WSUS requirements

January 2, 2020, 4:32 pm

≫ Next: WSUS Computers

≪ Previous: Windows Update Error Code 8000FFFF

Hi,

I just installed WSUS on Windows server 2019. I need help to meet the requirements below.

We want to install security and critical updates immediately as soon as they are released to all computer groups
We want to push to install feature pack quarterly to pilot computer group and one month later rolling out to all computers.
What is the best practice to create WSUS computer groups? Can it be sync with AD computer OU?

Please advise!

Any help will be appreciated!

↧

WSUS Computers

January 3, 2020, 1:51 am

≫ Next: WSUS WIN2016 not downloading updates for Windows 10

≪ Previous: WSUS requirements

Hi All,

We had to create a New WSUS server recently due to our legacy server being a W2008 box.

I have built a W2012 server, installed the relevant roles and configured the WSUS server. I have not done anything with the current GPO's. After completing a gpresult /r on the server I see all the relevant GPO's that should be applied, however, when I look at WSUS console and in particular the folders where the clients should reside for the site I do not see anything. There should be servers, desktops, and Laptop clients present.

Does anyone know the best way to trouble shoot this problem? Any tips or advice would be greatly appreciated.

Regards.

↧

WSUS WIN2016 not downloading updates for Windows 10

January 3, 2020, 3:44 am

≫ Next: How to allow only a group of users to have rights to sync with Microsoft update server?

≪ Previous: WSUS Computers

Dear all,
I have a problem where my new WSUS WIN2016 not downloading updates for Windows 10 suddenly.
I have deployed WSUS Windows 2016 Std since mid October 2019.
WSUS Server version is 10.0.14393.2969 .

I can download updates as the following, as the October deployment:

a) Cumulative Windows 10 security update - 1809, Oct 2019 - download OK
b) Cumulative Windows 10 security update - 1903, Oct 2019 - download OK
c) Cumulative Windows 2016 security update - Oct 2019 - download OK
d) Windows 7 & Windows 2008 R2 monthly rollup - Oct 2019 - download OK
e) Windows 2012 R2 monthly rollup - Oct 2019 - download OK
f) Internet Explorer 11 cumulative updates - Oct 2019 - download OK
g) Office 2010 / 2013 / 2016 & related patches - Oct 2019 - downloads OK

However , since November I noticed I could not download the Windows 10 updates :

a) Cumulative Windows 10 security update - 1809, Nov & Dec 2019 -download fails, 0%
b) Cumulative Windows 10 security update - 1903, Nov & Dec 2019 - download fails, 0%
c) Cumulative Windows 10 security update - 1909, Nov & Dec 2019 - download fails, 0%
d) Cumulative Windows 2016 security update - Nov & Dec 2019 - download OK
e) Windows 7 & Windows 2008 R2 monthly rollup - Nov & Dec 2019 - download OK
f) Windows 2012 R2 monthly rollup - Nov & Dec 2019 - download OK
g) Internet Explorer 11 cumulative updates - Nov & Dec 2019 - download OK
h) Office 2010 / 2013 / 2016 & related patches - Nov & Dec 2019 - downloads OK

I run synch with Microosft Update servers every night.

WSUS event logs shows error as below.
It is weird as I am not downloading any expired update, in fact it is latest as of now:

Content file download failed.
Reason: HTTP status 404: The requested URL does not exist on the server.

Source File: /filestreamingservice/files/2eedaaf9-de37-4fb3-a55d-11ec55cd9e76/public/windows10.0-kb4530715-x64_3e8a55ab5443eb63e6da16494984f1d88b301200.cab
Destination File: c:\wsusdb\WsusContent\00\3E8A55AB5443EB63E6DA16494984F1D88B301200.cab

I have run the WSUS Cleanup Wizard and removed unused/expired updates, but the error still remains.

I have checked the "File Status" column in the WSUS All Updates window list, there is NO failed download updates other than the one I am downloading.

I have also tried declining the WIN10 updates, and approve/download again, but still same error results.

Please help me, I am going nuts over this issue.

Velan Ramalinggam

↧

How to allow only a group of users to have rights to sync with Microsoft update server?

January 3, 2020, 12:57 pm

≫ Next: Managing Feature Updates

≪ Previous: WSUS WIN2016 not downloading updates for Windows 10

Hi,

We have internal WSUS. We want to only allow people in IT to have the option to sync with Microsoft update server and install the updates, all regular users can only sync with the internal WSUS.

Please advise how to approach it!

Your help will be appreciated!

Grace

↧

Managing Feature Updates

January 6, 2020, 8:23 am

≫ Next: Computers are not shown up in WSUS admin portal

≪ Previous: How to allow only a group of users to have rights to sync with Microsoft update server?

Hello,

I am very new to managing a WSUS server. I've read through the introductory documentation on TechNet, but have a question regarding feature updates and EOS.

Due to some external hardware compatibility issues, we need to freeze feature updates on a certain Windows version from some of our workstations. I would like to keep them on a certain Windows version (ie 1903) until we can replace the incompatible external hardware, which may be up to 18 months from now. The rub is that the version of Windows we will be using will go EOS during that time.

