• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 467
  • Last Modified:

WSUS synchronization failure

Windows server 2003 get synchronization failure with following error. What's wrong? How to fix it?

WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
   at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
   at Microsoft.UpdateServices.ServerSync.ServerSyncCompressionProxy.GetWebResponse(WebRequest webRequest)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.GetAuthConfig()
   at Microsoft.UpdateServices.ServerSync.ServerSyncLib.InternetGetServerAuthConfig(ServerSyncProxy proxy, WebServiceCommunicationHelper webServiceHelper)
   at Microsoft.UpdateServices.ServerSync.ServerSyncLib.Authenticate(AuthorizationManager authorizationManager, Boolean checkExpiration, ServerSyncProxy proxy, Cookie cookie, WebServiceCommunicationHelper webServiceHelper)
   at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.SyncConfigUpdatesFromUSS()
1 Solution
Cliff GaliherCommented:
Both 2003 and any version of WSUS that ran on it has been long out of support. Nor do they support modern secure web protocols and Microsoft has been systematically disabling old protocols and certificate hashes on their systems. Since WSUS still has to connect to Windows Update, I strongly suspect it has just hit the end of the road. Long last time to upgrade.
WebException: The underlying connection was closed: An unexpected error occurred on a send.

Echo Cliff,
Windows 2003 only supported sslv2, sslv3 and tls1.0 which most no longer support.

If you could setup an internal, man-in-the-middle proxy on which HTTPS requests from wsus will go through while the proxy accesses the Windows update servers.
Sam Simon NasserIT Support ProfessionalCommented:
answer: upgrade the 2003 !!! go directly to 2012 or 2016 if your server can handle it.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

DonNetwork AdministratorCommented:
litmicAuthor Commented:
Seth SimmonsSr. Systems AdministratorCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Cliff Galiher (https:#a42498664)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Experts-Exchange Cleanup Volunteer
We just ran across this situation Windows 2003 WSUS 3.2 stopped syncing with Microsoft on April 1st 2018.  Of course there is no excuse for running Windows 2003 today but it is what it is.  For me it seems that MS or their CDN provider dropped support for some of the older cipher suites.

I was able to get it working again using a Windows 2003 Hotfix KB948963.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now