locked
Windows 2012 R2 WSUS 6 event Id 12072 & 364 RRS feed

  • Question

  • I have a Windows 2012 R2 VM on and ESXI Host VMWARE running ok About 4 weeks ago Windows Defender updates stopped ach day working on my Windows 2008 Server I uninstalled Defender problem went away Little to my knowledge it lead to this. I started seeing Event 12072 13074 etc. So Last night I decided to uninstall WSUS and start over.  I have SQL 2014 installed on this server. Deleted the SQL database for WSUS deleted the Content Folder on my E:\ drive. started fresh.

    After a restart and a new install the sync with Microsoft was successful and my machines reconnected to the WSUS server.

    I am getting this error Event 12072

    The wsus content directory is not accessible.

    Log Name:      Application
    Source:        Windows Server Update Services
    Date:          4/4/2018 4:16:09 AM
    Event ID:      12072
    Task Category: 9
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      tgcs016.our.network.tgcsnet.com
    Description:
    The WSUS content directory is not accessible.
    System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Windows Server Update Services" />
        <EventID Qualifiers="0">12072</EventID>
        <Level>2</Level>
        <Task>9</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2018-04-04T08:16:09.000000000Z" />
        <EventRecordID>128116</EventRecordID>
        <Channel>Application</Channel>
        <Computer>tgcs016.our.network.tgcsnet.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>The WSUS content directory is not accessible.
    System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)</Data>
      </EventData>
    </Event>

    I believe this is an IIS issue but not and IIS expert

    Any ideas thank you

    Tom

     

     

    Thomas R Grassi Jr

    Wednesday, April 4, 2018 9:05 PM

All replies

  • Hi,

    I have no idea with this issue.

    Maybe you could open the PowerShell and run command "Get-WindowsUpdateLog" to get windows update log

    By default you should get the WindowsUpdate.Log file on your desktop .

    Please check if there is any error/failure in that log after the time you have noted .


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, April 30, 2018 9:22 AM
  • get-windowsupdatelog is not a command let on a WSUS server

    any ideas ?


    Thomas R Grassi Jr

    Monday, April 30, 2018 6:24 PM
  • sounds kind of like an IIS issue..

    Open up your IIS manager, expand sites, highlight WSUS Administration and post the bindings and basic settings.  

    Since this has to deal with the Content directory, you'll notice that there's a 'Content' folder shortcut under WSUS Administration in IIS.  Look at the basic settings (right side, under Actions) of that folder and verify the path goes to your real WSUS content.

    See my example, everything is installed on C:, except for my WSUS content.

    let me know how that goes.


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com

    Monday, April 30, 2018 7:02 PM
  • Tim   thanks

    I hope this help figure this out.

    Tom

    Thanks 


    Thomas R Grassi Jr

    Monday, April 30, 2018 7:54 PM
  • The 'local service' account looks out of place compared to my environment, but my test connection page looks identical to yours.

    I feel that this is safe to ignore as long as you navigate to e:\wsus\wsuscontent and look at the permissions, verify NetworkService has some kind of read rights on that directory.  I did NOT modiffy my permissions in any way, so the installer for WSUS must have done it.

    Here's my wsuscontent permissions

    you said you're seeing messages in the event log, the one you posted was from 4/4/2018, have there been repeated entries since?  I'm wondering if this message only happens during install or something....

    One last thing to verify...

    highlight the Content directory in IIS, and double-click at .NET Authorization, make sure there aren't weird restrictions or something.

    mine looks like this:

    let me know

    thanks

    tm


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com


    Tuesday, May 1, 2018 1:17 PM
  • Tim

    the error occurs at random times looks like the same time but 24 hours apart see attached event log extract  also my Net Auth looks like yours

    thank you

    Tom


    Thomas R Grassi Jr

    Tuesday, May 1, 2018 3:55 PM
  • hmmm.....

    couple of simple things I should have asked previously..

    1. verify the app pool for WSUS is running in IIS Manager( this is really step 1, I tend to assume a LOT )

    2. check the values in HKLM\Software\Microsoft\Update Services\Server\Setup <-  pay special attention to the ContentDir value - this should be the parent folder for WSUSContent, or in your case E:\wsus  (hoping this is where some misconfiguration may reside since you said you reinstalled wsus)

    Also validate SQLDatabaseName and SQLServerName since you stated you're not using WID.

    Lastly, in the event viewer on your wsus server, see if you have any EventID 364's  - those would give you detailed info on these errors.  The 10032 error is pretty generic, it just tells you something went wrong.

    let me know!

    tm

    Post all that


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com

    Tuesday, May 1, 2018 5:40 PM
  • one other thing I JUST noticed.....the original error you posted is 12072,  the tiny print in your screenshots says 10032!!!  