My question:

If I have our Group Policies and WSUS configured correctly, can I keep the workstations on a version of Windows that is EOS by not approving feature updates in WSUS for those workstations? I know the Windows feature updates can by pushy and install themselves in an environment that isn't managed by WSUS, which is what I want to avoid. Any advice is greatly appreciated. Thank you.

↧

Computers are not shown up in WSUS admin portal

January 10, 2020, 5:11 pm

≫ Next: Windows update can't install update after check

≪ Previous: Managing Feature Updates

Hi,

I just installed a new WSUS on Windows server 2019. The old WSUS on Windows server 2012 is still in use. I created a new GPO for Test OU and enabled the "client-side targeting" and specified intranet Microsoft update service location to the new WSUS server in the GPO

I have created "Test" group on the new WSUS and put the "Test" in the "Target group name for this computer" field in the GPO.

However two days have passed, I still didn't see the test computer in the Test group. I checked the old WSUS, the test computer is still checked in with the old WSUS. I have rebooted the computer and checked to confirm the new GPO is applied.

Where did I missed? Why it is not show up on the new WSUS?

Please help!

Thanks in advance!

Grace

↧

Windows update can't install update after check

January 12, 2020, 1:08 am

≫ Next: Windows 2008 R2 SP1 update KB4503548 error 13EC

≪ Previous: Computers are not shown up in WSUS admin portal

Dear Sir or Madam,

I have problem with my server that can't install update from WSUS Server.

This problem is.

I have an exchange server and WSUS Server. when I click Check for updates in Exchange server the server didn't get any new update from WSUS server and it always show the 36 important updates are available but those are very old and can't be installed.

↧

Windows 2008 R2 SP1 update KB4503548 error 13EC

January 13, 2020, 1:54 am

≫ Next: Windows 2008 R2 SP1 TLS1.2 failed

≪ Previous: Windows update can't install update after check

When running Windows Update, only one option update KB4503548 (.net framework 4.8) can not be installed. Error Code 13EC.

I did some research, confirmed compatibility mode is not ticked. I also downloaded offline installer and makes no difference.

Currently latest .Net Framework is 3.5, I tried install .NetFramework 4.0 4.5 etc, all failed with same error. Blocked

Does anyone have clue?

thanks

Yang

↧

Windows 2008 R2 SP1 TLS1.2 failed

January 13, 2020, 3:02 am

≫ Next: WSUS fails on hardened server from non-domain-joined client

≪ Previous: Windows 2008 R2 SP1 update KB4503548 error 13EC

I need to connect our windows 2008 R2 SP1 server to remote site via TLS1.2 (before was TLS1.1). Cannot connect to remote site after switching from TLS1.1 to TLS 1.2.

Windows Updates all done, except .Net Framework 4.8 which is optional update. The remote site is ok as other servers all connect through without any issues.

Any suggestions?

↧

WSUS fails on hardened server from non-domain-joined client

January 26, 2018, 9:13 am

≫ Next: SUP Synchronization failed

≪ Previous: Windows 2008 R2 SP1 TLS1.2 failed

Hi,

I have computer "A" which is running Windows Server 2012 R2 and is not connected to any domain.

I have computer "B" which is joined to domain "B" and runs a WSUS server. 172.21.3.150

I have computer "C" which is joined to domain "C" and runs a WSUS server.

There is no firewall, antivirus, or routing restriction that prevents any from talking to one another.

I set A to retrieve updates from B or C by setting the appropriate local policy which in turn changes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\WUServer.

A can receive WSUS updates from C.

A cannot receive WSUS updates from B. A's error log appears below. Computer on domain B can use B to get WSUS updates. From A I can use telnet to make a TCP/IP connection to port 8530 on B so I'm certain there is connectivity.

Hundreds of group policy changes have been applied to "B" as part of a hardening process called "STIG". The hardening is described at https://www.stigviewer.com/stig/windows_server_2012_2012_r2_member_server/ and includes for example"limit TCP/IP retry attempts" and "The LanMan authentication level must be set to send NTLMv2 response only, and to refuse LM and NTLM". I suspect one of these hundreds of settings is responsible for denying non-domain-joined computers to take a WSUS update from B. I wish a log entry could help me identify the specific technical reason for the failure.

There is no indication of a problem on B as far as I could tell. Nothing in the Event Viewer. Nothing in the IIS logs (!)... not even an indication that a bad request came in.

How can I figure out why WSUS updates are failing from A to B?

Chris

PS: When specifying the WSUS server on A I use B's IP address (which normally works fine). But out of desperation I also tried specifying B's FQDN (as it is known within domain B). Of course, I also had to add the FQDN to A's host file. That also failed.

