Microsoft WSUS broken after Microsoft patch installation

Microsoft patch KB3148812 (Link to the KB article has been removed by Microsoft), has an know issue when you have a WSUS server installed on you MS Windows Server 2012 R2.

WSUS_ERROR

A  messages that was found in the application log of the server:

Log Name: Application
Source: MSSQL$MICROSOFT##WID
Event ID: 18456
Task Category: Logon
Level: Information
Keywords: Classic,Audit Failure
User: NETWORK SERVICE
Description:
Login failed for user ‘NT AUTHORITY\NETWORK SERVICE’. Reason: Failed to open the explicitly specified database ‘SUSDB’. [CLIENT: <named pipe>]
Event Xml:
<Event xmlns=”http://schemas.microsoft.com/win/2004/08/events/event”&gt;
<System>
<Provider Name=”MSSQL$MICROSOFT##WID” />
<EventID Qualifiers=”49152″>18456</EventID>
<Level>0</Level>
<Task>4</Task>
<Keywords>0x90000000000000</Keywords>
<EventRecordID>91035</EventRecordID>
<Channel>Application</Channel>
<Computer>shr-mgmt-01</Computer>
<Security UserID=”S-1-5-20″ />
</System>
<EventData>
<Data>NT AUTHORITY\NETWORK SERVICE</Data>
<Data> Reason: Failed to open the explicitly specified database ‘SUSDB’.</Data>
<Data> [CLIENT: <named pipe>]</Data>
<Binary>184800000E0000001B0000005300480052002D004D0047004D0054002D00300031005C004D004900430052004F0053004F0046005400230023005700490044000000070000006D00610073007400650072000000</Binary>
</EventData>
</Event>

Microsoft has released a patch for this issue.

But don’t forget the manual steps that need to be executed, else the problem will be remain on your WSUS server. Solution article of Microsoft >> KB3159706

I did the following steps, (WSUS server has no SSL certificate activated, so last part of the process doesn’t be execute in my case.)

Prerequirements

WSUS_Prerequirements

See that the above updates have been installed. When not, install these manually and proceed then with the manual steps.

Manual Steps

  1. Open an elevated Command Prompt window, and then run the following command (case sensitive, assume “C” as the system volume):
    "C:\Program Files\Update Services\Tools\wsusutil.exe" postinstall /servicing
  2. Activate HTTP Activation under .NET Framework 4.5 Features (Via powershell)
    Import-Module ServerManager
    Add-WindowsFeature NET-WCF-HTTP-Activation45

    Get-WindowsFeature NET-WCF*

    Display Name Name Install State
    ------------ ---- -------------
    [X] WCF Services NET-WCF-Services45 Installed
    [X] HTTP Activation NET-WCF-HTTP-Activat... Installed
    [ ] Message Queuing (MSMQ) Activation NET-WCF-MSMQ-Activat... Available
    [ ] Named Pipe Activation NET-WCF-Pipe-Activat... Available
    [ ] TCP Activation NET-WCF-TCP-Activati... Available
    [X] TCP Port Sharing NET-WCF-TCP-PortShar... Installed
  3. Restart the WSUS Service
    net stop "WSUS service"
    net start "WSUS service"
     

After this step the problem has been resolved when you have no SSL certificate activated for your WSUS server else you need to continue with steps 03 & 04.

Advertisements

3 thoughts on “Microsoft WSUS broken after Microsoft patch installation

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s