    So for my own sanity, 1 problem at a time.... that's MY mistake.

    Do you still have recent 12072 errors?  Or just the ones dating back to 4/4?  

    Since you've posted a screenshot of 10032 events, there should be an accompanying 364.  Our answer should be in those events.


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com



    Tuesday, May 1, 2018 6:06 PM
  • Tim

    My findings some event 364 also.


    Thomas R Grassi Jr

    Tuesday, May 1, 2018 6:41 PM
  • Tim the 12072 was a typeo on my part they all have been 10032

    Log Name:      Application
    Source:        Windows Server Update Services
    Date:          5/1/2018 2:03:02 PM
    Event ID:      10032
    Task Category: 7
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      tgcs016.our.network.tgcsnet.com
    Description:
    The server is failing to download some updates.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Windows Server Update Services" />
        <EventID Qualifiers="0">10032</EventID>
        <Level>2</Level>
        <Task>7</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2018-05-01T18:03:02.000000000Z" />
        <EventRecordID>133709</EventRecordID>
        <Channel>Application</Channel>
        <Computer>tgcs016.our.network.tgcsnet.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>The server is failing to download some updates.</Data>
      </EventData>
    </Event>

    Log Name:      Application
    Source:        Windows Server Update Services
    Date:          4/30/2018 1:41:40 PM
    Event ID:      364
    Task Category: 2
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      tgcs016.our.network.tgcsnet.com
    Description:
    Content file download failed.
    Reason: File cert verification failure.
    Source File: /c/msdownload/update/software/secu/2017/06/windows10.0-kb4022730-x64_f8cc3c3282c9d0eff5c59ae004bd468d037a0b23.cab
    Destination File: E:\wsus\WsusContent\23\F8CC3C3282C9D0EFF5C59AE004BD468D037A0B23.cab
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Windows Server Update Services" />
        <EventID Qualifiers="0">364</EventID>
        <Level>2</Level>
        <Task>2</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2018-04-30T17:41:40.000000000Z" />
        <EventRecordID>133503</EventRecordID>
        <Channel>Application</Channel>
        <Computer>tgcs016.our.network.tgcsnet.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>Content file download failed.
    Reason: File cert verification failure.
    Source File: /c/msdownload/update/software/secu/2017/06/windows10.0-kb4022730-x64_f8cc3c3282c9d0eff5c59ae004bd468d037a0b23.cab
    Destination File: E:\wsus\WsusContent\23\F8CC3C3282C9D0EFF5C59AE004BD468D037A0B23.cab</Data>
      </EventData>
    </Event>


    Thomas R Grassi Jr

    Tuesday, May 1, 2018 6:43 PM
  • ah ha!  now we're getting somewhere. The weird thing is, I was expecting to see a .esd file...but regardless these steps are more or less required for WSUS on 2012/R2 going-forward to be able to deploy Win10 updates.

    Description:
    Content file download failed.
    Reason: File cert verification failure.

    Are these installed on the server? if not, install them in order. KB2919355, KB3095113, and KB3159706  

    (the 2919355 is a prerequisite for both)

    links for those (be sure you download the appropriate version):

    https://support.microsoft.com/en-us/help/2919355/windows-rt-8-1-windows-8-1-and-windows-server-2012-r2-update-april-201

    https://support.microsoft.com/en-us/help/3095113/update-to-enable-wsus-support-for-windows-10-feature-upgrades

    https://support.microsoft.com/en-us/help/3159706/update-enables-esd-decryption-provision-in-wsus-in-windows-server-2012

    The last update 3159706 has manual steps for after the update, be sure to follow the instructions at the bottom of the page.

    BE SURE TO REBOOT

    Last thing to check since you're on 2012R2:

    In IIS manager, click on the server object

    in the middle pane, open 'MIME types' verify (or add)

    Restart IIS

    Other than those items above, I'm convinced there's nothing wrong your actual wsus configuration.