2018-01-25	13:15:19:590	1408	3164	Misc	===========  Logging initialized (build: 7.9.9600.18696, tz: -0500)  ===========
2018-01-25	13:15:19:590	1408	3164	Misc	  = Process: C:\Windows\system32\svchost.exe
2018-01-25	13:15:19:590	1408	3164	Misc	  = Module: c:\windows\system32\wuaueng.dll
2018-01-25	13:15:19:590	1408	3164	Service	*************
2018-01-25	13:15:19:590	1408	3164	Service	** START **  Service: Service startup
2018-01-25	13:15:19:590	1408	3164	Service	*********
2018-01-25	13:15:19:606	1408	3164	IdleTmr	Non-AoAc machine.  Aoac operations will be ignored.
2018-01-25	13:15:19:606	1408	3164	Agent	  * WU client version 7.9.9600.18696
2018-01-25	13:15:19:606	1408	3164	Agent	WARNING: SleepStudyTracker: Machine is non-AOAC. Sleep study tracker disabled.
2018-01-25	13:15:19:606	1408	3164	Agent	  * Base directory: C:\Windows\SoftwareDistribution
2018-01-25	13:15:19:606	1408	3164	Agent	  * Access type: No proxy
2018-01-25	13:15:19:606	1408	3164	Service	UpdateNetworkState Ipv6, cNetworkInterfaces = 3.
2018-01-25	13:15:19:606	1408	3164	Service	UpdateNetworkState Ipv4, cNetworkInterfaces = 3.
2018-01-25	13:15:19:606	1408	3164	Agent	  * Network state: Connected
2018-01-25	13:15:19:606	1408	3164	Service	UpdateNetworkState Ipv6, cNetworkInterfaces = 3.
2018-01-25	13:15:19:606	1408	3164	Service	UpdateNetworkState Ipv4, cNetworkInterfaces = 3.
2018-01-25	13:15:19:622	1408	3164	Agent	***********  Agent: Initializing global settings cache  ***********
2018-01-25	13:15:19:622	1408	3164	Agent	  * Endpoint Provider: 00000000-0000-0000-0000-000000000000
2018-01-25	13:15:19:622	1408	3164	Agent	  * WSUS server: http://172.21.3.150:8530
2018-01-25	13:15:19:622	1408	3164	Agent	  * WSUS status server: http://172.21.3.150:8530
2018-01-25	13:15:19:622	1408	3164	Agent	  * Target group: (Unassigned Computers)
2018-01-25	13:15:19:622	1408	3164	Agent	  * Windows Update access disabled: No
2018-01-25	13:15:19:622	1408	3164	Misc	WARNING: Network Cost is assumed to be not supported as something failed with trying to get handles to wcmapi.dll
2018-01-25	13:15:19:622	1408	3164	WuTask	WuTaskManager delay initialize completed successfully..
2018-01-25	13:15:19:622	1408	3164	AU	    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2018-01-25 23:11:24, not idle-only, not network-only
2018-01-25	13:15:19:622	1408	3164	AU	    Timer: 143FB093-8AA1-4DBC-A582-8806F8F4C1F7, Expires 2018-01-27 18:11:25, not idle-only, not network-only
2018-01-25	13:15:19:622	1408	3164	AU	    Timer: CF1ABEC6-7887-4964-BB93-B2E21B31CEC1, Expires 2018-01-25 18:43:40, not idle-only, not network-only
2018-01-25	13:15:19:622	1408	3164	AU	    Timer: 29A863E7-8609-4D1E-B7CD-5668F857F1DB, Expires 2018-01-25 18:43:40, not idle-only, not network-only
2018-01-25	13:15:19:622	1408	3164	Report	CWERReporter::Init succeeded
2018-01-25	13:15:19:622	1408	3164	Agent	***********  Agent: Initializing Windows Update Agent  ***********
2018-01-25	13:15:19:622	1408	3164	DnldMgr	Download manager restoring 0 downloads
2018-01-25	13:15:19:622	1408	3164	AU	###########  AU: Initializing Automatic Updates  ###########
2018-01-25	13:15:19:622	1408	3164	AU	AIR Mode is disabled
2018-01-25	13:15:19:622	1408	3164	AU	  # Policy Driven Provider: http://172.21.3.150:8530
2018-01-25	13:15:19:622	1408	3164	AU	  # Detection frequency: 22
2018-01-25	13:15:19:622	1408	3164	AU	  # Approval type: Scheduled (User preference)
2018-01-25	13:15:19:622	1408	3164	AU	  # Auto-install minor updates: Yes (User preference)
2018-01-25	13:15:19:622	1408	3164	AU	  # Will interact with non-admins (Non-admins are elevated (User preference))
2018-01-25	13:15:19:622	1408	3164	AU	WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037
2018-01-25	13:15:19:622	1408	3164	AU	WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
2018-01-25	13:15:19:622	1408	3164	AU	AU finished delayed initialization
2018-01-25	13:15:19:622	1408	3164	AU	Currently AUX is enabled - so not show any WU Upgrade notifications.
2018-01-25	13:15:19:622	1408	3164	AU	WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
2018-01-25	13:15:19:637	1408	3164	AU	WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
2018-01-25	13:15:19:637	1408	2b18	DnldMgr	Asking handlers to reconcile their sandboxes
2018-01-25	13:15:29:572	1408	4738	IdleTmr	Incremented idle timer priority operation counter to 1
2018-01-25	13:15:29:572	1408	4738	AU	Triggering AU detection through DetectNow API
2018-01-25	13:15:29:572	1408	4738	AU	Triggering Online detection (interactive)
2018-01-25	13:15:29:572	1408	4738	AU	Adding timer: 
