KB3148812 + WSUS = Awaria

22 kwietnia 2016 at 08:12

Instalując poprawki na serwerach WSUS pracujących pod kontrolą Windows Server 2012R2 oraz Windows Server 2012 trzeba szczególnie uważać. Dlaczego? Otóż po zainstalowaniu wszystkich poprawek „jak leci” mamy prawie pewność, że w chwili obecnej unieruchomimy na dobre nasze serwery WSUS :(

Po takiej akcji znajdziemy w event logu dziesiątki błędów w stylu:

The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WSUS Service service, but this action failed with the following error:
An instance of the service is already running.”

The WSUS administration console was unable to connect to the WSUS Server via the remote API.
Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.
The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,
Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\.

System.IO.IOException — The handshake failed due to an unexpected packet format.

Source
System

Stack Trace:
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
   at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
   at System.Net.ConnectStream.WriteHeaders(Boolean async)
** this exception was nested inside of the following exception **

System.Net.WebException — The underlying connection was closed: An unexpected error occurred on a send.

Source
Microsoft.UpdateServices.Administration
Stack Trace:
   at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
   at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.GetUpdateServer(PersistedServerSettings settings)
   at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer()
   at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools()

MSDTC encountered an error (HR=0x80000171) while attempting to establish a secure connection with system WSUS.

The WSUS content directory is not accessible.
System.Net.WebException: The remote server returned an error: (404) Not Found.
   at System.Net.HttpWebRequest.GetResponse()
   at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)

I nie będziemy w stanie uruchomić konsolki WSUS’a, chociaz usługa będzie działać i będziemy mogli sie podłączyć do bazy WSUS’a np. poprzez SQL Management Studio.

Standardowo zaczniemy wtedy od deinstalacji poprawek oznaczonych jako „Security” (bo jak coś zwiększa bezpieczeństwo to najczęściej psuje inne rzeczy… :) ). Natomiast w tym akurat wypadku winna jest poprawka: KB3148812

Wyjścia są dwa:

  1. Deinstalacja poprawki: KB3148812
  2. Doinstalowanie ‚ HTTP Activation’ zgodnie z opisem: http://blogs.technet.com/b/wsus/archive/2016/04/22/what-you-need-to-know-about-kb3148812.aspx

+ restart serwera.