Problem
- A previously working WSUS console reports Error: Connection error, when you try and run the WSUS Cleanup wizard, or when you try and decline or delete obselete / superceeded updates
- The message is displayed around 3 minutes from when you started the operation
Example:
Products
- WSUS on Windows Server 2012 R2 with or without SCCM being installed on the same instance or Windows
Cause
- The WSUS database engine may run out of memory
- All WSUS operations must complete within a hard coded 3 minute timeout period
Resolutions
Try each resolution in order to resolve the issue.
- Consider check-pointing the virtual machine so that you can roll-back changes, if required
Remove the Wsus Application Pool memory limit
- Open IIS
- Go to Application Pools
- Change the Advanced Settings on the WSUS Application Pool, WsusPool
- Change the Private Memory Limit (KB) to 0 - this removes the memory limit
- Stop and then start the WsusPool.
- Restart the WSUS Service service again, from Computer Management > Services.
- Ensure that the virtual machine has sufficient RAM - typically WSUS needs 10-12GB of RAM, or WSUS and SCCM together may need 32GB of RAM
Re-Index the Database (Applies to Windows Internal Database Systems only)
This fix uses a Microsoft SQL Server Instance to perform scripted maintenance operations on the SUSDB, as a Windows Internal Database (WID) MDF file.
- Open Regedit
- Go to HKEY_LOCAL_MACHINE\Software\Microsoft/Update Services\Server\Setup\Installed Role Services
- Confirm the presence of a REG_DWORD Key called UpdateServices-WidDatabase
- If you do not have this registry key, your database is using the SQL database engine and you should skip the rest of this resolution
- Confirm the presence of the SUSDB WID database in C:\Windows\WID\Data
- Make sure that your SQL Server instance is set to allow Named Pipes connection
- To do this, open Microsoft SQL Server Configuration Manager
- Find SQL Server Network Configuration in the Tree
- Enable Named Pipes on the right hand side
- Restart the SQL Server Services
sqlcmd -S np:\\.\pipe\MICROSOFT##WID\tsql\query -i WsusDBMaintenance.sql
- Alternatively, from the attached files, run optimise_db.bat from an Administrative Command Prompt. This uses the Microsoft WSUS Reindexing Script stored in WsusDBMaintenance.SQL
Attempt to use Powershell to perform a WSUS Cleanup
- Open PowerShell ISE as an Administrator
- Paste and then run the following code (also attached):
Import-Module -Name UpdateServices
[reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")` | out-null
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer();
$cleanupScope = new-object Microsoft.UpdateServices.Administration.CleanupScope;
$cleanupScope.DeclineSupersededUpdates = $true
$cleanupScope.DeclineExpiredUpdates = $true
$cleanupScope.CleanupObsoleteUpdates = $true
$cleanupScope.CompressUpdates = $true
$cleanupScope.CleanupObsoleteComputers = $true
$cleanupScope.CleanupUnneededContentFiles = $true
$cleanupManager = $wsus.GetCleanupManager();
$cleanupManager.PerformCleanup($cleanupScope);
Manually cleanup the WID database using a SQL Script
- You should have already attempted resolution 2 which will have installed the SQL CMD Utilities
- If not, install the SQLCMD utilities including all of the pre-requisites
- Run the clean_db.bat in an Administrative command prompt - this will call the following:
sqlcmd -S np:\\.\pipe\MICROSOFT##WID\tsql\query -i WsusDBCleanup.sql
- This should also delete any files as required on disk, as it uses Wsus commands to delete un-required updates from the database.
- This script deletes up to 250 updates per run. You may need to run it more than once.
Credits:
Applies to:
- WSUS Servers running on Windows Server 2012 R2