2018-01-25	13:15:29:572	1408	4738	AU	    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2018-01-25 18:15:29, not idle-only, not network-only
2018-01-25	13:15:29:572	1408	3164	AU	#############
2018-01-25	13:15:29:572	1408	3164	AU	## START ##  AU: Search for updates
2018-01-25	13:15:29:572	1408	3164	AU	#########
2018-01-25	13:15:29:572	1408	3164	SLS	Retrieving SLS response from server...
2018-01-25	13:15:29:572	1408	3164	SLS	Making request with URL HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/6.3.9600.0/0?CH=352&L=en-US&P=&PT=0x7&WUA=7.9.9600.18696
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: Send failed with hr = 80072ee7.
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <None>
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: Send request failed, hr:0x80072ee7
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: WinHttp: SendRequestUsingProxy failed for <HTTPS://sls.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/6.3.9600.0/0?CH=352&L=en-US&P=&PT=0x7&WUA=7.9.9600.18696>. error 0x8024402c
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x8024402c
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x8024402c
2018-01-25	13:15:29:572	1408	3164	Misc	WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x8024402c
2018-01-25	13:15:29:572	1408	3164	SLS	FATAL: SLS:CSLSDownloader::GetUrlContent: DoFileDownload failed with 0x8024402c.
2018-01-25	13:15:29:572	1408	3164	SLS	FATAL: GetResponse failed with hresult 0x8024402c...
2018-01-25	13:15:29:572	1408	3164	EP	FATAL: EP: CSLSEndpointProvider::GetWUClientData - failed to get SLS data, error = 0x8024402C
2018-01-25	13:15:29:572	1408	3164	EP	FATAL: EP: CSLSEndpointProvider::GetEndpointFromSLS - Failed to get client data, error = 0x8024402C
2018-01-25	13:15:29:572	1408	3164	EP	FATAL: Failed to obtain 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL, error = 0x8024402C
2018-01-25	13:15:29:572	1408	3164	Agent	WARNING: Failed to obtain the authorization cab URL for service 7971f918-a847-4430-9279-4a52d1efe18d, hr=0
2018-01-25	13:15:29:572	1408	3164	Agent	FATAL: Caller <NULL> failed to opt in to service 7971f918-a847-4430-9279-4a52d1efe18d, hr=0X8024402C
2018-01-25	13:15:29:572	1408	3164	IdleTmr	WU operation (CSearchCall::Init ID 1) started; operation # 9; does use network; is not at background priority
2018-01-25	13:15:29:572	1408	3164	IdleTmr	Incremented idle timer priority operation counter to 2
2018-01-25	13:15:29:760	1408	3164	Report	***********  Report: Initializing static reporting data  ***********
2018-01-25	13:15:29:760	1408	3164	Report	  * OS Version = 6.3.9600.0.0.196880
2018-01-25	13:15:29:760	1408	3164	Report	  * OS Product Type = 0x00000007
2018-01-25	13:15:29:760	1408	3164	Report	  * Computer Brand = Dell Inc.
2018-01-25	13:15:29:760	1408	3164	Report	  * Computer Model = PowerEdge R630
2018-01-25	13:15:29:760	1408	3164	Report	  * Platform Role = 4
2018-01-25	13:15:29:760	1408	3164	Report	  * AlwaysOn/AlwaysConnected (AOAC) = 0
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Revision = 2.6.0
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Name = 2.6.0
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Release Date = 2017-10-26T00:00:00
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Sku Number = SKU=NotProvided;ModelName=PowerEdge R630
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Vendor = Dell Inc.
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Family unavailable.
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Major Release = 2
2018-01-25	13:15:29:775	1408	3164	Report	  * Bios Minor Release = 6
2018-01-25	13:15:29:775	1408	3164	Report	  * Locale ID = 1033
2018-01-25	13:15:29:775	1408	3164	Handler	Calculating current update level for this session
2018-01-25	13:15:31:041	1408	3164	Handler	UH: Current cumulative update level calculated: package identity Package_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8, display name KB3000850, support URL http://support.microsoft.com/?kbid=3000850, timestamp 01d30a579117b45c
2018-01-25	13:15:31:041	1408	3164	Handler	Done calculating current update level for this session
2018-01-25	13:15:31:338	1408	3164	Agent	*** START ***  Queueing Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
2018-01-25	13:15:31:338	1408	3164	AU	<<## SUBMITTED ## AU: Search for updates  [CallId = {C4E8A0EC-DB35-4F06-8CBB-94F2D46FEC20} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]
2018-01-25	13:15:31:338	1408	814	Agent	***  END  ***  Queueing Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
