Server 2019 Not Updating Cumulative Update | WSUS Cumulative UpdateMultiple Server 2019 Not Updating Cumulative Update. It would just keep trying to download and install.
TLDR;
-Reset-WUComponents.
-remove VMWARE TOOLS
-uninstall all hotfixes to get back to realse-to-manufacturing (rtm)
-reboot
-DISM /Online /Cleanup-Image /RestoreHealth
-sfc /scannow
-reboot
-get-windowsupdate -microsoftupdate -verbose
-install-windowsupdate -mcirosoftupdate -verbose
-install one-by-one; leaving the CUMULATIVE-UPDATE last.
-removed failed drivers from C:\Windows\INF\setupapi.dev.log
-install CUMULATIVE-UPDATE
Story
Tried newest SSU
Tried Reset-WUComponents.
Tried manual reset.
Tried DISM /Online /Cleanup-Image /RestoreHealth
Tried sfc /scannow
Tried sfcfix
Tried dotnet repair.
Tried setting sc query appreadiness to automatic.
Tried Troubleshooter Windows Update.
Tried VM Console (no RDP).
The installation would go through but the reboot would fail with the error message:
"We couldn’t complete the updates. Undoing changes."
Manual intervention was required.
First, let us stop the automatic update so we can inspect what is happening without the system continuously updating:
net stop cryptsvc
net stop bits
net stop wuauserv
Next, let us see what patch/hot-fix is failing:
get-wuhistory
You will see the failed patches/hotfixes/KBArticleIDs.
get-windowsupdate -microsoftupdate -verbose
This will show a list of available. The updates were:
KB4589208 Update for Windows Server 2019
KB5021085 2022-12 Cumulative Update for DotNet
KB2267602 Microsoft Defender Antivirus
KB5022286 2023-01 Cumulative Update January
install-windowsupdate -microsoftupdate -verbose
Install one at a time; select yes to the first and no to the rest. Leaving the last as the Cumulative Update
Let's make sure the services are set to start automatically:
sc query cryptsvc
sc query bits
sc query wuauserv
sc query trustedinstaller
sc qc cryptsvc
sc qc bits
sc qc wuauserv
sc qc trustedinstaller
sc config wuauserv start=auto
sc config bits start=auto
sc config cryptsvc start=auto
sc config trustedinstaller start=auto
(trustedinstaller/"windows module installer" will reset itself to DEMAND_START/"manual" after the Cumulative Update)
cleanmgr
reboot
Try to install the Cumulative Update. We know it will fail but it generate logs on reboot.
install-windowsupdate -microsoftupdate -verbose
Next, we can look at the following logs:
get-windowsupdatelog (this is the overall update log)
c:\windows\logs\cbs.log (this is the details of the update which kicks it off to the reboot log)
c:\windows\logs\cbspersist log (this is the reboot log details when the "Trusted Installer" takes over)
Let's grep/search/findstr for the error:
Get-Content .\CbsPersist_20230125113018.log |findstr /i hresult
Shows the following:
DriverUpdateUninstallUpdates failed [HRESULT = 0x80070003
Let's grep/search/finstr for the error:
get-content C:\Windows\INF\setupapi.dev.log -tail 500 |findstr !
Shows the following:
! sto: Unable to open configuration key for driver package 'oem8.inf'. Error = 0x00000002
! sto: Unable to open configuration key for driver package 'wpdfs.inf'. Error = 0x00000002
! sto: Unable to invalidate all dependent driver configurations. Error = 0x00000002
! idb: Could not locate driver package 'C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_83aa9aebf5dffc96\ntprint.inf' for publishing. Error = 0x00000003
! cpy: Unable to publish 'ntprint.inf_amd64_83aa9aebf5dffc96\ntprint.inf' to 'ntprint.inf' via hardlink. Error = 0x00000003
!!! cpy: Failed to publish 'ntprint.inf_amd64_83aa9aebf5dffc96\ntprint.inf' to 'ntprint.inf'. Error = 0x00000003
!!! idb: Failed to unpublish 'C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_x86_a87eceb9bd76580c\ntprint.inf'. Error = 0x00000003
!!! sto: Failed to unpublish driver package. Error = 0x00000003
!!! sto: Failed to unpublish all driver updates. Error = 0x00000003
!!! idb: Cannot unregister published driver package 'ntprint.inf_amd64_92093dc83a6de3db'. Error = 0x00000032
!!! idb: Failed to unregister driver package 'C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_92093dc83a6de3db\ntprint.inf'. Error = 0x00000032
!!! sto: Failed to delete driver package from Driver Store. Error = 0x00000032
!!! sto: Failed to unstage all driver updates. Error = 0x00000032
! sto: Driver package already imported as 'oem14.inf' (C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_92093dc83a6de3db\ntprint.inf).
