Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Server 2016 Has an Update Problem, Users Say

Posted by msmash on from the closer-look dept.

madsci1016 writes: Frustrated with how long my Windows Server 2016 Essentials was taking to apply weekly updates, I turned to the web. A quick search revealed that I'm not alone. Many people are reporting similar experiences across the web. All sharing stories of weekly patching taking hours and sometimes ending in hung welcome screens. Some of these threads started a year ago and are still active, with no response from Microsoft addressing the issue. If you use Server 2016, have you experienced this problem?

43 of 79 comments (clear)

  1. easy peasy by Anonymous Coward · · Score: 1, Informative

    10 sec google search and... https://www.thegeneralistit.com/blog/2017/10/28/fixing-windows-server-2016-update-error-0x800705b4/

    1. Re:easy peasy by Anonymous Coward · · Score: 5, Funny

      5ms google search and... https://www.ubuntu.com/server

    2. Re:easy peasy by Anonymous Coward · · Score: 3, Interesting

      If only that worked

      The only thing I have found that will fix it (at least until it decides to say fuck updates again) is manually install the old update it says it needs, manually reset windows update, and then it will usually update normally for a month or two until it breaks again

      This issue has caused our company to no longer deploy server 2016 and fall back to 2012 R2

    3. Re:easy peasy by DraugTheWhopper · · Score: 2

      How about no, this doesn't apply at all to the question as it was asked. Dishonor on you, and dishonor on your cow.

    4. Re:easy peasy by Anonymous Coward · · Score: 1

      You forgot apt update and apt upgrade. Oh, and apt autoremove.

      Seriously, Windows is broken by design. MS should consider writing everything from scratch. For all we know we've been running broken, bad designed architecture code from the 00's or even earlier.

      Microsoft really should try something new. How about kissing NTFS goodbye and finally do a new FS? Come on MS, quit being lazy fucks.

    5. Re:easy peasy by Anonymous Coward · · Score: 2, Insightful

      Gosh, if only there was some way to restart a process without cycling power

    6. Re:easy peasy by DivineKnight · · Score: 1

      They no longer have a drawing board. They sold it, and used the remaining room for Marketing's Jacuzzi (because that was deemed more important).

    7. Re:easy peasy by Waffle+Iron · · Score: 5, Informative

      Ubuntu wants to update 1-2 times a week

      True enough.

      , and always wants to reboot after.

      Not so true. It needs to reboot after kernel updates and a few other obscure cases. That's more like once every 2 or 3 weeks.

      But more importantly, with Linux, it's just a normal reboot. With WIndows, they put you in a special update purgatory for some unpredictable amount of time both before and after the reboot, possibly well over an hour: "Windows is doing updates XX% done. Do not turn off your PC".

      It's frigging 2018, and they've never figured out how to fix this despite pocketing countless $Billions peddling this OS. WTF?

    8. Re:easy peasy by bangular · · Score: 3, Insightful

      I haven't done Windows administration in a few years, but I'm on the receiving end of Windows update on two PCs as a user. Apt is a brain dead simple package manager compared to the sophistication of windows update.

      In practice, apt is much faster and more predictable. I just received notice of updates for about 60 MB of updates in ubuntu. These took less than a minute to download and install. During the process, I was treated like an adult and the package manager let me know which package it was working on and whether it was downloading or installing. One of the most frustrating things with windows update is not knowing how long it will take. The second most frustrating thing is not knowing if it's stuck or just working on something that takes a long time.

    9. Re:easy peasy by MoarSauce123 · · Score: 1

      Did this, doesn't help. I had some success using sconfig to get and install updates, but there is 0 feedback and it still takes hours to complete, but at least it works. Using the GUI constantly ends up in some cryptic error and a Retry button. Reboots don't do much either. What works at times is to wait four to five days with the Retry screen up. I had it complete the updates on its own. Still, this should not take longer than 10 minutes and no matter what the update is have be applied without requiring a reboot. Linux can do it.