2018-01-25	13:15:31:338	1408	814	Agent	*************
2018-01-25	13:15:31:338	1408	814	Agent	** START **  Agent: Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
2018-01-25	13:15:31:338	1408	814	Agent	*********
2018-01-25	13:15:31:338	1408	814	Agent	  * Online = Yes; Ignore download priority = No
2018-01-25	13:15:31:338	1408	814	Agent	  * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2018-01-25	13:15:31:338	1408	814	Agent	  * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2018-01-25	13:15:31:338	1408	814	Agent	  * Search Scope = {Machine & All Users}
2018-01-25	13:15:31:338	1408	814	Agent	  * Caller SID for Applicability: S-1-5-21-3243891630-2772889517-259860837-1001
2018-01-25	13:15:31:338	1408	814	Agent	  * RegisterService is set
2018-01-25	13:15:31:338	1408	814	EP	Got WSUS Client/Server URL: "http://172.21.3.150:8530/ClientWebService/client.asmx"
2018-01-25	13:15:31:338	1408	814	Setup	Checking for agent SelfUpdate
2018-01-25	13:15:31:338	1408	814	Setup	Client version: Core: 7.9.9600.18696  Aux: 7.9.9600.18696
2018-01-25	13:15:31:338	1408	814	EP	Got WSUS SelfUpdate URL: "http://172.21.3.150:8530/selfupdate"
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: Send failed with hr = 80072ee2.
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <None>
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: Send request failed, hr:0x80072ee2
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: WinHttp: SendRequestUsingProxy failed for <http://172.21.3.150:8530/selfupdate/wuident.cab>. error 0x80072ee2
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee2
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee2
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072ee2
2018-01-25	13:15:52:361	1408	814	Misc	WARNING: DownloadFileInternal failed for http://172.21.3.150:8530/selfupdate/wuident.cab: error 0x80072ee2
2018-01-25	13:15:52:361	1408	814	Setup	FATAL: DownloadCab failed, err = 0x80072EE2
2018-01-25	13:15:52:361	1408	814	Setup	WARNING: SelfUpdate check failed to download package information, err = 0x80072EE2
2018-01-25	13:15:52:361	1408	814	Setup	FATAL: SelfUpdate check failed, err = 0x80072EE2
2018-01-25	13:15:52:361	1408	814	Agent	  * WARNING: Skipping scan, self-update check returned 0x80072EE2
2018-01-25	13:15:52:361	1408	814	DtaStor	FATAL: CSusEseSession::DeleteSLSData failed, hresult 0x80248007
2018-01-25	13:15:52:361	1408	814	SLS	WARNING: PurgeCache failed with hresult 0x80248007 ...
2018-01-25	13:15:52:361	1408	814	Agent	WARNING: Failed to purge SLSClient with 0x80072ee2.  Continuing...
2018-01-25	13:15:52:361	1408	814	Agent	  * WARNING: Exit code = 0x80072EE2
2018-01-25	13:15:52:361	1408	814	Agent	*********
2018-01-25	13:15:52:361	1408	814	Agent	**  END  **  Agent: Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 1]
2018-01-25	13:15:52:361	1408	814	Agent	*************
2018-01-25	13:15:52:361	1408	814	Agent	WARNING: WU client failed Searching for update with error 0x80072ee2
2018-01-25	13:15:52:361	1408	814	IdleTmr	WU operation (CSearchCall::Init ID 1, operation # 9) stopped; does use network; is not at background priority
2018-01-25	13:15:52:361	1408	814	IdleTmr	Decremented idle timer priority operation counter to 1
2018-01-25	13:15:52:361	1408	1ab4	AU	>>##  RESUMED  ## AU: Search for updates [CallId = {C4E8A0EC-DB35-4F06-8CBB-94F2D46FEC20} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]
2018-01-25	13:15:52:361	1408	1ab4	AU	  # WARNING: Search callback failed, result = 0x80072EE2
2018-01-25	13:15:52:361	1408	1ab4	AU	#########
2018-01-25	13:15:52:361	1408	1ab4	AU	##  END  ##  AU: Search for updates  [CallId = {C4E8A0EC-DB35-4F06-8CBB-94F2D46FEC20} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]
2018-01-25	13:15:52:361	1408	1ab4	AU	#############
2018-01-25	13:15:52:361	1408	1ab4	AU	All AU searches complete.
2018-01-25	13:15:52:361	1408	1ab4	AU	  # WARNING: Failed to find updates with error code 80072ee2
2018-01-25	13:15:52:361	1408	1ab4	AU	AU setting next detection timeout to 2018-01-25 23:15:52
2018-01-25	13:15:52:361	1408	1ab4	AU	Adding timer: 
2018-01-25	13:15:52:361	1408	1ab4	AU	    Timer: 31DA7559-FE27-4810-8FF6-987195B1FD98, Expires 2018-01-25 23:15:52, not idle-only, not network-only
2018-01-25	13:15:52:361	1408	1ab4	AU	Currently AUX is enabled - so not show any WU Upgrade notifications.
2018-01-25	13:15:52:361	1408	1ab4	AU	WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037
2018-01-25	13:15:52:361	1408	1ab4	AU	WARNING: Failed to get Network Cost info from NLM, assuming network is NOT metered, error = 0x80240037

