AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of meirionwyllt
meirionwyllt
 asked on

Cannot do Windows Update on any of my Windows Server 2016 machines

I have three Windows Server 2016 virtual machines.  None of them are able to do Windows Update.  They find a list of items to download, but they're just stuck on 'Downloading update 0%'.  It can't be a corruption of repository or catalog because I've just built a VM from stratch and tried it and I get the same thing.  I've tried re-downloading the ISO from MVLS too, in case the ISO was corrupt.

All of our 2008 R2 machines connect to Windows Update no problem - these are in the same subnet, and go through the same proxy server.  Besides, the firewall/proxy reports HTTP 200 when Windows Update is attempted, so the proxy isn't doing anything to the traffic.

Looking at my WindowsUpdate.log file, I see these lines many times in a loop...

2017/11/06 11:55:43.8312332 588   4116  DownloadManager BITS job initialized: JobId = {E949FC9B-4BC2-443E-858F-8F693CE11E0B}
2017/11/06 11:55:43.8436054 588   4116  DownloadManager Downloading from http://download.windowsupdate.com/c/msdownload/update/software/defu/2017/09/nis_engine_1af0e4b80bf4028f8dac56ebf186b392e4e72486.exe to C:\Windows\SoftwareDistribution\Download\f71ddf93ec2d087c819cf75c55ddfda2\1af0e4b80bf4028f8dac56ebf186b392e4e72486 (full file)
2017/11/06 11:55:43.8452605 588   4116  DownloadManager New download job {E949FC9B-4BC2-443E-858F-8F693CE11E0B} for UpdateId F608EDA4-2E84-433A-A8C9-8117411F91A8.200
2017/11/06 11:55:43.8545291 588   4116  DownloadManager Download job E949FC9B-4BC2-443E-858F-8F693CE11E0B resumed.
2017/11/06 11:55:43.8734449 588   4116  DownloadManager Failed to connect to the DO service; (hr = 80040154)
2017/11/06 11:55:43.8734462 588   4116  DownloadManager GetDOManager() failed, hr=80246008, hrExtended=80040154
2017/11/06 11:55:43.8734472 588   4116  DownloadManager Failed creating DO job with hr 80246008
2017/11/06 11:55:43.8772521 588   4116  DownloadManager DO download failed with error 80246008[Extended: 80040154], falling back to BITS and retrying with new Download Job.

We have no WSUS server, and I've also tried setting the REG_DWORD UseWUServer=0 but to no avail.

For one of the servers, I downloaded the latest Cumulative Update from the Microsoft Catalog, but even after installing that, it's still not able to download any of the other update with Windows Updates.

I've tried it whilst logging in as a local user and as a domain user.  I've tried it a domain-joined machine and with non domain-joined.

Any ideas?
Thanks.
VirtualizationWindows Server 2016Windows OS
Avatar of undefined
Last Comment
meirionwyllt
8/22/2022 - Mon
ITSysTech
For a test could you only chose one update and try to install it. Mainly because this type of error you are receiving is normally from one of the updates having issues. Please report the results.

Edit: Because you are using a proxy you will need to permit these ranges on the Windows 2016 servers. Linky
meirionwyllt
ASKER
Hi, can you tell me how I can do this with Windows Server 2016?  Doing this is simple enough in Server 2008 R2 but it's all changed with 2016 and the tick-boxes are all gone.
ITSysTech
After reading further into your log files "falling back to BITS and retrying with new Download Job" it seems as though your proxy is causing the issues. Please permit these ranges on your Windows 2016 servers or configure a Group Policy or MDM Policy setting that will bypass Delivery Optimization and use BITS instead. Linky
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
meirionwyllt
ASKER
From what I gather, the article suggests I need to set this following Registry value (this value doesn't exist in my local group policy editor)...

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config

DODownloadMode = 0
REG_DWORD

I've tried this and rebooted, but I still have the same problem.
ITSysTech
Could you run this from a dos prompt on the affected machine?  netsh winhttp show proxy  
Report back the results.
meirionwyllt
ASKER
Running that command gives "Direct access (no proxy server)".

By the way, for the above reg value I've also tried "100" (bypass) too but it didn't work either.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
ITSysTech
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
meirionwyllt
ASKER
Aha!  I've set my proxy server into winhttp using...

netsh winhttp set proxy servername:8080

and now it's working!

Now, the question for me is, why do I need to have this value set?  I've never had to do this before to get WU working

Thanks
ITSysTech
Windows Server 2016 seems to have changed the way it receives updates as compared to Windows Server 2012. In my experience Windows 2016 seems to have this issue with anything to do with proxies.
meirionwyllt
ASKER
Thanks for your help
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent