As any other environment, my lab needs some maintenance from time to time. I use a Windows 2012 R2 VM with the Windows Server Update Service (WSUS) role to keep my Windows VMs up to date. Like many others, I was surprised by KB3148812 (Update enables ESD decryption provision in WSUS in Windows Server 2012 and Windows Server 2012 R2), which broke my WSUS. But the fix was easy: Uninstall KB3148812 and reboot the server. The WSUS product team published an artice about this known issue in their blog: Known Issues with KB3148812. In the meantime, Microsoft has published a new update, which supersedes KB3148812: KB3159706.
WSUS dead again?
Today I wanted to check the update status of my VMs. Unfortunately, the WSUS console was unable to connect to the WSUS server.
I checked the status of the service and found the WSUS service stopped. But even after I had started the service, the WSUS console was unable to connect to the server. I found an error in the event logs (ID 507, source Windows Server Update Services), but the message “Update Services failed its initialization and stopped” wasn’t helpful. More helpful was a log entry:
2016-05-22 02:01:03.191 UTC Warning w3wp.19 SoapUtilities.CreateException ThrowException: actor = http://wsus.lab.local:8530/SimpleAuthWebService/SimpleAuth.asmx, ID=79bf356b-4f58-4cac-a4aa-b52ec6e0bf38, ErrorCode=InternalServerError, Message=, Client=? 2016-05-22 02:01:10.066 UTC Info w3wp.16 SimpleAuth..ctor Initializing SimpleAuth WebService ProcessID = 968, Process Start Time = 21.05.2016 21:43:13, Product Version = 6.3.9600.18324 2016-05-22 02:01:10.066 UTC Error w3wp.16 SimpleAuthImplementation..ctor Exception in SimpleAuth constructor: System.Data.SqlClient.SqlException (0x80131904): Cannot open database "SUSDB" requested by the login. The login failed. Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
After some searching and examination of the recently installed updates, I came across KB3159706.
Manual steps required to complete the installation of KB3159706
Open an elevated CMD and run this command:
"C:\Program Files\Update Services\Tools\wsusutil.exe" postinstall /servicing
The output should look similar to this:
C:\Users\Administrator.LAB>"C:\Program Files\Update Services\Tools\wsusutil.exe" postinstall /servicing Log file is located at C:\Users\Administrator.LAB\AppData\Local\Temp\2\tmp63BD.tmp Post install is starting Post install has successfully completed C:\Users\Administrator.LAB>
Then you have to install the “HTTP Activation” feature under “.NET Framework 4.5” features.
After a restart of the WSUS service, the WSUS should work again.
Summary
The installation of KB3148812 on a WSUS server will break the WSUS installation. Because of this, Microsoft has published KB3159706. If you install this update (in my case it was installed automatically over WSUS…), you have to execute some manual steps to ensure that WSUS works as expected. The WSUS product team is aware of this and they pointed this out in their blog article “The long-term fix for KB3148812 issues” (you will find a hint directly at top of the blog article).
- Failed to connect to IKEv2 VPN using iPhone USB tethering - June 26, 2023
- Why you should change your KRBTGT password prior disabling RC4 - July 28, 2022
- Use app-only authentication with the Microsoft Graph PowerShell SDK - July 22, 2022
Thank a lot…. I fixed the issue….
thank you so much….it fixed issues of WSUS, which causing this update, after successful uninstall…wsus back to normal working
I fixed the issue.Thanks a lot … :)
Thanks for the info.. Worked like a charm!
Thanks for this article. Had the same problem and after doing the good old google search, your article came up before anything from Microsoft. Your steps worked like a charm and I am back up and running. Thanks again!!
Thanks for this article!
It solved the problem that I have after installing KB3159706.
Update KB3148812 wasn’t installed before.
Thanks! It solved the problem!
Thanks Patrick
Works for me… If HTTP Activation is already installed just Running the command line and restarting WSUS service should do the trick.
Thank you so much for your article.
I had the same issue and your suggestion worked smoothly.
Great job !
that helps – top job – thanks a lot
Perfect post!
Thank You for posting!!
Thank you for taking he trouble to post this – it resolved our issue.
Thank you for this!
I almost cried because of that problem :O
wow, the gratest help, thanks a lot
superb, it works.
Appreciate your generosity of sharing your research. You writeup saved my day! All the best!
Absolute life saver mate! Bravo
Had same issue after much reviewing of errors found your fix and bingo worked perfection!
Thanks, that worked!! Saved me a full re-install of WSUS, which I’ve unfortunately come used to doing when this sort of things happen.
Thanks very much for taking the time to write this blog. It fixed the issue.
Great summary, worked for me! Thanks.
Thanks! Small hiccup in patching messed up wsus. This helped.
Big thanks to you !
Perfect fix for this issue!
Thanks
Thank you so much! After running updates last night my WSUS was cactus until I went through this process.
Had this issue today and this solved the error. Thank you!
great article, indeed. it fixed my issue. thanks a lot.
Thank U :-)
Thank you!
5 * for this job, without you, I would be lost
FIxed the issue. Thank you
Worked like a charm! Thank you!
Awesome. Great job!!
Thank you so much
Thanks. WSUS is running again.
You save my weekend.
Thanks for the post…
Solved my problem!
WSUS Server running on Windows 2012 Server
Thanks, it worked for me.
This fixed it for me, thanks for the tip. WSUS just seems to break about once a year, even in 2017
Thanks for helping with the issue, it resolved my problem , super !!!
It fixed my issue, thank you so much !!!