none
cannot install wsus role on 2012

    Question

  • Hi all,

    just trying to install a wsus on my first server 2012

    unfortunately the installation fails.
    Error message i see in the Wizard: The operation cannot be completed, because the server that you specified reuires a restart.

    If i restart the server i see and open the add roles wizard i see that the wsus is still not installed.

    Here are my settings:

    I run the installation on a Server 2013, whitch is within a domain, has a fix ip and nothing else installed.

    I do aRole-based installation, select server from the server pool

    and this options are selcted:

    WID Database and WSUS Services

    Store Updates path: E:\WSUS

    server restart automatically

    Firewall is disabled all updates are installed.

    this two errors i see in the event log:

    Log Name:      System
    Source:        Service Control Manager
    Date:          09.01.2013 15:58:40
    Event ID:      7000
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      wsus1.mydomain
    Description:
    The Windows Internal Database service failed to start due to the following error: 
    The service did not start due to a logon failure.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
        <EventID Qualifiers="49152">7000</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8080000000000000</Keywords>
        <TimeCreated SystemTime="2013-01-09T14:58:40.935101900Z" />
        <EventRecordID>1726</EventRecordID>
        <Correlation />
        <Execution ProcessID="508" ThreadID="2500" />
        <Channel>System</Channel>
        <Computer>wsus1.mydomain</Computer>
        <Security />
      </System>
      <EventData>
        <Data Name="param1">Windows Internal Database</Data>
        <Data Name="param2">%%1069</Data>
        <Binary>4D005300530051004C0024004D004900430052004F0053004F0046005400230023005700490044000000</Binary>
      </EventData>
    </Event>

    and this one

             

    Log Name:      System
    Source:        Service Control Manager
    Date:          09.01.2013 15:58:40
    Event ID:      7041
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      wsus1.mydomain
    Description:
    The MSSQL$MICROSOFT##WID service was unable to log on as NT SERVICE\MSSQL$MICROSOFT##WID with the currently configured password due to the following error: 
    Logon failure: the user has not been granted the requested logon type at this computer.

    Service: MSSQL$MICROSOFT##WID 
    Domain and account: NT SERVICE\MSSQL$MICROSOFT##WID

    This service account does not have the required user right "Log on as a service."

    User Action

    Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

    If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
        <EventID Qualifiers="49152">7041</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8080000000000000</Keywords>
        <TimeCreated SystemTime="2013-01-09T14:58:40.935101900Z" />
        <EventRecordID>1725</EventRecordID>
        <Correlation />
        <Execution ProcessID="508" ThreadID="2500" />
        <Channel>System</Channel>
        <Computer>wsus1.mydomain</Computer>
        <Security />
      </System>
      <EventData>
        <Data Name="param1">MSSQL$MICROSOFT##WID</Data>
        <Data Name="param2">NT SERVICE\MSSQL$MICROSOFT##WID</Data>
      </EventData>
    </Event>

    and the user a logon with is the domainadmin and is within the local admin group

    anyone who can help me?

    Thank you


    • Edited by homermg Wednesday, January 09, 2013 3:09 PM
    Wednesday, January 09, 2013 3:08 PM

All replies

  • Hi, homermg

    This issue has been already discussedTake a look at this tread:

    http://social.technet.microsoft.com/Forums/en-US/winserverwsus/thread/ae2baa1b-3aba-4d84-9a3c-0588b9a0f298


    Maxim Sinel'nikov

    Thursday, January 10, 2013 9:03 AM
  • unfortunately not for me

    because i have allready solve the issue with the installation but the post-installation task failed after restart.

    the Server manger crashes if i try to start the post-installation

    what i see in the eventlog:

    Log Name:      Application
    Source:        Application Error
    Date:          10.01.2013 14:52:01
    Event ID:      1000
    Task Category: (100)
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      wsus.mydomain
    Description:
    Faulting application name: ServerManager.exe, version: 6.2.9200.16384, time stamp: 0x50107b22
    Faulting module name: KERNELBASE.dll, version: 6.2.9200.16384, time stamp: 0x5010ab2d
    Exception code: 0xe0434352
    Fault offset: 0x00000000000189cc
    Faulting process id: 0x91c
    Faulting application start time: 0x01cdef396f2b79e1
    Faulting application path: C:\Windows\system32\ServerManager.exe
    Faulting module path: C:\Windows\system32\KERNELBASE.dll
    Report Id: e845db25-5b2c-11e2-93f5-005056a22204
    Faulting package full name: 
    Faulting package-relative application ID: 

    and this:

    Log Name:      Application
    Source:        .NET Runtime
    Date:          10.01.2013 14:52:01
    Event ID:      1026
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      wsus.mydomain
    Description:
    Application: ServerManager.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: Microsoft.Windows.ServerManager.Common.Model.AutomationServiceException
    Stack:
       at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
       at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
       at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
       at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
       at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
       at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
       at System.Windows.Application.RunInternal(System.Windows.Window)
       at Microsoft.Windows.ServerManager.SingleInstanceAppLauncher.StartApplication(Microsoft.Windows.ServerManager.Common.ArgumentsProcessor)
       at Microsoft.Windows.ServerManager.MainApplication.Main(System.String[])

    by the way i go trough this howto: http://technet.microsoft.com/en-gb/library/hh852344.aspx

    and at this point: 

    The NT Authority\Network Service account must have Full Control permissions for the following folders so that the WSUS Administration snap-in displays correctly:

    • %windir%\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files

    i cant find the The NT Authority\Network Service account. If opent the securitytab and try to add the both accouts i see only the "Netwrok Service" account. I can't find the "NT Authority" account.

    Thursday, January 10, 2013 2:13 PM
  • I managed to get this working by doing the following:

    - Install and user SQL Express 2012 as the database
    - Install the WSUS role, when on the features screen un-tick the Windows Internal Database (WID) so this isn't installed.

    For me the WID was trying to start a service that didn't exist and asked for the restart each time. By not installing WID and using SQL Express this doesn't happen

    Thursday, February 07, 2013 3:35 PM
  • I managed to get this working by doing the following:

    - Install and user SQL Express 2012 as the database
    - Install the WSUS role, when on the features screen un-tick the Windows Internal Database (WID) so this isn't installed.

    For me the WID was trying to start a service that didn't exist and asked for the restart each time. By not installing WID and using SQL Express this doesn't happen

    See my response to this option in this earlier thread.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Friday, February 08, 2013 12:08 AM
    Moderator
  • Edit the Default Domain Policy" in the section "log on as a service" add parameter "NT SERVICE\ALL SERVICES"
    Wednesday, May 01, 2013 7:01 AM
  • Hi,

    Does anyone know how to either change the passwrod for the MSSQL$MICROSOFT##WID acount (if they've been foolish enough to change the run as account and can't put it back because they don't know the password!!! ;o)

    J

    Wednesday, May 15, 2013 2:43 PM
  • i cant find the The NT Authority\Network Service account. If opent the securitytab and try to add the both accouts i see only the "Network Service" account.

    They're the same thing.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Monday, May 27, 2013 6:54 PM
    Moderator
  • Does anyone know how to either change the passwrod for the MSSQL$MICROSOFT##WID acount

    I would think it's defined in Local Users, and you'd change the password for that account the same way you would for any other local user account.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Monday, May 27, 2013 6:56 PM
    Moderator
    1.        Open up your domain group policy editor.
    2.        Navigate to the Default Domain Policy
    3.        Navigate to Policies -> Windows Settings -> Security Settings -> Local Policy -> User Rights Assignment
    4.        Find the “Log on as a service” policy and edit it.
    5.        Click on “Add user or group” button.
    6.        Add the following users: NETWORK, NETWORK SERVICE, SERVICE
    7.        Got to your Server 2012 machine and open an elevated command prompt.
    8.        Type in: gpupdate /force. Wait for it to successfully complete
    9.        Now try and install the WID and WSUS .


    Friday, November 01, 2013 7:54 AM