Slashdot Mirror
Windows Server 2016 Has an Update Problem, Users Say
madsci1016 writes: Frustrated with how long my Windows Server 2016 Essentials was taking to apply weekly updates, I turned to the web. A quick search revealed that I'm not alone. Many people are reporting similar experiences across the web. All sharing stories of weekly patching taking hours and sometimes ending in hung welcome screens. Some of these threads started a year ago and are still active, with no response from Microsoft addressing the issue. If you use Server 2016, have you experienced this problem?
10 sec google search and... https://www.thegeneralistit.com/blog/2017/10/28/fixing-windows-server-2016-update-error-0x800705b4/
Often it will say that it needs an update that was installed a year ago
Shocked! I am absolutely shocked to see that Windows is undependable. I had thought its reliability could be trusted for all my business interests, but now I see it only wastes my time to provide excuses for my minimal work output.
You're using Windows, from the makers of Microsoft Bob, as a server OS... What do you expect?
And it's been that way for YEARS. They have yet to get updates right. It's one of the reasons I would NEVER consider running Windows as a server OS. No thanks...
665: The mark on the forehead of Satan's slightly less evil brother, Stan.
Honestly, I can't understand how anyone can feel at ease storing anything of value on Windows.
It wasn't *always* this bad, but now it's a genuine nightmare. What if you need to travel on short notice during an unscheduled half-day-long update? One you didn't want in the first place? Can you imagine typing up or contructing a whole bunch of stuff, for days or weeks only to have it unaccessible when you need it? Waking up to discover the multi-thousand-dollar machine you bought has suddenly broken itself, by some feat of magic? or maybe suddenly decided it doesn't trust your hardware. Somewhere, during the night, your Personal Computer has become suspicious of you, or your setup. Because it thinks you *might* be trying to prevent Microsoft from collecting maximum revenue.
This is what it's like to run Windows in 2018.
2016 definitely has patch speed issues, with the same set of patches taking roughly 20 mins on 2012R2, vs 3+ hours on 2016. So far, this does not appear limited to any particular circumstances, so Essentials suffers the same as Core and Desktop, etc.
One thing that helps speed it up a little is to manually grab the latest cumulative from the WU Catalog, but this still takes a while.
This issue does not appear to be limited to the Windows Server 2016. I have observed 4 hour updates on my wife's Windows 10 desktop and on mine also.
Windows Server 2016 Essentials
It has just the essentials, so Microsoft doesn't consider it essential.
It must have been something you assimilated. . . .
We just disable Windows Defender and updates download, install and reboot in under 20 minutes.
I'm senior sysadmin for a mid sized university system, the update times have increased dramatically since the switch to all rollup updates last fall, that a definitely observable fact. I personally have mixed feelings on it, it definitely speeds the initial patch cycle after a new build, but kinda sucks on machines that in production are patched monthly and likely don't require the full rollup, but the individual patches are no longer easily available. One adjustment we've had to make is to increase the allowable time window that we used to allow for patch installation via our SCCM delivered packages, as well as some minor adjustment of placement of patching windows within our scheduled maintenance windows to ensure that the patches complete in the allowed time.
PSA/Community service:
Here's the missing quick reference card for Windows updates.
If the problem is detecting or downloading the updates, run the powershell command get-windowsupdatelog to make a human readable log file on your desktop. (That half-grumbled thought that just went through your mind.. I agree.)
If the problem is installing an update, the Content Based Servicing (CBS) logs in c:\windows\logs\cbs contain literally insane amounts of data including occasionally a useful error. These are big enough that they choke some text editors. Notepad++ handles them well. (Protip:I grep -v ", Info " to get some idea of what I'm looking for, then dig in with the editor.)
If the problem is installing a driver, those errors end up in c:\windows\inf\setupapi.dev.log.
If the problem is with a feature update:
C:\$Windows.~BT\Sources\panther\setupact.log
C:\$Windows.~BT\Sources\panther\miglog.xml
C:\Windows\setupapi.log
If you get an error code like 0x80070005 that you want to decode to a human readable message you can try Err.exe, the "Microsoft Exchange Server Error Code Look-up" tool. e.g. running err.exe 0x80070005 tells me that winerror.h defines this as E_ACCESSDENIED.
HTH.
Use.
Linux.
aaaaaaa
Why the hell should I need a separate tool just to convert an error code number into an almost helpful string? What on earth is wrong with the Windows dev team?
Bastards, copying Lennux again.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
If you don't want to download a seperate tool to decode error messages, you can use certutil:
C:\>certutil -error 0x80070005
0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED) -- 2147942405 (-2147024891)
Error message text: Access is denied.
CertUtil: -error command completed successfully.
Shocked I tell you!
Who knew windows was full of bugs that Microsoft never fixes?
But seriously, itâ(TM)s the server version of Windows 10. Why the fuck is anyone surprised?
Microsoft under that ape nadalla is just really really shitty. Windows 10 makes me long for the days of NT 4. Seriously.
It seems they're too busy earning money with their cloud services to do Windows right anymore
and they say linux is the OS that is not user-friendly.
On a long enough timeline, the survival rate for everyone drops to zero.
Linux is user friendly. The problem is that not all users are Linux friendly.
> have you experienced this problem?
No because I shit on windows for 15 years and going
Why the hell should I need a separate tool just to convert an error code number into an almost helpful string? What on earth is wrong with the Windows dev team?
Literally everything. They are incompetents who are led down idiotic paths by management. You know IBM has the same kind of error codes, but actually prints what they mean when they display them? When even IBM can manage something and you can't, you know you're a fuckup. Oh, but that's the other thing wrong with Microsoft. They don't even know they're fuckups. They think they've really created something wonderful, and not a Frankenstein horrorshow.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Y'all realise other operating systems, you update on a schedule that works for you, takes about 30 seconds to download the updated packages, another 30 seconds to install and restart everything that needed it, and if it needs a reboot, it lets you know allows you to decide when is good? And doesn't take any longer than a normal boot?
Just saying. It doesn't have to be this way.
I've been saying that since we moved to 2016...
Yeah I have this same issue. Amazing that MS is just completely ignoring this, at least publicly.
We've advised customers to not roll out 2016 until this is resolved.
Is this what Windows wants? I mean you've finally started to get general admins to do updates and now you are going to screw them over so they have to go to the cloud to get usable software?
There appear to be several problems, not just one. But the biggest on the two Windows Server 2016 that I manage, cumulative updates downloaded with Windows Update definitely have issues installing and more often than not fail, if they fail to install I've found the workaround is to manually download the update from the MS website and install it using the stand alone installer. So far I've found this to work if the Windows update fails.
it is what it is. That isn't substantially different from /var/log/yum.log or /var/log/dpkg.log. One day the universe will have consolidated simple human-readable logs.
Unfortunately we'll have been replaced by AIs at that point.
We are in the middle of a month long ordeal trying to get WSUS to cooperate. This is on 2012, not 2016. But I can tell you that after completely rebuilding WSUS, using SQL instead of WID, using various scripts and tools to "optimize" and clean it, checking, double checking and triple checking GP, etc, we still have problems with it.
I could go on and on, but suffice it to say the MS has so broken their update process it's long past being even mildly humorous.
Your post is helpful, but for most of us who have been trying to get that POS WSUS to work for the past few years, there isn't anything new.
I remember when WSUS used to work. I really do. But it seems like in the past year or so, WSUS on any platform, is a disaster. The behavior of the software and how it interacts with clients is nothing less that schizophrenic.
MS has fucked the dog on this.
I use a real server - Linux
We run over +400 Windows Servers and have no problems whatsoever as stated. Only minor issues. Servers rebooting for more than once in a month is not a luxury we can afford. And yet, we delegate the administration to a (crappy) known Indian based company for our back office. Of course, we push the guys and oversee all their work but we have all LATAM operations running smoothly for years. Sorry to disappoint you.
BTW, lots of Linux fanboys around here, huh? I am personally a Unix admirer (not so much for Linux) but I understand ya.