Topper Fox
Dear Team,
I want to upgrade my WSUS server as 2012 to 2016. Current setup is I have 2012 WSUS server and I have created 2016 WSUS server as Downstream server. Now what next to do?
Can I do inplace upgrade of 2012 server to 2016.because I do not want to change the name and IP of server. The same IP and name should be there so I do not required changes on GPO.
Hi,
After last tuesday I found that WSUS server had began to download large amounts of data.
My system: Windows 2016 Server Standard
After an investigation I found, that BITS restarting each download when size reaches 2GB. Everything is OK with smaller files.
Here is PS queries:
I found similar problem here: BITS randomly stops with error 0x80040009. I am also getting the same error in BITS Event Log on these large (over 2GB) files.
Any ideas?
Thank you in advance.
Jonas
Hi all,
In my firm, each month, we always deploy only Cumulative Critical | Security updates, never Cumulative updates.
We had a specific issue with our domain controllers (Win 2016) with February patchs, so Microsoft ask us to deploy the last Cumulative Updates of March.
I'm surprised that, after that, i'm not able to deploy the Cumulative Security Updates of March (not applicable in manual installation - up to date in WSUS).....
By definition, the cumulative updates contains OS bugs resolution or improvments, not critical or security patchs.
I do not really understand : can you explained me?
Thk'x!
We have 2 WSUS servers in our environment. One at Site A (primary) and one at Site B (downstream replica).
Computers at each site report and update successfully to each sites WSUS.
Site B's WSUS receives update approvals from Site A and the overall status of Site B shown in the Downstream Servers section on Site A's console is reporting accurately (Update Status, Computer Status, etc). Those all match what are shown directly on Site B's console.
The issue lies in the Computers status. If I view Site A's computers in Site A's console, they all show the correct Last Status Report and Last Contact. If I view Site B's computers in Site B's console, they also show up correctly. If I view Site B's computers in Site A's console (because Site B is configured to roll up this information to Site A), they all show the wrong date (everything stops on March 12th).
I realize the obvious question is what changed on March 12th however I've combed through logs and nothing pops out as being obvious. It's also too far back to remember anything that could have been done. (Only regular things are updates. System configuration changes don't happen too often).
I've tried modifying <httpRuntime maxRequestLength> and increasing it to 10000 as seen on This Post however that doesn't appear to have fixed anything (even after system reboots and forced synchronizations).
There's also nothing apparent in the server logs (C:\Program Files\Update Services\LogFiles\SoftwareDistribution.log) that indicates any kind of failure so this has me completely stumped.
So all of my 2008R2 servers are not picking up the security updates from January, February and March. Either from windows update or from WSUS. WSUS does download these updates and they are approved for install but they don't install. The machines are showing as 100% update to date.
any help please as i cant log a ticket with Microsoft as they don't support 2008r2.
Hi!
Can someone tell me which minimum WSUS version is required to patch a Windows Server 2019 system?
At the moment we are using Version 6.3.9600.18694. Is this Version still supported for Windows Server 2019 or do i need to Upgrade (e.g. to Version 10.0.14393.2007)?
Thanks!
All desktops appears in unassigned group, we have GPO that enable client side targeting
We check GPO with Wsus configurarion and it's rigth.
Windowsupdate.log
.... Initializing simple targeting cookie, clientId = 06eaebda-6423-4814-a4d1-4228d993ccaf,target group = , DNS name = lpsal-d-032.disagrupo.es
Complete log!
2020-04-0509:14:36:7466604798PT+++++++++++ PT: Synchronizing server updates +++++++++++I have the option Store update files locally on this Server, I have a lot of Internal VDI clients that report and download from WSUS directly.
I cant change the setting on WSUS server. Options>Update files and Languages> Do not store update file locally, computers install from Microsoft Update. I have a lot of VDI machines that report and download the update from WSUS DIRECTLY.
I cant add other new WSUS server, I need use the same Server.
Now I have some clients that work from home, and need that these clients report only to WSUS and after will download updates from MS.
Exist some registry or local group policy in the clients that I can configure to obtain this behavior?
The idea is use only one server for the all Company, some clients report and download from WSUS while the others only report and after it will download from MS.
Maybe I can export some registry to these clients to configure this.
Please I wait your response and help.
Best regards,
Roque.
Hello Sir,
I have one upstream servers and 20 downstream servers located in different regions of world.One of the server from ukraine has been reconfigured and after that is not synchronizing with upstream server and in synchronization of that server getting errors as
"Dependancy of update was not found on server and was not provided by upstream server" with update Ids mentioned.
Scheduled synchronization has been failed on downstream server.kindly suggest the solution fo same.
