On-Prem WSUS with Azure issues

BatchPatch Forums Home Forums BatchPatch Support Forum On-Prem WSUS with Azure issues

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • December 1, 2021 at 11:21 am #13236
    abeidson
    Participant

    We have migrated some systems to Azure recently and when using batchpatch against them we are getting errors now.

    Wed-06:17:28> Windows Update: Error 1611: -106. Failure
    Wed-06:17:28> Windows Update: -106G: Update search completed with errors: -2145116137
    Wed-06:15:42> Windows Update: Executing BatchPatchRemoteAgent.exe…
    Wed-06:15:41> Windows Update: Attempting to initiate Windows Update (Action: Download updates: ‘SoftwareOnly’ | Server selection: Default / Managed) …
    Wed-06:15:41> Windows Update: Establishing connection…
    Wed-06:15:38> Windows Update: Initializing…
    Wed-06:15:38> Windows Update: Queued…
    Wed-06:15:38> Scheduled Task: Initiating ‘Download available updates’ – Wednesday – 12/01/21 – 06:15.

    I have double checked and there is no firewall between azure and on-prem since they are on the same domain and there is no firewalls enabled on the WSUS or the server in question either. The native Azure VMs that aren’t pointed to the WSUS server work fine via BatchPatch and when I run the updates manually on the servers that fail, it also works fine as well and pulls the patches from the WSUS server. The Get last boot time returns data as well from BatchPatch so just not sure where to go from here.

    December 1, 2021 at 12:27 pm #13237
    doug
    Moderator

    106G means that the target computer was able to communicate with the WSUS, but the search was not able to complete properly. In the past we have only ever seen

    HRESULT -2145124338 => 0x8024000E WU_E_XML_INVALID Windows Update Agent found invalid information in the update's XML data

    However, in your case you’re seeing

    HRESULT -2145116137 => 0x80242017 WU_E_UH_NEW_SERVICING_STACK_REQUIRED The OS servicing stack must be updated before this update is downloaded or installed

    More info at the following link, but I think your easiest option is probably to run Windows Update one time with the server selection in BP set to ‘Windows Update’ or ‘Microsoft Update’. After installing updates that way and rebooting, your check for updates against the managed WSUS should work. If for some reason that doesn’t work then you’ll likely need to locate the standalone servicing stack update that your machines need in the Microsoft Update Catalog directly. Then install it manually or with the Deployment feature in BP.

    More here:
    https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/error-0x80242017-when-installing-kb5004945-from-wsus-but-not/m-p/2524094

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.