Posts Tagged ‘Windows Update Services’

Recently on adding some machines and updates to a existing WSUS server that had been stable for a whole year, I was getting the server being unresponsive , and the reset server node would not work

After restarting the Windows Update Server Service , the error below would display in the event log : 

The WSUS content directory is not accessible. System.Net.WebException: The remote server returned an error: (503) Server Unavailable. at System.Net.HttpWebRequest.GetResponse() at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)

Running IISRest in the Command prompt brought the site back online  , however clearly this was a workaround to teh crash , Turns out you need some tweaking of the Website in IIS to stop this!

  1. On your WSUS Server, launch the IIS Manager
  2. Open Application Pools
  3. Right click ‘WsusPool’ and select ‘Advanced Settings…’
  4. To support the maximum SCCM Software Update Point clients, change ‘Queue Length’ from the default 1,000 to 25,000
  5. If your server is NUMA aware, change ‘Maximum Worker Processes’ from the default 1 to 0. If you don’t know if your server is NUMA aware, leave this value default
  6. Change ‘”Service Unavailable” Response Type’ from the default HttpLevel to TcpLevel
  7. Change ‘Failure Interval (minutes) from the default 5 to 30
  8. Change ‘Maximum Failures’ from the default 5 to 60
  9. Click ‘OK’ to save the App Pool changes
  10. From an administrative command prompt, type IISRESET

This is also a good Cleanup script to schedule :

VN:F [1.9.22_1171]
Rating: 10.0/10 (2 votes cast)
VN:F [1.9.22_1171]
Rating: +1 (from 1 vote)

WorksiteSaveOperationThe first step is to make sure you see the actual WSUS server name in the log – if not that indicates a policy or registry setting used for the policy is not in place.
Next get the errors for the client trying to contact WSUS and check the error code against the error code reference for Windows Update agent. For a reference see:

Windows Update information is stored in c:\%windir%\Windowsupdate.log.

Perform the following on the client workstation.
1. Delete the registry keys in
2. Restart Automatic Updates service.
3. Issue the command wuauclt /resetauthorization /detectnow.
Updates will start downloading

Removing managed by your system administrator message to update them manually

Set Group Policy Manually
Start -> Run -> gpedit.msc
Computer configuration -> Administrative Templates -> Windows Components -> Windows Update
Configure Automatic updates
Choose enabled
Choose option 5 – Allow local admin to choose setting
User configuration -> Administrative Templates -> Windows Components -> Windows Update
Remove access to use all Windows Update features
Choose Disabled

After above clients where still not showing up in the WSUS gui after downloading the updates from the server. I checked

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate (SusClientId) which was cloned across all the servers. We had to run this:
Rem - Batch script to delete duplicate SusClientIDs 
Rem - Implement this script as a "Startup" or "Logon"  script 
Rem - Script creates an output file called %Systemdrive%\SUSClientID.log 
Rem - If the %Systemdrive%\SUSClientID.log is already present, then the script simply exits
@Echo off 
if exist %systemdrive%\SUSClientID.log goto end 
net stop wuauserv 
net stop bits 
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f  > %systemdrive%\SUSClientID.log 2>&1 
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f  >> %systemdrive%\SUSClientID.log 2>&1 
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f  >> %systemdrive%\SUSClientID.log 2>&1 
net start wuauserv 
wuauclt.exe /resetauthorization /detectnow          
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)