Link to home
Start Free TrialLog in
Avatar of Matsco
MatscoFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Windows Update causing system reboots even when disabled

Hi Guys

I am an admin and a small sized company, we are running 10 servers all as VM's on ESX 4.1, All VM's are server 2008R2

Today we had 8 of them reboot all around 1-2 hours apart all investigation on every server has the same codes in windowsupdate.log below

All server are set to download only and notify to install.. but seems that all servers installed and rebooted automatically

If I view windows update console it tell me that last updates were installed on 26th March ( my last maint cycle ) and nothing of the below items

Has anyone else had this issue?

2011-04-06          12:22:37:917       8440       a34         Setup    Installing CBS package "c:\b811d1cd0bcb400e89\WUClient-SelfUpdate-Core-TopLevel.cab"

2011-04-06          12:23:00:182       8440       a34         Setup    Install of setup package "c:\b811d1cd0bcb400e89\WUClient-SelfUpdate-Core-TopLevel.cab" succeeded and requires reboot

2011-04-06          12:23:00:182       8440       a34         Setup    Installing CBS package "c:\b811d1cd0bcb400e89\WUClient-SelfUpdate-ActiveX.cab"

2011-04-06          12:23:01:731       8440       a34         Setup    Install of setup package "c:\b811d1cd0bcb400e89\WUClient-SelfUpdate-ActiveX.cab" succeeded and requires reboot

2011-04-06          12:23:01:731       8440       a34         Setup    Installing CBS package "c:\b811d1cd0bcb400e89\WUClient-SelfUpdate-Aux-TopLevel.cab"

2011-04-06          12:23:13:092       8440       a34         Setup    Install of setup package "c:\b811d1cd0bcb400e89\WUClient-SelfUpdate-Aux-TopLevel.cab" succeeded and requires reboot

2011-04-06          12:23:13:440       788        2524       Misc       ===========  Logging initialized (build: 7.4.7600.226, tz: +0100)  ===========

2011-04-06          12:23:13:441       788        2524       Misc         = Process: C:\Windows\system32\svchost.exe

2011-04-06          12:23:13:441       788        2524       Misc         = Module: c:\windows\system32\wuaueng.dll

2011-04-06          12:23:13:440       788        2524       Service *************

2011-04-06          12:23:13:441       788        2524       Service ** START **  Service: Service startup

2011-04-06          12:23:13:441       788        2524       Service *********

2011-04-06          12:23:13:548       788        2524       Agent      * WU client version 7.4.7600.226

2011-04-06          12:23:13:548       788        2524       Agent      * Base directory: C:\Windows\SoftwareDistribution

2011-04-06          12:23:13:548       788        2524       Agent      * Access type: No proxy

2011-04-06          12:23:13:548       788        2524       Agent      * Network state: Connected

2011-04-06          12:23:20:113       8440       a34         Setup    wusetup has finished.  Exit code is bc2. Reboot is  needed

2011-04-06          12:23:20:150       8440       a34         Misc       WARNING: SUS Client is rebooting system.

2011-04-06          12:23:23:895       788        2524       AU          AU initiates service shutdown

2011-04-06          12:23:23:965       788        2524       Report  CWERReporter::Init succeeded
ASKER CERTIFIED SOLUTION
Avatar of LikeWindows
LikeWindows
Flag of Sierra Leone image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of LikeWindows
LikeWindows
Flag of Sierra Leone image
Can you run the WSUS Client Diagnostics Tool on one of the servers ? The tool can be downloaded from here:

http://download.microsoft.com/download/8/d/0/8d068114-bd66-4fde-a04c-aeaa9d1fe640/Update%20Services%20API%20Samples%20and%20Tools.EXE

When you run the tool it should give you an outputo similiar this:
WSUS Client Diagnostics Tool

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is running. . . PASS
        Wuaueng.dll version 7.4.7600.226. . . . . . . . . . . . PASS
                This version is WSUS 2.0

Checking AU Settings
        AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
                Option is from Policy settings

Checking Proxy Configuration
        Checking for winhttp local machine Proxy settings . . . PASS
                Winhttp local machine access type
                        <Direct Connection>
                Winhttp local machine Proxy. . . . . . . . . .  NONE
                Winhttp local machine ProxyBypass. . . . . . .  NONE
        Checking User IE Proxy settings . . . . . . . . . . . . PASS
                User IE Proxy. . . . . . . . . . . . . . . . .  NONE
                User IE ProxyByPass. . . . . . . . . . . . . .  NONE
                User IE AutoConfig URL Proxy . . . . . . . . .  NONE
                User IE AutoDetect
                AutoDetect not in use

Checking Connection to WSUS/SUS Server
                WUServer = http://wsus
                WUStatusServer = http://wsus
        UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
        Connection to server. . . . . . . . . . . . . . . . . . PASS
        SelfUpdate folder is present. . . . . . . . . . . . . . PASS

Press Enter to Complete

On your output what do you find under Checking AU Settings ?
SOLUTION
Avatar of Davis McCarn
Davis McCarn
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Matsco
Matsco
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hi LikeWindows


When I run the tool I get below output....

The policy is  domain and has been inplace for about 8 months, this is the first time we have ever had an issue like the above mentioned


WSUS Client Diagnostics Tool

Checking Machine State
        Checking for admin rights to run tool . . . . . . . . . PASS
        Automatic Updates Service is running. . . . . . . . . . PASS
        Background Intelligent Transfer Service is running. . . PASS

GetFileVersion(szEngineDir,&susVersion) failed with hr=0x80070002

The system cannot find the file specified.


Press Enter to Complete
SOLUTION
Avatar of Davis McCarn
Davis McCarn
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Matsco
Matsco
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

OK so yes sorry didnt really do my home work on the error code..
I also see that MS have not yet released a x64 version of this tool.
Davis understand the above with updates being froced down :( but I really need to ensure that this does not happen again and also need to find the root cause of why the servers installed and rebooted, despite being set correctly to only download.
I am sure I am not the only one to have this issue out there especially with the named updates
Avatar of Davis McCarn
Davis McCarn
Flag of United States of America image
Microsoft left a back door that allows them to force "critical" updates down your throat.  Luckilly, they rarely use it ( Ithink I have had it happen to my XP system twice in the past three years).
The only way to stop it is to disable the Windows Update service; though, it might also work if you set it to manual which would make it easier to start it when you want to check for updates.