locked
Updates failing on local machines RRS feed

  • Question

  • I have a new WSUS server running on Windows Server 2012, lists as version 6.2.9200.16384.

    The majority of clients list as 99% in the installed/not applicable percentage column, however I am getting reports from users that many updates are failing at the client side.  This is not then being reported by WSUS as updates with errors.  Looking at the windowsupdate.log on the client machines I can see the line:

    2014-11-21    08:54:56:527  968   1040   Report WARNING: CSerializationHelper:: InitSerialize failed : 0x80070002

    I am also seeing a lot of Installation Successful: Windows successfully installed the following update messages.

    The main issues is that this causes the system to reboot several times as it rolls back failed updates, some users reporting that it has taken up to an hour before they can log into their machines.  I need to be able to see these failures in WSUS management console, has any one seen this type of behaviour before?

    Drac

    Friday, November 21, 2014 9:50 AM

Answers

  • I am aware that, under normal circumstances,  failed updates will show as failed in the WSUS console.  However, in this instance WSUS does not show any failed updates for the systems in question.  The information from the users is based on what Control Panel > Windows Updates > view update history is telling me.

    You need to reconcile these allegedly failed updates against the state information reported in the console. Either these update are Installed, Not Applicable, or Needed. If the updates are still listed as Needed, then the Windows Update Agent is trying to reinstall them at each installation event. Quite likely, the installer is returning a success code to the Windows Update Agent that says "Successful, but requires reboot", because the installation will not be completed until the restart.

    Then, at the restart, the remainder of the installation fails somehow, and the work previously done is rolled back. The Windows Update Agent, however, knows nothing about this situation, so the update merely gets changed from Needed (Installed Pending Reboot) to Needed (Not Installed) and the magic starts all over again.

    There's still a missing piece here, because the only way an event can get logged in the Windows Update History is if the Windows Update Agent was involved in the process. If the WUA logged an installation failure, then it *should* report that to the WSUS server. But there are a couple of cases in which it won't.

    First, if the update installation came from somewhere other than the WSUS server; the EVENT associated with that installation will not be reported to the WSUS server. Only the STATE of the update itself: Installed, Not Installed, Not Applicable.

    Second, if the failure actually predates the use of WSUS, and the users are simply misinterpreting the data. Failures are recorded permanently in the Windows Update History. Even if that very same update is subsequently installed successfully, the previous failures will remain. This quite often misleads and confuses people reading the WUHistory.. which is why looking at the actual STATE as displayed in the console is quite often, more reliable, as it tells us what *IS* today, not what happened yesterday.

    So, granted, in this unique circumstance the update is not explicitly flagged as failed. (This is an artifact of having redesigned the installation/updating methodology of the operating system, but failing to properly update the agent mechanism for Windows Update. One of several things the WUAgent team has complicated over the past eight years).

    HOWEVER.... you do still have actionable information in your console, which if you weren't ignoring in favor of "user reports", would have likely led to the same root cause.

    Which *UPDATES* are listed in the console as Needed (Not Installed), and how long have they been available for installation? If the answer is more than a couple of days, then the console has told you all you need to know. Those update(s) are not being successfully installed.


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Monday, November 24, 2014 6:31 PM

All replies

  • Hello,

    Identify a computer that have problem to install update and find it in the wsus console. Look at "Last contact Time" and "Last report Time". What do you see ?

    On the computer, go to "control panel" -> "Windows Update" -> "Display update history" , do you see error ?

    On the same computer run the command : WuAuClt /ReportNow

    Wait 1 minute and refresh the wsus console display.


    David COURTEL

    IT Technician

    Wsus Third-Party Softwares Publishing : Wsus Package Publisher

    Outlook 2013 PST Backup : Pst Backup 2013

    Friday, November 21, 2014 11:26 AM
  • The majority of clients list as 99% in the installed/not applicable percentage column, however I am getting reports from users that many updates are failing at the client side.

    This is already two separate problems.

