Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Server 2016 Has an Update Problem, Users Say

Posted by msmash on from the closer-look dept.

madsci1016 writes: Frustrated with how long my Windows Server 2016 Essentials was taking to apply weekly updates, I turned to the web. A quick search revealed that I'm not alone. Many people are reporting similar experiences across the web. All sharing stories of weekly patching taking hours and sometimes ending in hung welcome screens. Some of these threads started a year ago and are still active, with no response from Microsoft addressing the issue. If you use Server 2016, have you experienced this problem?

8 of 79 comments (clear)

  1. easy peasy by Anonymous Coward · · Score: 1, Informative

    10 sec google search and... https://www.thegeneralistit.com/blog/2017/10/28/fixing-windows-server-2016-update-error-0x800705b4/

    1. Re:easy peasy by Waffle+Iron · · Score: 5, Informative

      Ubuntu wants to update 1-2 times a week

      True enough.

      , and always wants to reboot after.

      Not so true. It needs to reboot after kernel updates and a few other obscure cases. That's more like once every 2 or 3 weeks.

      But more importantly, with Linux, it's just a normal reboot. With WIndows, they put you in a special update purgatory for some unpredictable amount of time both before and after the reboot, possibly well over an hour: "Windows is doing updates XX% done. Do not turn off your PC".

      It's frigging 2018, and they've never figured out how to fix this despite pocketing countless $Billions peddling this OS. WTF?

  2. Re:If it even loads updates by Anonymous Coward · · Score: 2, Informative

    The problem is a bad signature for Windows Defender, you need to check Advanced Options > Load Updates for other Microsoft products

    nothing new here, has been a solved issue for desktop OS for a while

    fwiw, this is what happens when you try to deliver secure products, some people would rather have easy than secure

  3. Re:Windows. has an update problem by greenwow · · Score: 5, Informative

    I found a method that's worked every time on >250 servers since I found it a couple of months ago. Before that, I used to have interns just hit retry over and over and over again for days. That was dangerous since we have to give them admin access.

    https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc

    Install the PowerShell module then run:

    Get-WUInstall -AcceptAll -KBArticleID KB

    Updates like KB4088889 that would usually fail dozens of times, always work using that method. It's just too bad that Microsoft can't have Windows Update do what that PowerShell module does so well.

  4. Yes by DraugTheWhopper · · Score: 3, Informative

    2016 definitely has patch speed issues, with the same set of patches taking roughly 20 mins on 2012R2, vs 3+ hours on 2016. So far, this does not appear limited to any particular circumstances, so Essentials suffers the same as Core and Desktop, etc.

    One thing that helps speed it up a little is to manually grab the latest cumulative from the WU Catalog, but this still takes a while.

  5. It's the switch to rollup updates by Bugler412 · · Score: 4, Informative

    I'm senior sysadmin for a mid sized university system, the update times have increased dramatically since the switch to all rollup updates last fall, that a definitely observable fact. I personally have mixed feelings on it, it definitely speeds the initial patch cycle after a new build, but kinda sucks on machines that in production are patched monthly and likely don't require the full rollup, but the individual patches are no longer easily available. One adjustment we've had to make is to increase the allowable time window that we used to allow for patch installation via our SCCM delivered packages, as well as some minor adjustment of placement of patching windows within our scheduled maintenance windows to ensure that the patches complete in the allowed time.

  6. 30 second guide to troubleshooting Windows Updates by ElizabethGreene · · Score: 4, Informative

    PSA/Community service:

    Here's the missing quick reference card for Windows updates.

    If the problem is detecting or downloading the updates, run the powershell command get-windowsupdatelog to make a human readable log file on your desktop. (That half-grumbled thought that just went through your mind.. I agree.)

    If the problem is installing an update, the Content Based Servicing (CBS) logs in c:\windows\logs\cbs contain literally insane amounts of data including occasionally a useful error. These are big enough that they choke some text editors. Notepad++ handles them well. (Protip:I grep -v ", Info " to get some idea of what I'm looking for, then dig in with the editor.)

    If the problem is installing a driver, those errors end up in c:\windows\inf\setupapi.dev.log.

    If the problem is with a feature update:
    C:\$Windows.~BT\Sources\panther\setupact.log
    C:\$Windows.~BT\Sources\panther\miglog.xml
    C:\Windows\setupapi.log

    If you get an error code like 0x80070005 that you want to decode to a human readable message you can try Err.exe, the "Microsoft Exchange Server Error Code Look-up" tool. e.g. running err.exe 0x80070005 tells me that winerror.h defines this as E_ACCESSDENIED.

    HTH.

  7. Re:30 second guide to troubleshooting Windows Upda by Anonymous Coward · · Score: 2, Informative

    If you don't want to download a seperate tool to decode error messages, you can use certutil:

    C:\>certutil -error 0x80070005
    0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED) -- 2147942405 (-2147024891)
    Error message text: Access is denied.
    CertUtil: -error command completed successfully.