↧

SUP Synchronization failed

January 13, 2020, 5:43 am

≫ Next: Windows Server 2012 R2 - SSU

≪ Previous: WSUS fails on hardened server from non-domain-joined client

sccm version 1710

server 2012 R2

SQL 2012

wsyncmgr.log

Sync failed: The operation has timed out. Source: Microsoft.UpdateServices.Internal.DatabaseAccess.ApiRemotingCompressionProxy.GetWebResponse

Please assist.

↧

Windows Server 2012 R2 - SSU

January 13, 2020, 7:21 am

≫ Next: status report of a remote machine but using Powershell

≪ Previous: SUP Synchronization failed

Hi,

The SSU from last November was approved on my WSUS but I don't see it when I'm checking for new updates on my servers.

In the reportingevents.log from softwaredistribution foler, it is writed 2 updates detected but I only can see one of them.

I already renamed this folder and restart wuauserv service but it's not better.

Any idea?

Thanks.

↧

status report of a remote machine but using Powershell

January 13, 2020, 9:06 am

≫ Next: Windows 2016 identified as Windows 10 in WSUS Windows 2012 R2 Server. Latest updates have been installed on the server.

≪ Previous: Windows Server 2012 R2 - SSU

Running a computer report from the wsus mmc for a specific remote server using specific criteria (classification, products and status) is not a problem. However, doing this with Powershell doesn't seem to be that easy. Does anyone know how to do this, or whether there's a publicly available script for this? It's not about retrieving the update history of a machine, but rather finding out if there are critical and security updates with status "needed" or "failed" for whatever product, as you can see in a "computer detailed status report".

↧

Windows 2016 identified as Windows 10 in WSUS Windows 2012 R2 Server. Latest updates have been installed on the server.

June 5, 2017, 7:44 am

≫ Next: Cannot install KB4530730/KB4530702 on Windows Server 2012 R2

≪ Previous: status report of a remote machine but using Powershell

Our first Windows 2016 servers are reporting to the WSUS 4.0 server as Windows 10 OS. Is there an issue here or will the server get the correct patches? We will be migrating to SCCM servers in the near future but for now the Windows 2016 server will need to be patched. Is there a fix available for correct OS identification?

↧

Cannot install KB4530730/KB4530702 on Windows Server 2012 R2

January 13, 2020, 11:36 am

≫ Next: Windows Update Error Code 8000FFFF

≪ Previous: Windows 2016 identified as Windows 10 in WSUS Windows 2012 R2 Server. Latest updates have been installed on the server.

Hi,

I run into errors when trying to install KB4530702 & KB4530730 on 2 servers in my domain, they are running Windows Server 2012 R2. I use a 3rd party, KACE Systems Management Appliance, to deploy patches and updates to my servers. After noticing the failures in KACE, I downloaded the updates straight from Microsoft's Update Catalog and tried to install them manually on each server only for them to fail again. I can see there are deploy exit codes for these patches in KACE, the deploy exit code is 2148468785. I have not gotten any other errors or failures besides "The following updates were not installed" when trying to run the update on the server manually using the .msu file.

Steps I have taken:

1. Ran a sfc /scannow - no errors

2. Ran a chkdsk /f - no errors

3. Ran dism /online /cleanup-image /restorehealth - "The restore operation completed successfully. The component store corruption was repaired. The operation completed successfully"

4. Inspected CBS.log - I do see some errors in here but I am not sure what they mean:

2020-01-13 12:25:19, Info CBS Not able to add file to extract: update.ses [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND]
2020-01-13 14:16:25, Info CBS Exec: Processing complete. Session: 30788165_4030796794, Package: Package_for_KB4530730~31bf3856ad364e35~amd64~~6.3.1.7 [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:18:25, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2020-01-13 14:16:24, Info CBS SQM: Reporting package change completion for package: Package_for_KB4530730~31bf3856ad364e35~amd64~~6.3.1.7, current: Staged, original: Staged, target: Installed, status: 0x800f0831, failure source: Execute, failure details: "(null)", client id: WindowsUpdateAgent, initiated offline: False, execution sequence: 2278, first merged sequence: 2278, pending decision: InteractiveInstallFailed, primitive execution context: Interactive
2020-01-13 14:16:24, Error CBS Failed to resolve package 'Package_764_for_KB4015550~31bf3856ad364e35~amd64~~6.3.1.4' [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:16:24, Info CBS Mark store corruption flag because of package: Package_764_for_KB4015550~31bf3856ad364e35~amd64~~6.3.1.4. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:16:24, Info CBS Failed to resolve package [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:16:24, Info CBS Failed to get next package to re-evaluate [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:16:24, Info CBS Failed to process component watch list. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:16:24, Info CBS Perf: InstallUninstallChain complete.
2020-01-13 14:16:24, Info CSI 00000029@2020/1/13:19:16:24.777 CSI Transaction @0x256069d260 destroyed
2020-01-13 14:16:24, Info CBS Exec: Store corruption found during execution, but auto repair is already attempted today, skip it.
2020-01-13 14:16:24, Info CBS Failed to execute execution chain. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2020-01-13 14:16:24, Error CBS Failed to process single phase execution. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]

Any leads or resources to check out would be appreciated as I am kind of stumped.

Thanks, Alex

↧

Windows Update Error Code 8000FFFF

January 2, 2020, 9:05 am

≫ Next: Differences in auto approved updates with the same settings on the two servers

≪ Previous: Cannot install KB4530730/KB4530702 on Windows Server 2012 R2

When attempting to run Windows Update KB4530702 on a Windows 2012 R2 server from Windows Update, I receive error code 8000FFFF. I don not receive errors on any other updates. I can provide Windows Update logs if needed.