I have a number of Windows 2012 R2 servers that I am trying to run Windows Update on. They use a WSUS server in their network. These server do not have contact with the Internet and are in a closed network. In the WSUS Server their status is not yet reported. I have many other Windows 2012 R2 servers that have no trouble updating from the same WSUS server that is running Windows 2012 R2.All the problem servers have wuaueng.dll version 7.9.9600.17415. They show that they have never been updated. I am trying to fix this on a server in a test network so I don't disturb production. I have tried installing KB3138615 to update the wuaueng.dll. However, it was updated to version 7.9.9600.18235, which still does not work. I tried the following steps from an article I have seen here and other places.If the file version is 7.9.9600.18235, .18340, .18621, .18628, then need to follow the below solution.(We can delete the system from WSUS then can try the following option)1.Open the command prompt with the administrative privilege 2.Run the command: net stop wuauserv. (To stop the Windows update service)3.Close the Windows update console4.Delete the following registry keys: Note: Export the targeted registry before deleting for safer side and as a best practice 1. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientId 2. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientIdValidation1.Rename the file C:\Windows\WindowsUpdate.log as C:\Windows\WindowsUpdate_old.log2.Rename the folder “C:\Windows\Software Distribution” as “C:\Windows\Software Distribution_old”3.net start wuauserv (To start the Windows update service) 4.wuauclt /resetauthorization /detectnow (Windows update agent will initiate the connection (termed as contact) with WSUS, after a while it will report with the WSUS ) Note: WSUS reporting and updating is a time consuming process.5.Confirm the new two key values are appeared on the path : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate"10. Check for the updates, once you got the confirmation the AD support team.11. Delete the folder “C:\Windows\Software Distribution_old” and C:\Windows\WindowsUpdate_old.logThis does not work. The server still searches for updates "for ever" and still shows up as not yet reported in the WSUS server. I tried once more and it took overnight for the registry keys to show up. It also still had “Not Yet Reported” Also there is another Windows 2012 R2 server with the 17415 wuaueng.dll that does not either of the registry keys listed above. Also another person here tried a manual update on a server with the 17415 wuaueng.dll and it also failed.
Is there a wuaueng.dll out there newer than 7.9.9600.18235 out there than I can use?
Thanks in advance.
Hi,
I noticed that my computers who have upgrade to windows 10 1909 have not the correct number version in wsus report.
They appears like 10.0.18362.xxx instead of 18363.xxx (https://docs.microsoft.com/fr-fr/windows/release-information/)
Is it normal ?
Regards
Hi All,
We have a WSUS server in DMZ, not connected to internet, and one WSUS server in our internal network. I want to make the server in DMZ a replica of the one in our internal network. The WSUS server in our internal network is hosted on port 80. The firewall separating the DMZ allows communication from the internal network to the DMZ but not the other way.
What ports need to be opened at the firewall for allowing the WSUS server in DMZ to get approvals/updates from the WSUS server in internal network?
Any help would be appreciated and I apologize if this has been previously answered(I have searched the forum but could not find a suitable answer)
I'm running WSUS (standalone) on Server 2019. All of our pilot machines on Windows 10 1909 are reporting to WSUS with build numbers of 18362 (1903) instead of 18363 (1909).
I understand that 1903/1909 share the same baseline and that the difference between them is basically a feature enablement package, but the different build numbers still need to be properly reported in WSUS. Otherwise, a whole bunch of reporting that I do just goes out the window.
Hi Guys,
We have 25 Win2016 Server which is failing to install February Month patches.
We have patches that two is reflecting in software center but installation failed with error code " The software change returned error code 0x80004005(-2147467259)".
I have go through the CAS log found below errors as well.
CoCreateInstance for ICcmContentTransferManager9 failed with error 0x80040154
Error: DeleteDirectory:- Failed to delete Directory with Error 0x00000003.
Error: DeleteDirectory:- Failed to delete Directory C:\Windows\ccmcache\29.BCWork with Error 0x00000002.
DownloadManager.RequestDownload failed
ContentRequest SubmitDownloadRequest failed
Thanks,
Mohanbabu .M
Hi,
I am in the middle of deploying a distributed management WSUS in win server 2019.
My upstream wsus will be in DMZ and downstream wsus in trusted network.
My USS acted like a repository and all my end points are connected to DSS which is in autonomous mode.
Do i have to approve the update in both USS and DSS or just DSS?
Thanks.
Hi,
We have WSUS server 2012 configured in our infra for patching.
we have found that client machines like windows 7 and windows 8 are scanning for patches through WSUS server and its getting installed.
But network team is claiming that there are many ICMP request going to DNS server on these wesites like URL: https://fe3.delivery.mp.microsoft.com/ClientWebService/client.asmx" and http://tlu.dl.delivery.mp.microsoft.com.
This ICMP flood is causing slower resolution of DNS.
Is this a default behaviour? Do we have any option to make clients to not to reach these sites. please help us.
ThanksI have an SBS2011 running, with a few clients. I recently noticed that the clients were not updated, and started looking at the WSUS on the server. The server console tells me that "updates" is not availabel. I spend most of the day today trying to find out what I need to do, and in the end decided that I should try to install WSUS 3.0 SP2. I looked at a few more websites that told me to do a few things, and finally located the upgrade package at the upgrade catalog from MS, after following dozens of links that all ended up in a dead end.
So, I downloaded the file, and installed it (with Admin privileges on the server). Everything seems to run fine, until I get to the point where the installer says "Configuring the database". It stops after a short wile, and an error message pops up:
There is a problem with this Windows installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.
There is only an "OK" button, and when I push it the installer rolls back the entire installation.
then another message pops up: Windows Server Update Services 3.0 SP2 could not be installed. For more information, see the Setup log "C:<deleted>\AppData\Local\Temp\WSUSSetup.log".
that is a very large file, but I see this:
MSI (s) (6C:78) [00:08:44:327]: Note: 1: 1708
MSI (s) (6C:78) [00:08:44:327]: Product: Windows Server Update Services 3.0 SP2 -- Installation failed.
Does that give me a hint what the program was that did not finish, or what the problem could be?