James-if you haven't already done the reinstall, it's probably just permissions. I have a home-grown list of where to check and have seen that before-
IISLogs folder permissions -inherit; +administrators, system (domain admins ok):F; +IUSR_Srvname, IWAM_Srvname, network service:M \WSUS Folder permissions -inherit, +administrators, system (domain admins ok):F, + network service:R Root of the drive that has the \WSUS folder permissions +Network Service:R for this folder only (advanced permissions) \WSUS\WsusContent add permissions +Network Service:M \%systemroot%\Temp add permissions +Network Service:M \%systemroot%\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\ add permissions +Network Service:F \program files\update services permissions -inherit, Administrators, System (Domain Admins ok):F, Wsus Administrators, WSUS Reporters, Network Service:R \Inetpub permissions +inherit, add Network Service:R \Inetpub\wwwroot +inherit, verify users removed and add iis_Wpg:R What I usually see with the DCpromo is that your local groups/users get switched for the domain ones (or vice/versa). Fixing the permissions will fix the problem if you feel like poking through them. Let me know if you need any clarification of my shorthand. -Bonnie From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, July 11, 2008 12:54 PM To: NT System Admin Issues Subject: Re: WSUS Problem after dcpromo Whoops. Well, I can only hope that removing and reinstalling it again will do the trick. ----- Original Message ----- From: [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]> To: NT System Admin Issues<mailto:[email protected]> Sent: Friday, July 11, 2008 3:48 PM Subject: RE: WSUS Problem after dcpromo Take a look at this: http://technet2.microsoft.com/windowsserver/en/library/4244109a-395a-4ff8-9989-ea55ab0964a31033.mspx?mfr=true Issue 9 Chris Bodnar Sr. Windows Systems Engineer Swiftwater, PA X3522 ________________________________ From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, July 11, 2008 3:43 PM To: NT System Admin Issues Subject: WSUS Problem after dcpromo I promoted a stand alone server that happend to also be our WSUS server yesterday and something blew up. I cannot access the WSUS console and computers trying to connect to it are being denied. I pasted the errors I am seeing in the logs. The first two are related to starting the console and WSUS and the other is from computers connecting to it for updates. Looks like a permissions issue but has anyone on this list had this happen to them before? I am going to start looking into more details now. James Event ID 7053 Source Windows Server Update The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists, Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\. System.NullReferenceException -- Object reference not set to an instance of an object. Source Microsoft.UpdateServices.UI.SnapIn Stack Trace: at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ResetScopeNode() For more information, see Help and Support Center at Event ID 7032 Source Windows Server Update The WSUS administration console was unable to connect to the WSUS Server via the remote API. Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service. The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists, Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\. System.IO.IOException -- The handshake failed due to an unexpected packet format. Source System Stack Trace: at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.TlsStream.CallProcessAuthentication(Object state) at System.Threading.ExecutionContext.runTryCode(Object userData) at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) ** this exception was nested inside of the following exception ** System.Net.WebException -- The underlying connection was closed: An unexpected error occurred on a send. Source Microsoft.UpdateServices.Administration Stack Trace: at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args) at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber) at Microsoft.UpdateServices.UI.AdminApiAccess.AdminApiTools.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber) at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.GetUpdateServer(PersistedServerSettings settings) at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer() at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools() For more information, see Help and Support Center at Event ID 1309 Source ASP.NET 2.0xxx Event code: 3005 Event message: An unhandled exception has occurred. Event time: 7/11/2008 3:24:06 PM Event time (UTC): 7/11/2008 7:24:06 PM Event ID: 700aab84d3c94a06b7a280b3a1d83682 Event sequence: 1 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/1/ROOT/SimpleAuthWebService-4673-128602778458743806 Trust level: Application Virtual Path: /SimpleAuthWebService Application Path: c:\Program Files\Update Services\WebServices\SimpleAuthWebService\ Machine name: xxxxxx Process information: Process ID: 3640 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: HttpException Exception message: The current identity (NT AUTHORITY\NETWORK SERVICE) does not have write access to 'C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files'. Request information: Request URL: http://server/SimpleAuthWebService/SimpleAuth.asmx Request path: /SimpleAuthWebService/SimpleAuth.asmx User host address: 192.168.101.xxx User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\NETWORK SERVICE Thread information: Thread ID: 1 Thread account name: NT AUTHORITY\NETWORK SERVICE Is impersonating: False Stack trace: at System.Web.HttpRuntime.SetUpCodegenDirectory(CompilationSection compilationSection) at System.Web.HttpRuntime.HostingInit(HostingEnvironmentFlags hostingFlags) Custom event details: For more information, see Help and Support Center at This communication, including any attachments, is intended solely for the use of the addressee and may contain information which is privileged, confidential, exempt from disclosure under applicable law or subject to copyright. If you are not an intended recipient, any use, disclosure, distribution, reproduction, review or copying is unauthorized and may be unlawful. If you have received this transmission in error, please notify the sender immediately. Thank you. Cette communication,y compris les pieces jointes, est reservee a l'usage exclusif du destinataire et peut contenir des informations privilegiees, confidentielles, exemptees de divulgation selon la loi ou protegees par les droits de publication. Si vous n'etes pas un destinataire, toute utilisation, divulgation, distribution, reproduction, examen ou copie est non-autorisee et peut etre illegale. Si vous avez recu cette communication par erreur, veuillez aviser l'expediteur immediatement. Merci. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