    The main issues is that this causes the system to reboot several times as it rolls back failed updates

    Yeah.. uh.. I'm not so sure this is an accurate statement.

    I need to be able to see these failures in WSUS management console

    Yeah.. uh... FAILED installs are pretty easy to see... they show up as FAILED installs. If the console doesn't show updates as FAILED... then you're getting BAD information from your users.


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.


    Sunday, November 23, 2014 2:34 AM
  • Thanks David, 

    I will check this on the effected systems..

    Drac

    Monday, November 24, 2014 5:15 PM
  • Thanks for the reply Lawrence even though it was less than helpful,

    I am aware that, under normal circumstances,  failed updates will show as failed in the WSUS console.  However, in this instance WSUS does not show any failed updates for the systems in question.  The information from the users is based on what Control Panel > Windows Updates > view update history is telling me.

    Drac

    Monday, November 24, 2014 5:21 PM
  • I am aware that, under normal circumstances,  failed updates will show as failed in the WSUS console.  However, in this instance WSUS does not show any failed updates for the systems in question.  The information from the users is based on what Control Panel > Windows Updates > view update history is telling me.

    You need to reconcile these allegedly failed updates against the state information reported in the console. Either these update are Installed, Not Applicable, or Needed. If the updates are still listed as Needed, then the Windows Update Agent is trying to reinstall them at each installation event. Quite likely, the installer is returning a success code to the Windows Update Agent that says "Successful, but requires reboot", because the installation will not be completed until the restart.

    Then, at the restart, the remainder of the installation fails somehow, and the work previously done is rolled back. The Windows Update Agent, however, knows nothing about this situation, so the update merely gets changed from Needed (Installed Pending Reboot) to Needed (Not Installed) and the magic starts all over again.

    There's still a missing piece here, because the only way an event can get logged in the Windows Update History is if the Windows Update Agent was involved in the process. If the WUA logged an installation failure, then it *should* report that to the WSUS server. But there are a couple of cases in which it won't.

    First, if the update installation came from somewhere other than the WSUS server; the EVENT associated with that installation will not be reported to the WSUS server. Only the STATE of the update itself: Installed, Not Installed, Not Applicable.

    Second, if the failure actually predates the use of WSUS, and the users are simply misinterpreting the data. Failures are recorded permanently in the Windows Update History. Even if that very same update is subsequently installed successfully, the previous failures will remain. This quite often misleads and confuses people reading the WUHistory.. which is why looking at the actual STATE as displayed in the console is quite often, more reliable, as it tells us what *IS* today, not what happened yesterday.

    So, granted, in this unique circumstance the update is not explicitly flagged as failed. (This is an artifact of having redesigned the installation/updating methodology of the operating system, but failing to properly update the agent mechanism for Windows Update. One of several things the WUAgent team has complicated over the past eight years).

    HOWEVER.... you do still have actionable information in your console, which if you weren't ignoring in favor of "user reports", would have likely led to the same root cause.

    Which *UPDATES* are listed in the console as Needed (Not Installed), and how long have they been available for installation? If the answer is more than a couple of days, then the console has told you all you need to know. Those update(s) are not being successfully installed.


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Monday, November 24, 2014 6:31 PM
  • Many thanks Lawrence, now I understand.

    Users were sending me screenshots of their Update history and in one case, on the 17th November, there were about 20 updates reporting as failed.  However, upon checking their status information in the WSUS console it showed the date correctly and displayed needed or failed updates, at this point as 0 failed and 8 Not installed.    

    So my main concern at the time was whether the status was being misreported and I had some sort of problem I needed to fix.  From your, very detailed and informative, statement above, I no longer think that I need to worry about it, partly as further investigation and troubleshooting has revealed that the users omitted a vital piece of the puzzle, who'd a thought it, in their screenshots, which was that the system status was now reporting Pending Restart as their status. 

    Also the user who complained about this in the first place has since told me that they don't restart their laptop "as it takes ages to do all the updates"

    Drac

    Monday, November 24, 2014 6:58 PM