News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Windows Server 2016 Cannot Install Cumulative Updates

    Posted on Parallax Abstraction Comment on the AskWoody Lounge

    Home Forums Admin IT Lounge Windows Server 2016 Cannot Install Cumulative Updates

    Viewing 11 reply threads
    • Author
      Posts
      • #2307458 Reply
        Parallax Abstraction
        AskWoody Plus

        Hi everyone! I’ve been a long-time lurker here but this issue has me ripping my hair out and I hope someone can assist.

        I have a client with a Windows Server 2016 system on bare metal. It’s been fine since 2017 but in the last couple of months, it’s been failing to install monthly Cumulative Updates for Windows (.NET is fine.) The update will install, it will reboot, the update will fail and it will have to reboot multiple times to undo it. Since this is a bare metal server, this process can take up to 2 hours per attempt.

        I’ve tried all the standard solutions. The Windows Update Troubleshooter, multiple DISM commands, SFC, killing the update cache etc. Nothing has solved this. I took fresh CBS and WindowsUpdate.log files and I can see errors in them but I can’t make heads nor tails of where to try to start troubleshooting to resolve the issue. This server runs a number of things and reloading it from scratch would be a monumental undertaking I’d really rather avoid. I know when Windows Update gets stuck in this install/undo loop, it can sometimes be really gnarly to resolve but I’m hoping someone can help me pinpoint this down. I’ve successfully fixed this kind of issue before but I’ve never seen it be as stubborn as it is on this server.

        Thanks everyone!

        I can’t attach .log or .7z files so here are links to both files on my MEGA drive:

        WindowsUpdate.log: https://mega.nz/file/N8k2iQ4D#xL8WTsG_PwV0lrsm2YjdwSPnfcIIscEga2gtbkKkGHY

        CBS.log: https://mega.nz/file/V1lkUaSK#FsxfKDU6iwy40xp2JFooAF4XwSmeRjkXZHaJxd_hW5c

      • #2307507 Reply
        Susan Bradley
        Da Boss

        What roles does it have?  DC, DHCP etc?

        Susan Bradley Patch Lady

      • #2307675 Reply
        Parallax Abstraction
        AskWoody Plus

        Hey Susan!

        This system is A DC (not the only DC), DNS, DHCP, a file server and runs a line of business application. The latter is what will make reloading this machine a real nightmare.

      • #2307820 Reply
        Paul T
        AskWoody MVP

        Clone it, fire it up as a VM and experiment on the VM. When you have a fix, apply it to the hardware.

        You can use VMware or VirtualBox, even HyperV if you have the right version of Windows. All have conversion utilities.

        cheers, Paul

      • #2307870 Reply
        Parallax Abstraction
        AskWoody Plus

        I can certainly do that and I might. My bigger problem is I don’t know where to go from here on a fix. I’ve tried every solution I could research and nothing’s working. My hope was that someone might see something obvious in the logs that I don’t or has an idea of some specific things to search for that might glean some insights.

      • #2307877 Reply
        Paul T
        AskWoody MVP

        The update log shows you loading updates from MS. Have you tried downloading them to the machine and installing locally?

        cheers, Paul

        p.s. why does your server have internet access? Not best practice.

        p.p.s you can attach zip files.

      • #2307882 Reply
        Parallax Abstraction
        AskWoody Plus

        Yes sorry, I forgot to mention that. I did download the update manually and sadly got the same result. This has happened for a couple of months now.

        I know having Internet access is not best practice. It’s behind a corporate firewall and due to the limitations of this small business, this is an unfortunate requirement.

        Good to know about Zip files. I tried to attach a .7z but I guess it only likes the older school Zip files. 🙂 I’ve attached the two logs in a Zip to make things easier.

        Attachments:
      • #2308405 Reply
        Paul T
        AskWoody MVP

        Most of those errors are registry related, either sharing violation or setting value overlap.

        Can you create a new admin user to install those patches?
        Disable anti virus while patching.
        Clone it to VM so you can remove it from the network to try to eliminate other DC’s / processes using the registry.

        cheers, Paul

        1 user thanked author for this post.
      • #2308456 Reply
        Parallax Abstraction
        AskWoody Plus

        Hunh, registry errors? Very interesting. I can definitely make another admin user and try it that way. I’ll give that a try first and see the results. The anti-virus hasn’t been a problem on the other servers but it’s certainly easy enough to disable here as well. Thanks for the suggestions! I will definitely report the results.

      • #2309162 Reply
        Parallax Abstraction
        AskWoody Plus

        Sadly, creating a new admin account didn’t help. Had a good feeling about that one but alas no. 🙁 Disabling Webroot didn’t help either.

        I’m curious, do you have any examples from the logs of where the registry errors are? I’m just curious if I can see where it’s getting held up. Perhaps I can compare those registry entries against a working server.

        Thank you again.

      • #2309191 Reply
        Paul T
        AskWoody MVP

        The details are in your logs, but there is no specific entry that I could see that might give you a clue.
        That is why I suggested cloning it and trying the update offline.

        cheers, Paul

        1 user thanked author for this post.
      • #2309346 Reply
        Parallax Abstraction
        AskWoody Plus

        Yeah, I would tend to agree at this point. I’m rapidly losing hope that this can be fixed without a reload but hey, at least if it needs it, I can work with the vendor to have that line of business tool migrated to a VM, as it should have been setup with originally. Silver lining I guess. 🙂

        Thanks for your help!

    Viewing 11 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Windows Server 2016 Cannot Install Cumulative Updates

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.