    Let me know how that goes!

    tm


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com




    Tuesday, May 1, 2018 7:44 PM
  • Tim

    the updates  KB2919355  already installed  the other two not applicable

    I am running Windows 2012 R2

    The Add MIME was missing for .esd  I added it.  ran iisreset

    Lets see what happens

    Update

    I removed the MIME and now my clients can download updates

    Wednesday, May 2, 2018 1:18 AM
  • Tim

    Update again

    After doing the IISRESET 

    Now I get this

    Log Name:      Application
    Source:        Windows Server Update Services
    Date:          5/1/2018 9:13:24 PM
    Event ID:      13042
    Task Category: 6
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      tgcs016.our.network.tgcsnet.com
    Description:
    Self-update is not working.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Windows Server Update Services" />
        <EventID Qualifiers="0">13042</EventID>
        <Level>2</Level>
        <Task>6</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2018-05-02T01:13:24.000000000Z" />
        <EventRecordID>133773</EventRecordID>
        <Channel>Application</Channel>
        <Computer>tgcs016.our.network.tgcsnet.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>Self-update is not working.</Data>
      </EventData>
    </Event>

    Log Name:      Application
    Source:        Windows Server Update Services
    Date:          5/1/2018 9:13:24 PM
    Event ID:      12072
    Task Category: 9
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      tgcs016.our.network.tgcsnet.com
    Description:
    The WSUS content directory is not accessible.
    System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Windows Server Update Services" />
        <EventID Qualifiers="0">12072</EventID>
        <Level>2</Level>
        <Task>9</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2018-05-02T01:13:24.000000000Z" />
        <EventRecordID>133774</EventRecordID>
        <Channel>Application</Channel>
        <Computer>tgcs016.our.network.tgcsnet.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>The WSUS content directory is not accessible.
    System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)</Data>
      </EventData>
    </Event>

    Log Name:      Application
    Source:        Windows Server Update Services
    Date:          5/1/2018 9:15:33 PM
    Event ID:      364
    Task Category: 2
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      tgcs016.our.network.tgcsnet.com
    Description:
    Content file download failed.
    Reason: File cert verification failure.
    Source File: /c/msdownload/update/software/secu/2017/06/windows10.0-kb4022730-x64_f8cc3c3282c9d0eff5c59ae004bd468d037a0b23.cab
    Destination File: E:\wsus\WsusContent\23\F8CC3C3282C9D0EFF5C59AE004BD468D037A0B23.cab
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Windows Server Update Services" />
        <EventID Qualifiers="0">364</EventID>
        <Level>2</Level>
        <Task>2</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2018-05-02T01:15:33.000000000Z" />
        <EventRecordID>133775</EventRecordID>
        <Channel>Application</Channel>
        <Computer>tgcs016.our.network.tgcsnet.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>Content file download failed.
    Reason: File cert verification failure.
    Source File: /c/msdownload/update/software/secu/2017/06/windows10.0-kb4022730-x64_f8cc3c3282c9d0eff5c59ae004bd468d037a0b23.cab
    Destination File: E:\wsus\WsusContent\23\F8CC3C3282C9D0EFF5C59AE004BD468D037A0B23.cab</Data>
      </EventData>
    </Event>

    Now my Windows machines cannot download any updates also

    Add the MIME do this?

    Wednesday, May 2, 2018 2:38 AM
  • the first error - 13042 selfupdate is not working, that could be caused by a conflict of your previous installation of wsus within IIS.  Not real sure how to fix that, but have a look at this thread  -  read the replies from Lawrence. Might be a permissions issue.  May give you some ideas

    Just out of curiousity, is ipv6 enabled?  try disabling and see if that clears it up.

    https://community.spiceworks.com/topic/449401-wsus-self-update-not-working-error-messages

    2nd.  12072 - I think you're ok here. you might be able to make this error go away by going back into IIS, to the content folder, and in the physical path put the share for wsuscontent. e.g. \\servername\wsuscontent  the share is also listed in computer management. should look like this

    3rd - 364   It seems like you're still missing a patch of some kind.  Can you get a list of the updates installed on this server?

    I'll reply in the morning when I can

    tm


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com

    Wednesday, May 2, 2018 3:15 AM
  • Sorry man, I don't think I can help you any more. 

    A resident moderator Andy David has really rubbed me the wrong way. 

    People take time out of their own PERSONAL schedules to help others, only to be hassled by d*ckhead moderators.   I'll go on another 3-4 year hiatus, maybe he'll be gone if I come back to TN again.

    mods - save yourself time and don't ask me to change my post, I won't.  Just delete it, it'll happen anyway.

    best of luck


    Tim Magnuson | MCTS, MCITP | MCCA 2011 |
    Ok, so I changed my name...you can still call me Tom if you like. It's a...jump...to conclusions...mat.
    My Blog Site: http://tmagnuson.wordpress.com

    Wednesday, May 2, 2018 12:46 PM
  • Andy David is not compensated for his participation, he is a volunteer (as am I).  He was made a moderator based on his past efforts in the forums.  He only rubbed you the wrong way because of your useless attempts answers and snide remarks.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Wednesday, May 2, 2018 3:19 PM
  •  because of your useless attempts answers and snide remarks.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thanks for reinforcing my point Ed!  Keep riding that MVP high horse.
    Wednesday, May 2, 2018 4:15 PM
  • Tim

    What is going on here? Why so much drama.