↧

Differences in auto approved updates with the same settings on the two servers

January 15, 2020, 12:17 am

≫ Next: Windows Update Error 0x80092026

≪ Previous: Windows Update Error Code 8000FFFF

Hello!

There are 2 wsus servers: old and new.
With completely single settings (products: win server 20**, classification: security, critical)

Automatic approval rule the same too:

"When an update is in critical updates, security updates
Approve the update for *machine group*"

On the old server, the update (for example KB3089023: Update for Internet Explorer Flash Player for windows Server 2012 R2) has the status:

Approval: Not approved (Inherited); Deadline: None (Inherited); Administrator: No approval set

On the new server, the update has the status:

Approval: Install; Deadline: None; Administrator: WUS Server

Yes, this update classification critical and product windows server and must be approved... Why differently approval status? It 's definitely not manually done. Approval settings identical on servers.
I Dont want to auto approve this updates like *adobe flash* for any windows server.

↧

Windows Update Error 0x80092026

January 15, 2020, 2:50 am

≫ Next: kb4512506 inistall issue

≪ Previous: Differences in auto approved updates with the same settings on the two servers

Hello,the installation of Windows Updates failed. I receive an 0x80092026 error. The problem exist on some Windows Server 2016 VMs. Eventlog: Microsoft-Windows-WindowsUpdateClient/Operational Event 31.

Windows Update Log:

2020.01.15 11:05:45.2339530 1436  1800  DownloadManager Error 0x80092026 occurred while downloading update; notifying dependent calls.
2020.01.15 11:05:45.2366020 1436  5000  DownloadManager * END * Download Call Complete Call 109 for caller UpdateOrchestrator has completed; signaling completion.
2020.01.15 11:05:45.2400450 1436  5000  Shared          Effective power state: AC
2020.01.15 11:05:45.2400486 1436  5000  Agent           Released network PDC reference for callId {F6A9F1B6-BB15-4E76-A508-F8A82EABB4BF}; ActivationID: 1432
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 18): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 20): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 22): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 23): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
2020.01.15 11:05:45.2401550 1436  5016  Agent           WU client calls back to download call {F6A9F1B6-BB15-4E76-A508-F8A82EABB4BF} with code Call complete and error 0x80092026
1601.01.01 01:00:00.0000000 1436  6324                  Unknown( 10): GUID=fe1b6309-dedb-392e-308c-ec757efded1a (No Format Information found).
2020.01.15 11:05:45.2477848 1436  5000  DownloadManager * END * Download Call Complete Call 111 for caller UpdateOrchestrator has completed; signaling completion.
2020.01.15 11:05:45.2506987 1436  5000  Shared          Effective power state: AC
2020.01.15 11:05:45.2507010 1436  5000  Agent           Released network PDC reference for callId {C3879F1E-353F-407B-961F-B9BAD1A9DF4E}; ActivationID: 1476
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 18): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 20): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 22): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 23): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
2020.01.15 11:05:45.2507980 1436  5016  Agent           WU client calls back to download call {C3879F1E-353F-407B-961F-B9BAD1A9DF4E} with code Call complete and error 0x80092026
1601.01.01 01:00:00.0000000 1436  6324                  Unknown( 10): GUID=fe1b6309-dedb-392e-308c-ec757efded1a (No Format Information found).
2020.01.15 11:05:45.2561172 1436  5000  DownloadManager * END * Download Call Complete Call 114 for caller UpdateOrchestrator has completed; signaling completion.
2020.01.15 11:05:45.2591383 1436  5000  Shared          Effective power state: AC
2020.01.15 11:05:45.2591415 1436  5000  Agent           Released network PDC reference for callId {1C565D59-6192-4667-9555-2EDFEFFBCD13}; ActivationID: 1488
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 18): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 20): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 22): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 23): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
2020.01.15 11:05:45.2592330 1436  5016  Agent           WU client calls back to download call {1C565D59-6192-4667-9555-2EDFEFFBCD13} with code Call complete and error 0x80092026
1601.01.01 01:00:00.0000000 1436  6324                  Unknown( 10): GUID=fe1b6309-dedb-392e-308c-ec757efded1a (No Format Information found).
2020.01.15 11:05:45.2623444 1436  5000  DownloadManager * END * Download Call Complete Call 116 for caller UpdateOrchestrator has completed; signaling completion.
2020.01.15 11:05:45.2663434 1436  5000  Shared          Effective power state: AC
2020.01.15 11:05:45.2663454 1436  5000  Agent           Released network PDC reference for callId {43CC7DE8-3DAE-462F-A07D-3626F89E2509}; ActivationID: 1495
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 18): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 20): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 22): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
1601.01.01 01:00:00.0000000 1436  5016                  Unknown( 23): GUID=aa07f95d-91be-3f47-51b3-717e4c7ddc98 (No Format Information found).
2020.01.15 11:05:45.2664542 1436  5016  Agent           WU client calls back to download call {43CC7DE8-3DAE-462F-A07D-3626F89E2509} with code Call complete and error 0x80092026
1601.01.01 01:00:00.0000000 1436  6324                  Unknown( 10): GUID=fe1b6309-dedb-392e-308c-ec757efded1a (No Format Information found).
2020.01.15 11:05:45.2668966 1436  6060  DownloadManager BITS job {ADA736D0-7A11-46CB-9CB1-B3AC35109223} completed successfully
2020.01.15 11:05:45.2675539 1436  6060  DownloadManager CUpdateDownloadJob::GetNetworkCostSwitch() Unrestricted cost used, but current cost is restricted
2020.01.15 11:05:45.3888677 1436  6060  Misc            Validating signature for C:\Windows\SoftwareDistribution\Download\32354f4781bd6ae776e23dc413673df0\34d7e05ae1fcb3e58ff1b9e776a96a4a5156eac5 with dwProvFlags 0x00000080:
2020.01.15 11:05:45.5599606 1436  6060  Misc            Error: 0x80092026 when verifying trust for C:\Windows\SoftwareDistribution\Download\32354f4781bd6ae776e23dc413673df0\34d7e05ae1fcb3e58ff1b9e776a96a4a5156eac5
2020.01.15 11:05:45.5696041 1436  6060  DownloadManager File failed postprocessing, error = 80092026
2020.01.15 11:05:45.5696053 1436  6060  DownloadManager Failed file: URL = 'http://xxx-wsus:8530/Content/C5/34D7E05AE1FCB3E58FF1B9E776A96A4A5156EAC5.exe', Local path = 'C:\Windows\SoftwareDistribution\Download\32354f4781bd6ae776e23dc413673df0\34d7e05ae1fcb3e58ff1b9e776a96a4a5156eac5'
2020.01.15 11:05:45.5698198 1436  6060  DownloadManager   Download job completion. Progress for update {3F9A665C-53DC-4D6B-9C7B-235AC43E95E8} - total = 31143344, transferred = 31143344 bytes. Transfer time=1750, connect time=1078 (ms)
2020.01.15 11:05:45.5710961 1436  6060  DownloadManager Error 0x80092026 occurred while downloading update; notifying dependent calls.
2020.01.15 11:05:45.5714360 1436  4148  DownloadManager BITS job {B2DF202B-453A-45F7-AE07-DE5BD9F39DE5} completed successfully
2020.01.15 11:05:45.5720791 1436  4148  DownloadManager CUpdateDownloadJob::GetNetworkCostSwitch() Unrestricted cost used, but current cost is restricted
2020.01.15 11:05:45.6285886 1436  4148  Misc            Validating signature for C:\Windows\SoftwareDistribution\Download\12e7be37297051422baf680dbfa1b395\500cc20c808b0359a1ec04c2c4bfa70c58230556 with dwProvFlags 0x00000080:
2020.01.15 11:05:45.7402581 1436  4148  Misc            Error: 0x80092026 when verifying trust for C:\Windows\SoftwareDistribution\Download\12e7be37297051422baf680dbfa1b395\500cc20c808b0359a1ec04c2c4bfa70c58230556
2020.01.15 11:05:45.7470677 1436  4148  DownloadManager File failed postprocessing, error = 80092026
2020.01.15 11:05:45.7470741 1436  4148  DownloadManager Failed file: URL = 'http://xxx-wsus:8530/Content/56/500CC20C808B0359A1EC04C2C4BFA70C58230556.exe', Local path = 'C:\Windows\SoftwareDistribution\Download\12e7be37297051422baf680dbfa1b395\500cc20c808b0359a1ec04c2c4bfa70c58230556'
2020.01.15 11:05:45.7472815 1436  4148  DownloadManager   Download job completion. Progress for update {EA6B4E16-C989-4AA6-9DE1-233A0B8DD298} - total = 20134312, transferred = 20134312 bytes. Transfer time=2875, connect time=1031 (ms)
2020.01.15 11:05:45.7482148 1436  4148  DownloadManager Error 0x80092026 occurred while downloading update; notifying dependent calls.

In Computer Configuration > Windows Settings > Security Settings >
Software Restriction Policies - i got no entry.If I add permission for all users and admins - nothing happens

Also in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPub
lisher

MIME application/octet-stream for .ESD on WSUS doesn't help.

↧

kb4512506 inistall issue

January 15, 2020, 3:44 am

≫ Next: GPO applying WSUS

≪ Previous: Windows Update Error 0x80092026

Hi Guys,

I have a problem with installing the kb4512506 on one of the server 2008R2.

the updates KB4490628 and KB4474419 are both installed. but still cannot install the kb4512506

Any seggestion?

Shahin

↧

GPO applying WSUS

January 15, 2020, 4:09 am

≫ Next: Upgrade Window 7 to Windows 10 via WSUS

≪ Previous: kb4512506 inistall issue

Good Morning

I have a wsus mounted on my network and with a GPO for the servers. We want the servers to receive the updates but not to install them and not to restart the server automatically.

This is working, the servers received the updates but the "Install Now" button is disabled . I know some setting in the GPO is removing this permission. Can you help me?

All the servers are Windows Srv 2016.

↧