    10. Re:easy peasy by Anonymous Coward · · Score: 1

      I think complexity is a beter term than sophistication for windows update. I use the word sophistication for the simplicity of apt.

    11. Re:easy peasy by b0bby · · Score: 1

      Yes! I mostly maintain CentOS but last year we needed AD so I added a few Server 2016 machines. They aren't all that bad, especially since by default you don't need to install the GUI, but the primitive update process is baffling. You have no idea how long it's going to take for the machine to come back once you start the reboot. Luckily I only have a few to deal with. It really makes you appreciate yum or apt.

    12. Re:easy peasy by chrish · · Score: 5, Insightful

      Got a decent (that is, less awful to set up, configure, and administer) replacement for Exchange/Outlook?

      I mean, MS is trying to make this easier for us by having Windows Server and Outlook constantly get worse (our two most common platforms are Mac OS X and Android; Outlook is half-assed garbage on Mac and a complete joke on Android).

      My yearly search for a decent email client always leads me back to Thunderbird, which is fine, but the mess of ultra-complex garbage suggested to replace Exchange is insane. We've got a hosting company to look after AD and Exchange for us, so a replacement has to be easy.

      G-Suite might do it, but we need self-hosted, we don't want Google reading all of our email and whatnot.

      --
      - chrish
    13. Re:easy peasy by lgw · · Score: 1

      Sure, but as a user I reboot Windows once a month, on a predictable day, and Ubuntu twice a month somewhat randomly. Definitely room for improvement there.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    14. Re:easy peasy by pnutjam · · Score: 1

      If only apt was as good a zypper...

      --
      Cheap storage VM.
    15. Re: easy peasy by andrew.j.borell · · Score: 2

      No, it is just that easy. And forget about OX if you dont have 10,000 users unless you want to go full cloud. Deploying dovecot and postfix on a headless ubuntu server is well documented. If you dont ldap, then ispconfig is super easy and covers all your basics. Otherwise, certs are covered by letsencrypt/certbot. Postfix smtp is protected by saslauthd. Spamassasin is called on-demand by amavis and updates each night. Just need to be sure you have your own local caching server for DNS or your free spamhaus RBL will not work very well if at all. An affordable groupware that I think is well rounded is OnlyOffice -- it's super nice and partially integrates with nextcloud if you are into that. Also in place of activesync you can use Z-push. There is literally an alternative for everything if you are brave enough to RYO and work out of command line to create inboxes and aliases cuz I have never seen a good ui outside of full blown groupware.

    16. Re: easy peasy by andrew.j.borell · · Score: 1

      Onlyoffice is very nice and affordable. It would be my "go to" if I was abandoning MS on a budget.

  2. WHAT? by Anonymous Coward · · Score: 1

    Shocked! I am absolutely shocked to see that Windows is undependable. I had thought its reliability could be trusted for all my business interests, but now I see it only wastes my time to provide excuses for my minimal work output.

  3. Re:If it even loads updates by Anonymous Coward · · Score: 2, Informative

    The problem is a bad signature for Windows Defender, you need to check Advanced Options > Load Updates for other Microsoft products

    nothing new here, has been a solved issue for desktop OS for a while

    fwiw, this is what happens when you try to deliver secure products, some people would rather have easy than secure

  4. Well... by Anonymous Coward · · Score: 1

    You're using Windows, from the makers of Microsoft Bob, as a server OS... What do you expect?

  5. Windows. has an update problem by Halo5 · · Score: 3, Insightful

    And it's been that way for YEARS. They have yet to get updates right. It's one of the reasons I would NEVER consider running Windows as a server OS. No thanks...

    --
    665: The mark on the forehead of Satan's slightly less evil brother, Stan.
    1. Re:Windows. has an update problem by greenwow · · Score: 5, Informative

      I found a method that's worked every time on >250 servers since I found it a couple of months ago. Before that, I used to have interns just hit retry over and over and over again for days. That was dangerous since we have to give them admin access.

      https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc

      Install the PowerShell module then run:

      Get-WUInstall -AcceptAll -KBArticleID KB

      Updates like KB4088889 that would usually fail dozens of times, always work using that method. It's just too bad that Microsoft can't have Windows Update do what that PowerShell module does so well.

    2. Re:Windows. has an update problem by Anonymous Coward · · Score: 1

      I wondered how far down I would have to read to find a post by an actual sysadmin.

    3. Re:Windows. has an update problem by Bert64 · · Score: 1

      Frequently you have updates which are shown as installed, but manual checks reveal they aren't installed fully or correctly...
      Take a large network with WSUS updating everything where wsus reports everything is up to date, and do an authenticated patch audit with a tool like nessus (which manually checks the files and doesnt rely on the windows update apis), you'll get discrepancies.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    4. Re:Windows. has an update problem by greenwow · · Score: 1

      We're in Seattle and bought a company that has a 25+ year old Microsoft app with an almost twenty year-old web component. You try finding enough good Java or other developers in this area to rewrite a large 500+k line legacy system.

  6. Windows is such a Garbage OS by Anonymous Coward · · Score: 3, Interesting

    Honestly, I can't understand how anyone can feel at ease storing anything of value on Windows.

    It wasn't *always* this bad, but now it's a genuine nightmare. What if you need to travel on short notice during an unscheduled half-day-long update? One you didn't want in the first place? Can you imagine typing up or contructing a whole bunch of stuff, for days or weeks only to have it unaccessible when you need it? Waking up to discover the multi-thousand-dollar machine you bought has suddenly broken itself, by some feat of magic? or maybe suddenly decided it doesn't trust your hardware. Somewhere, during the night, your Personal Computer has become suspicious of you, or your setup. Because it thinks you *might* be trying to prevent Microsoft from collecting maximum revenue.

    This is what it's like to run Windows in 2018.

    1. Re:Windows is such a Garbage OS by sad_ · · Score: 1

      wasn't always this bad?

      you just described windows how it has always been. it's been a pos for as long as i know it.

      --
      On a long enough timeline, the survival rate for everyone drops to zero.
  7. Yes by DraugTheWhopper · · Score: 3, Informative

    2016 definitely has patch speed issues, with the same set of patches taking roughly 20 mins on 2012R2, vs 3+ hours on 2016. So far, this does not appear limited to any particular circumstances, so Essentials suffers the same as Core and Desktop, etc.

    One thing that helps speed it up a little is to manually grab the latest cumulative from the WU Catalog, but this still takes a while.

  8. Windows 10 Desktop Has a Similar Problem by kmassare · · Score: 3, Interesting

    This issue does not appear to be limited to the Windows Server 2016. I have observed 4 hour updates on my wife's Windows 10 desktop and on mine also.

    1. Re:Windows 10 Desktop Has a Similar Problem by rastos1 · · Score: 2

      In my opinion the culprit is Defender. I regularly test installation of a software suite that has the installation source of more than 2GB and it takes forever until W10 decides to actually start the installation. This is the case even though the installed files are signed and were copied from a network share to local disk - which triggers the Defender check first time. And I believe that Defender spends ages to verify even files signed by Microsoft.

  9. The problem is essentially this: by fahrbot-bot · · Score: 1

    Windows Server 2016 Essentials

    It has just the essentials, so Microsoft doesn't consider it essential.

    --
    It must have been something you assimilated. . . .
  10. It's the switch to rollup updates by Bugler412 · · Score: 4, Informative

    I'm senior sysadmin for a mid sized university system, the update times have increased dramatically since the switch to all rollup updates last fall, that a definitely observable fact. I personally have mixed feelings on it, it definitely speeds the initial patch cycle after a new build, but kinda sucks on machines that in production are patched monthly and likely don't require the full rollup, but the individual patches are no longer easily available. One adjustment we've had to make is to increase the allowable time window that we used to allow for patch installation via our SCCM delivered packages, as well as some minor adjustment of placement of patching windows within our scheduled maintenance windows to ensure that the patches complete in the allowed time.

