes but it didn't improve anything.

Found this:
http://wsus.codeplex.com/releases/view/17612
and it also times out.

Found this comment:
For anyone who is getting Timeout Expired with obsolete updates. I have a solution! Use server name : "
\\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
" to connect with SQL managment studio. Once connected manually run "
exec spGetObsoleteUpdatesToCleanup
". This will return a list of obsolete ID's. For each one run "
exec spDeleteUpdate @localUpdateID=000000
", where 000000 is the ID. For myself I found the first ID in the list took a full 37 minutes to delete and then after that I could run the cleanup through the GUI as per usual.

by jjdacl on Apr 23 at 12:55 PM 

Found that you actually need to do:
USE SUSDB
GO
exec spGetObsoleteUpdatesToCleanup

And to connect in the first place, I had to hit Options, and select named pipe from the middle pull down. 

First delete took 6 minutes and memory has spiked up to almost 15GB in use out of 16GB physical. But the WSUS console (Update Services) still shows the same number of old updates. Failure? I don't think so: I'm running the cleanup wizard again and so far it isn't timing out... It has run over night, and has made some progress; the bar has moved perhaps 5%. 

So... My take is that the SQL server causes this problem when there is to much data, because the indexes are poorly designed (not because the indexes need to be re-indexed) causing the first query to time out, which causes the cleanup to fail. Once you get past that first deletion, and have everything loaded into memory, the cleanup tool can stay connected long enough to delete each unneeded update.

Next step will be to find a command line method, such as:
http://wsus.codeplex.com/releases/view/17612
and put it into the task scheduler like Microsoft should have done at the beginning to keep this from getting out of hand.

P.S. Lawrence Garvin, please do NOT reply to this; I have no need of your arrogance.

Patching report from WSUS Server

June 10, 2015, 8:56 am
$
0
0

Hi Team,

can any one suggest how we can generate patching report using WSUS.

 Patching report on monthly basis for particular WSUS Group or can generate for All the computers of wsus.

Regards,

Triyambak

Regards, Triyambak

WSUS Rerports on needed updates differ from actual machine

June 10, 2015, 5:38 am
$
0
0

Hello,  wonder if anyone would be able to provide some advice on an issue I seem to be encountering with with reports please?

The issue is trying to identify a group of machines and which have the most amount of needed updates (we have a policy assigned to only download the updates and not automatically install on a group of machines).  When I run the "Computer Tabular Status" report against the group of machines and selected Needed updates.  I then can see which machines have the most amount of updates.  When I go to that machine and check it is either showing a different amount of updates that are needed, always more or none at all.  Also, see the same when I just check on one machine. 

My question is why does WSUS reports show different than what the machine is showing?

Thanks

Paul

Viewing all 12874 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>