    Trying to get a problem resolved should not be such a problem.

    Still getting the same events daily and updates are working must be a fix for this

    Thanks

    Tom


    Thomas R Grassi Jr

    Thursday, May 3, 2018 3:46 PM
  • Hi,

    Since April Patch Tuesday, I keep restarting IISRESET.exe each time that problem happens and that works on a short time period.

    Does somebody knows why that happens and how to resolve it finally.

    Best regards,

    PCJ_TECH


    • Edited by PCJ_TECH Monday, May 7, 2018 12:02 PM
    Monday, May 7, 2018 11:03 AM
  • I was having the same issue, and like you said iisreset.exe would allow console access for a mintue or two and bomb out.
    That led me to this post where I increasaed the WSUSPool memory in IISMgr.
    That did the trick!

    community.spiceworks.com/topic/285946-iis-wsuspool-server-stop-again-and-again

    • Proposed as answer by PCJ_TECH Friday, May 25, 2018 6:48 AM
    Saturday, May 12, 2018 1:51 PM
  • So after reading the whole thread, KB3509706 seems to be replaced with the latest CU's, but there's nothing official from Microsoft, but as I've followed a bunch of threads and seen certain things help others, running

    "C:\Program Files\Update Services\Tools\wsusutil.exe" postinstall

    fixes some problems. (not with the added /servicing)

    If you can get into WSUS at all, then this command above is not needed. If the WSUS Console keeps crashing, the WSUS Application Pool Memory should be increased, but that's not the whole story. The issue for this would revolve around not doing the proper maintenance on the WSUS Server.... Wait a second, you said it's a new server... let me be crystal clear.

    Just because it's NEW does not mean that it's clean or optimized; it just means that it's NEW!

    Let me introduce you to WAM, the fully automated way to take WSUS back into your control. If you use WAM, you WILL have less issues, you WILL have a faster user experience, and you WILL believe in it.

    New version coming out June 1st!

    Please have a look at the WSUS Automated Maintenance (WAM) system. It is an automated maintenance system for WSUS, the last system you'll ever need to maintain WSUS!

    https://community.spiceworks.com/scripts/show/2998-wsus-automated-maintenance-formerly-adamj-clean-wsus

    What it does:

    1. Add WSUS Index Optimization to the database to increase the speed of many database operations in WSUS by approximately 1000-1500 times faster.
    2. Remove all Drivers from the WSUS Database (Default; Optional).
    3. Shrink your WSUSContent folder's size by declining multiple types of updates including by default any superseded updates, preview updates, expired updates, Itanium updates, and beta updates. Optional extras: Language Packs, IE7, IE8, IE9, IE10, Embedded, NonEnglishUpdates, ComputerUpdates32bit, WinXP.
    4. Remove declined updates from the WSUS Database.
    5. Clean out all the synchronization logs that have built up over time (configurable, with the default keeping the last 14 days of logs).
    6. Compress Update Revisions.
    7. Remove Obsolete Updates.
    8. Computer Object Cleanup (configurable, with the default of deleting computer objects that have not synced within 30 days).
    9. Application Pool Memory Configuration to display the current private memory limit and easily set it to any configurable amount including 0 for unlimited. This is a manual execution only.
    10. Checks to see if you have a dirty database, and if you do, fixes it. This is primarily for Server 2012 WSUS, and is a manual execution only.
    11. Run the Recommended SQL database Maintenance script on the actual SQL database.
    12. Run the Server Cleanup Wizard.

    It will email the report out to you or save it to a file, or both.

    Although the script is lengthy, it has been made to be super easy to setup and use so don't over think it. There are some prerequisites and instructions at the top of the script. After installing the prerequisites and configuring the variables for your environment (email settings only if you are accepting all the defaults), simply run:

    .\Clean-WSUS.ps1 -FirstRun

    If you wish to view or increase the Application Pool Memory Configuration, or run the Dirty Database Check, you must run it with the required switch. See Get-Help .\Clean-WSUS.ps1 -Examples

    If you're having trouble, there's also a -HelpMe option that will create a log so you can send it to me for support.


    Adam Marshall, MCSE: Security
    http://www.adamj.org
    Microsoft MVP - Windows and Devices for IT

    Sunday, May 13, 2018 1:43 PM