Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows Update on Domain Cotroller

Posted on 2011-09-14
4
600 Views
Last Modified: 2012-05-12
Hello Experts

I have a server 2008 R2 x64 that perform as domain controller.
I have encountered with a problem that I can't update the server using the "windows update" service.
I get this error "code 8000FFFF windows update encountered an unknown error".

I have a WSUS in my network, but the DC wasn't a part of the pc's that get updates from it.
I then include the DC to the WSUS computer list, but still i get this error.

Please notify that the error is displaying only at the end of the process, it seems that the updates are installed but then I get the error.

Please Help.
0
Comment
Question by:IT_Group1
  • 2
4 Comments
 
LVL 8

Accepted Solution

by:
Amitabh Singh earned 500 total points
ID: 36535807
Hi
do the fallowing , its known problem in windows 2008

1) Login to the server as "Administrator"
2) Change permissions to provide full access to C-drive for the user "Network Services"
2) Log off the from the server
3) Log back in as "Administrator"
4) Re-run the Updates
-----------------------------------------------------------------------------------------
Let us know the outcome
0
 

Author Comment

by:IT_Group1
ID: 36536017
Hi  Tech_Eng

are you Referring to state when the DC linked with the WSUS or not ?
0
 
LVL 8

Expert Comment

by:Amitabh Singh
ID: 36536410
the steps for both , its allow windows update service to download and updates and store in C:
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36541183
In windows 2008 by default the trusted installer has the ownership,replace the ownership of the C drive to administrators group.

TrustedInstaller.exe is Windows Module Installer service which is part of Windows Resource Protection.

Windows Resource Protection (WRP) is a technology that restricts access to certain core system files, folders, and registry keys that are part of the Windows Vista installation. WRP prevents files with .dll, .exe, .ocx, and .sys file extensions from being modified or replaced.

Protecting these key resources is important to overall system stability, and, as such, they can only be modified by the Windows Module Installer service (TrustedInstaller.exe). If someone with administrative rights attempts to modify or replace a file that is protected by WRP, he will be presented with the message "Access Denied".

I personally would not recommend to link the DC and critical application server not to link to WSUS server installed it manualy.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question