Why can Win10 Nodes Check In With WSUS But Not Pull Updates (0x8024401c)

5

I have a Windows Server 2016 running WSUS (WID Database). The nodes on my system are all Windows 10 Professional. They are configured through group policy to check the Server 2016 for updates. The nodes and server are not behind a proxy in anyway.

Based on the WSUS Console it shows all the nodes are checking in when I press "Check for Updates". When you look on the node it throws the following message:

There were some problems installing updates, but we'll try again later. If you keep seeing this and want to search the web or contact support for informaiotn, this may help: (0x8024401c)

I have googled this error and I have found little information or none at all for this error. I have tried all of the suggestions I could find but nothing has resolved this issue. What I can make out of the last .ELT file when I open it with word is:

There was an error communicating with the endpoint at http://FQDN:8530/ClientWebService/client.asmx. There was an error receiving the HTTP reply. The operation did not complete within the time allotted.

When I do a Get-WindowsUpdateLog in PowerShell I just get a long list of updates it can't find. No actual communication information.

I can get to that link if I put it in to a browser and the firewall is not blocking WSUS. What am I missing? Can anyone supply me with any other information. I am also still learning how to actually read ELT files using the correct procedure.

EDIT 1: Attempting to run the Characters and WDK10 on the client to interpret the ELT files better.

EDIT 2: Running the tracefmt.exe tool gives me the following Error:

Cannot Open logfile for reading

This happens on everyone. I do see from TraceView from the SDK tool kit that all the events show system times and No Format Information found. Is it connected and not getting this data or is it just looking for all these updates?

wsus
windows-10
windows-server-2016
wsus-offline
asked on Server Fault Feb 28, 2017 by JukEboX • edited Oct 19, 2017 by JukEboX

4 Answers

8

I made the following changes in the IIS Application Pool for the WSUS Page:

  • Queue Length: 25000 from 10000
  • Limit Interval (minutes): 15 from 5
  • "Service Unavailable" Response: TcpLevel from HttpLevel
  • Private Memory Limit (KB): 0 from 18342456

This allowed for a longer amount of time needed for Windows 10 to connect and check for updates, Reset the connections for all machines and allow for more memory for processing of updates which was a suggestion I found on a google search.

answered on Server Fault Mar 2, 2017 by JukEboX
2

All my Windows 10 1607 and Server 2016 1607 had error 0x8024401c.

Some IIS Application Pool tuning tips didn't help.

Running Adamj's "Clean-WSUS" PowerShell 3 Script on the WSUS server solved the problem:

http://community.spiceworks.com/scripts/show/2998-adamj-clean-wsus

https://community.spiceworks.com/topic/1970827-wsus-on-server-2016-windows-10-1607-client-0x8024401c-error

answered on Server Fault Oct 19, 2017 by Peter Feldhammer • edited Oct 19, 2017 by Swisstone
1

Made the following changes in the IIS Application Pool for the WSUS Page:

  • Queue Length: 25000 from 10000
  • Limit Interval (minutes): 15 from 5
  • "Service Unavailable" Response: TcpLevel from HttpLevel
  • Private Memory Limit (KB): 0 from 18342456

August 28, 2017—KB4039396 (OS Build 14393.1670)

Improvements and fixes:

  • Addressed issue with WSUS update metadata processing that can cause some clients to time out with a 0x8024401c error.

  • Increase the ASP.NET timeout

  • Make a copy of \Program Files\Update Services\WebServices\ClientWebService\Web.Config.

  • Open \Program Files\Update Services\WebServices\ClientWebService\Web.Config.

  • Find the element “<httpRunTime”. It will look like this (in an unmodified web.config): <httpRuntime maxRequestLength="4096" />
  • Modify httpRunTime by adding an executionTimeout attribute: <httpRuntime maxRequestLength="4096" executionTimeout="3600" />
  • Save the web.config to a different location and copy the modified one into the directory.
  • From an elevated command prompt, run IISReset to restart IIS.
  • Monitoring WSUS Metadata Caching

One has to be really Patient after IISReset and force some clients to contact WSUS so that cache is rebuild. After cache size is stable it will work

answered on Server Fault Aug 21, 2018 by Sri Gokul Ravichandran • edited Aug 22, 2018 by alexander.polomodov
1

I had created a brand new Windows 2016 domain, added a couple of member servers, and made one of them a WSUS role, just to try it out. After configuring the GPOs and having one of the servers check for updates, WSUS consistently crashed with the 0x80244022 which I guess meant that the worker process had crashed and the service was unavailable. No matter how many times I tried, same result. I just had to change the private memory limit in the app pool recycling settings from 1800 MB to 4,096 MB, restarted the app pool, PROBLEM SOLVED! I then saw that a single Windows 2016 Server can use up to 2.5 GB of that app pool in its initial scan. So basically, Windows 2016 WSUS app pool defaults are obsolete and need to be updated.

answered on Server Fault Dec 14, 2018 by AbeyMarquez

User contributions licensed under CC BY-SA 3.0