asked on
WSUS clients do NOT see approved updates from WSUS server
This is a follow up question to one I posted just last week where none of our WSUS clients had reported a status in the past 30 days. After getting past the failed .NET patch on our (W2K19) WSUS server, every client is now reporting a status. The WSUS console does show that clients are in need of patches that are approved for install.
But the Win 10 clients I've checked show NO update history, and no patches needed despite the fact that the WSUS console says otherwise. I should note that the Win 10 clients I've checked have recently had O365 installed - with updates configured to be downloaded directly from Microsoft.
The couple of test servers I've checked DO show update histories, but they also fail to see the approved updates waiting for them on the WSUS server.
I've tried resetting a test WSUS client, but it does not resolve the issue. I wanted to post this now while I'm still pouring through event logs to see if anyone has seen this before.
I'll provide more details should I find any additional clues.
ASKER
ASKER
I would blame it on the Office 365 updates, but it's happening to every client, O365 or not, Win 10 or Win Server *.
KH
ASKER
I'm also seeing the following error in the app event log :
Log Name: Application
Source: Windows Server Update Services
Date: 12/15/2021 9:06:38 PM
Event ID: 10032
Task Category: 7
Level: Error
Keywords: Classic
User: N/A
Computer: <mywsusserver>.com
Description:
The server is failing to download some updates.
Event Xml:
ASKER
So we're back where we started....
Previous discussion : ALL of our WSUS clients have failed to report their status in more than 30 days
Previous (and now current) error events :
Log Name: Application
Source: Windows Server Update Services
Date: 12/16/2021 1:32:18 PM
Event ID: 12002
Task Category: 9
Level: Error
Keywords: Classic
User: N/A
Computer: WSUS.xxxxxx.com
Description:
The Reporting Web Service is not working.
Event Xml:
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 12/16/2021 1:03:17 AM
Event ID: 1309
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: WSUS.xxxxxx.com
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 12/16/2021 1:03:17 AM
Event time (UTC): 12/16/2021 6:03:17 AM
Event ID: 78fa1e0f13fe43bbb67cd150e1d57136
Event sequence: 26886
Event occurrence: 32
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1558258880/ROOT-16-132839353019997346
Trust level: Full
Application Virtual Path: /
Application Path: C:\Program Files\Update Services\WebServices\Root\
Machine name: WSUS
Process information:
Process ID: 3872
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: HttpException
Exception message: A potentially dangerous Request.Path value was detected from the client (<).
at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
Request information:
Request URL: http://wsus.xxxxxx.com:8530/cgi-bin/search=<script>alert('XSS')</script>
Request path: /cgi-bin/search=<script>alert('XSS')</script>
User host address: 10.2.36.72
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 58
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
ASKER
Source File: /c/msdownload/update/software/crup/2021/11/aspnetcore-runtime-5.0.12-win-x64_4922f60dcb21f8c227e2ba022138eefc7ac70d9f.exe
Destination File: E:\WsusContent\9F\4922F60DCB21F8C227E2BA022138EEFC7AC70D9F.exe
2021-12-17 18:32:11.151 UTC Info WsusService.16 EventLogEventReporter.ReportEvent EventId=364,Type=Error,Category=Synchronization,Message=Content file download failed.
Reason: There are no more endpoints available from the endpoint mapper.
We also have 300+ of this error mixed in with the above
2021-12-17 19:21:33.945 UTC Error WsusService.11 HmtWebServices.CheckReportingWebService Reporting WebService SoapException:System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.TypeInitializationException: The type initializer for 'Microsoft.UpdateServices.Internal.Reporting.WebService' threw an exception. ---> System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. Reason: Server is in script upgrade mode. Only administrator can connect at this time.
I've tried "C:\Program Files\Update Services\Tools>WsusUtil.exe postinstall" from an administrative prompt, but it didn't change anything.
I've confirmed the permissions for "NETWORK SERVICE" to the root of the WSUSContent drive and made sure it has full permissions to "WsusContent".
This server worked until the 2021-09 CU for W2K19 failed to install on 11/8/2021. It has since been replaced by the 2021-10 CU and the 2021-11 CU.
Hoping someone has been down this road.
Server is in script upgrade mode.
that is a problem
what database is being used?
seems to indicate SQL is being patched or upgraded causing WSUS issues
if someone was doing something with the database, try restarting the WSUS service; could have been a transient error
ASKER
Can we move the DB from the built-in to a SQL server? Or do we need to start over and build a new server that uses a separate SQL server for its database? Or remove WSUS, the DB, the content, and start over completely, setting up WSUS to use an external SQL server (assuming that's an option)?
At this point, I just need something that works.
Can we move the DB from the built-in to a SQL server?
sure
Migrating the WSUS Database from WID to SQL
https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/manage/wid-to-sql-migrationASKER
Is there any benefit to deleting the contents of our WsusContent directory and running a "wsusutil.exe reset"? We "kind of" did this once already, although I think we failed to run the "wsusutil.exe reset" immediately after deleting the contents of WsusContent. So it's possible we made things worse.
ASKER
ASKER
I have one W2K19 server that is only showing the updates I applied manually (last night) in the update history. Funny thing is when you go to "uninstall updates" the complete list of updates IS there. I've tried resetting the client (while removing it from the WSUS console at the same time). It re-appeared in the WSUS console, but it still not showing the history in "View Update History".
It's been more than 24 hours since I reset the WSUS client info. Even though this seems to be a minor glitch, I still would prefer to see a proper update history list.
Any ideas?
if you run a report for one of those systems, does the status show updates as 'approved' and 'not installed'?