  11. 30 second guide to troubleshooting Windows Updates by ElizabethGreene · · Score: 4, Informative

    PSA/Community service:

    Here's the missing quick reference card for Windows updates.

    If the problem is detecting or downloading the updates, run the powershell command get-windowsupdatelog to make a human readable log file on your desktop. (That half-grumbled thought that just went through your mind.. I agree.)

    If the problem is installing an update, the Content Based Servicing (CBS) logs in c:\windows\logs\cbs contain literally insane amounts of data including occasionally a useful error. These are big enough that they choke some text editors. Notepad++ handles them well. (Protip:I grep -v ", Info " to get some idea of what I'm looking for, then dig in with the editor.)

    If the problem is installing a driver, those errors end up in c:\windows\inf\setupapi.dev.log.

    If the problem is with a feature update:
    C:\$Windows.~BT\Sources\panther\setupact.log
    C:\$Windows.~BT\Sources\panther\miglog.xml
    C:\Windows\setupapi.log

    If you get an error code like 0x80070005 that you want to decode to a human readable message you can try Err.exe, the "Microsoft Exchange Server Error Code Look-up" tool. e.g. running err.exe 0x80070005 tells me that winerror.h defines this as E_ACCESSDENIED.

    HTH.

  12. Linux. by stooo · · Score: 1

    Use.
    Linux.

    --
    aaaaaaa
  13. Re:30 second guide to troubleshooting Windows Upda by Hognoxious · · Score: 2

    Why the hell should I need a separate tool just to convert an error code number into an almost helpful string?

    Bastards, copying Lennux again.

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  14. Re:30 second guide to troubleshooting Windows Upda by Anonymous Coward · · Score: 2, Informative

    If you don't want to download a seperate tool to decode error messages, you can use certutil:

    C:\>certutil -error 0x80070005
    0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED) -- 2147942405 (-2147024891)
    Error message text: Access is denied.
    CertUtil: -error command completed successfully.

  15. Re:If it even loads updates by Jetboy01 · · Score: 1

    That's one of the errors, the other hundred ways it can fail don't have a simple solution.

    Sorry, try again, better luck next time.

  16. Windows QA is just terrible these days by iampiti · · Score: 1

    It seems they're too busy earning money with their cloud services to do Windows right anymore

    1. Re:Windows QA is just terrible these days by drinkypoo · · Score: 1

      It seems they're too busy earning money with their cloud services to do Windows right anymore

      Anymore? When have they ever done Windows right? NT 3.51, I guess?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  17. Re:30 second guide to troubleshooting Windows Upda by sad_ · · Score: 1

    and they say linux is the OS that is not user-friendly.

    --
    On a long enough timeline, the survival rate for everyone drops to zero.
  18. Re:30 second guide to troubleshooting Windows Upda by drinkypoo · · Score: 1

    Why the hell should I need a separate tool just to convert an error code number into an almost helpful string? What on earth is wrong with the Windows dev team?

    Literally everything. They are incompetents who are led down idiotic paths by management. You know IBM has the same kind of error codes, but actually prints what they mean when they display them? When even IBM can manage something and you can't, you know you're a fuckup. Oh, but that's the other thing wrong with Microsoft. They don't even know they're fuckups. They think they've really created something wonderful, and not a Frankenstein horrorshow.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  19. Cumulative update have serious problems by NormAtHome · · Score: 2

    There appear to be several problems, not just one. But the biggest on the two Windows Server 2016 that I manage, cumulative updates downloaded with Windows Update definitely have issues installing and more often than not fail, if they fail to install I've found the workaround is to manually download the update from the MS website and install it using the stand alone installer. So far I've found this to work if the Windows update fails.

  20. Re:30 second guide to troubleshooting Windows Upda by ElizabethGreene · · Score: 1

    it is what it is. That isn't substantially different from /var/log/yum.log or /var/log/dpkg.log. One day the universe will have consolidated simple human-readable logs. Unfortunately we'll have been replaced by AIs at that point.