! dvi: Access denied from Query and Remove
! dvi: Access denied from Query and Remove
! dvi: Access denied from Query and Remove
! dvi: Access denied from Query and Remove
! dvi: Access denied from Query and Remove
!!! idb: Cannot unregister published driver package 'ntprint.inf_amd64_92093dc83a6de3db'. Error = 0x00000032
!!! idb: Failed to unregister driver package 'C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_92093dc83a6de3db\ntprint.inf'. Error = 0x00000032
!!! sto: Failed to delete driver package from Driver Store. Error = 0x00000032
!!! sto: Failed to unstage all driver updates. Error = 0x00000032
! sto: Driver package already imported as 'oem14.inf' (C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_92093dc83a6de3db\ntprint.inf).
>>> [Delete Device - SWD\PRINTENUM\{D94CF386-60BA-424C-AAC6-92B3F6144E4D}]
>>> Section start 2023/01/25 06:31:48.466
cmd: C:\Windows\System32\spoolsv.exe
! dvi: Access denied from Query and Remove
<<< Section end 2023/01/25 06:31:48.466
<<< [Exit status: SUCCESS]
Looks like it is related to Printers/PrintNightmare.
Remove VMware Tools
-get-package "VMware Tools" |uninstall-package
Get Updates
-get-windowsupdate -microsoftupdate -verbose
Install Updates
-install-windowsupdate -mcirosoftupdate -verbose
===============================
Not sure if this section is needed
Open regedit.exe as Administrator
Load Hive select "C:\Windows\System32\config\DRIVERS"
Enter Key Name "TEMP"
Go to "REGPATH\TEMP\DriverDatabase\DriverInfFiles\ntprint.inf"
Take Ownership of this key.
Grant Administrators Full Control in Permissions.
Edit "Default" remove ntprint.inf_ntprint.inf_amd64_83aa9aebf5dffc96 and ntprint.inf_x86_a87eceb9bd76580c
Edit "Active" enter the remaining key example for my system was "ntprint.inf_amd64_83aa9aebf5dffc96".
Take Ownership and also Delete the referenced package.
HKEY_LOCAL_MACHINE\TEMP\DriverDatabase\DriverPackages\ntprint.inf_amd64_83aa9aebf5dffc96
HKEY_LOCAL_MACHINE\TEMP\DriverDatabase\DriverPackages\ntprint.inf_x86_10ccc41e998ac968
========
Go to "REGPATH\TEMP\DriverDatabase\DriverInfFiles\ntprint4.inf"
Take Ownership of this key.
Grant Administrators Full Control in Permissions.
Edit "Default" remove all data
Edit "Active" remove all data
Take Ownership and also Delete the referenced package.
HKEY_LOCAL_MACHINE\TEMP\DriverDatabase\DriverPackages\ntprint.inf_amd64_83aa9aebf5dffc96
Unload the "TEMP" hive.
============================
https://thatonecomputerguy.wordpress.com/2015/10/06/windows-update-fails-with-error-code-0x80073701-error_sxs_assembly_missing-solved/
Get-Content .\CBS.log |findstr /i hresult
Error CSI 00000042 (F) HRESULT_FROM_WIN32(ERROR_SXS_ASSEMBLY_MISSING) #197922# from Windows::ServicingAPI::CCSITransaction::ICSITransaction_PinDeployment(Flags = 0, a = 6f29c89d491b36146c2ff9acd3327914, version 4.0.15713.815, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}, cb = (null), s = (null), rid = 'Package_2_for_KB5013641~31bf3856ad364e35~amd64~~10.0.3946.2.5013641-38_neutral', rah = '9', manpath = (null), catpath = (null), ed = 0, disp = 0)[gle=0x80073701]
net stop spooler
del %systemroot%\System32\spool\printers\* /Q
HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments
net start spooler
Let's remove the KB:
wusa.exe /uninstall /KB:5013641 /quiet /norestart
Or try to go back to Release To Manufacturing (RTM) by removing all the hotfixes:
(get-hotfix).hotfixid.replace("KB","") | % {& wusa.exe /uninstall /KB:$_ /quiet /norestart}
Sometimes the wusa does not work as well as the remove-windowspackage:
Get-WindowsPackage -Online `
|?{$_.ReleaseType -like "*Update*"} `
|%{Get-WindowsPackage -Online -PackageName $_.PackageName} `
|?{$_.Description -like "*KB5009543*"} `
|Remove-WindowsPackage -Online -NoRestart
Or if you need to remove all the updates to get back to release to manufacturing (rtm):
Get-WindowsPackage -Online `
|?{$_.ReleaseType -like "Update"} `
|Remove-WindowsPackage -Online
Get-WindowsPackage -Online |?{$_.ReleaseType -like "Update"} |%{Get-WindowsPackage -Online -PackageName $_.PackageName} |select
Get-WindowsPackage -Online |?{$_.ReleaseType -like "Update"} |%{Get-WindowsPackage -Online -PackageName $_.PackageName} |Remove-WindowsPackage -Online -NoRestart
Get-WindowsPackage -Online |?{$_.ReleaseType -like "Update"} |%{Get-WindowsPackage -Online -PackageName $_.PackageName} |?{$_.Description -like "*KB3151864*"} |Remove-WindowsPackage -Online -NoRestart