Windows Server Update Services Logo
On a fresh or existing WSUS install, you may notice that the WSUS Administrator MMC applet stops functioning and present the error “Error: Connection Error – An error occurred trying to connect to the WSUS Server.”
I originally experienced this on Windows Server Update Services running on Windows Server 2012 R2 and applied the fix. Recently, I deployed Windows Server Update Services on a new Windows Server 2019 – Server Core install, and experienced this issue during the first synchronization. Before realizing what the issue was, I attempted to re-install WSUS and IIS from scratch numerous times until I came across old notes. One would have thought they would have resolved this issue on a new server operating system.
When the issue occurs, all processes will appear to be running on the server. Looking at the server event log, you’ll notice multiple application errors:
Event ID: 13042 - Windows Server Update Services Description: Self-update is not working.
Event ID: 12002 - Windows Server Update Services Description: The Reporting Web Service is not working.
Event ID: 12012 - Windows Server Update Services Description: The API Remoting Web Service is not working.
Event ID: 12032 - Windows Server Update Services Description: The Server Synchronization Web Service is not working.
Event ID: 12022 - Windows Server Update Services Description: The Client Web Service is not working.
Event ID: 12042 - Windows Server Update Services Description: The SimpleAuth Web Service is not working.
Event ID: 12052 - Windows Server Update Services Description: The DSS Authentication Web Service is not working.
Event ID: 12072 - Windows Server Update Services Description: The WSUS content directory is not accessible. System.Net.WebException: The remote server returned an error: (503) Server Unavailable. at System.Net.HttpWebRequest.GetResponse() at Microsoft.UpdateServices.Internal.HealthMonitoring.HmtWebServices.CheckContentDirWebAccess(EventLoggingType type, HealthEventLogger logger)
You will also see the below error message when attempting to use the WSUS MMC.
This issue occurs because the WSUS application pool in IIS “WsusPool” has reached it’s maximum private memory limit and attempts to recycle the memory usage.
Ultimately I believe this causes the IIS worker process to crash since it has run out of memory, and the pending command (whether it’s a synchronization or something else) fails to complete.
Previously, I noticed database corruption on a WSUS SQL Express database when this issue occurred, so I recommend applying the fix on a fresh install of WSUS.
To resolve this issue, we need to adjust the max
The issue should now be resolved and your WSUS server should no longer be crashing.
If you are applying this fix on a Server Core install, you’ll need to connect remotely to the IIS instance to apply the fix.
While most of us frequently deploy new ESXi hosts, a question and task not oftenly discussed is how to properly decommission a VMware ESXi host. Some might be surprised to… Read More
This guide will outline the instructions to Disable the VMware Horizon Session Bar. These instructions can be used to disable the Horizon Session Bar (also known as the Horizon Client… Read More
Normally, any VMs that are NVIDIA vGPU enabled have to be manually migrated with manual vMotion if a host is placed in to maintenance mode, to evacuate the host. While… Read More
You may experience GPU issues with the VMware Horizon Indirect Display Driver in your environment when using 3rd party applications which incorrectly utilize the incorrect display adapter. This results with… Read More
Today we're going to cover a powerful little NAS being used with VMware; the Synology DS923+ VMware vSphere Use case and Configuration. This little (but powerful) NAS is perfect for… Read More
Today we'll go over how to install the vSphere vCenter Root Certificate on your client system. Certificates are designed to verify the identity of the systems, software, and/or resources we… Read More
View Comments
Thanks! I found a lot of bad advice about this problem but you nailed it. And, like you, I am astonished that a problem, and misleading messages that give you no clue, that was in 2012 is still in 2019!
You can do this in powershell, on the WSUS box, without needing the IIS management console.
PS > import-module webadministration
PS > Set-ItemProperty IIS:\AppPools\WsusPool -Name recycling.periodicrestart.privateMemory -Value 0
PS > iisreset
This way if your WSUS box is on Server Core you don't need to have a workstation/gui handy to make 1 config change.
Awesome! Thanks Griff! :)
Thank you for this fix, it looks like Microsoft, in their testing, underestimated the amount of memory the WSUS app pool required for sound operations post the initial configuration and syncing. I say that because doing all the post configuration tasks went smoothly and the initial syncing went smoothly. But after I added client desktop computers into the mix WSUS went over the cliff.
Thanks, nice painkiller for the headache i was greeted by my server this morning.
Great! you save me!
Was moving from a 2016 to 2019 Windows server and was having all type of issues with getting it to work correctly. This helped me understand where the issue was and how to fix it.
Thanks, Stephen!!!
Awesome its works
This fixed a lot of issues with WSUS. And thanks to the Griff for the PS code!
you can also just use PowerShell instead of GUI.
Set-ItemProperty IIS:\AppPools\WSUSPool -Name recycling.periodicrestart.privateMemory -Value 0
Thanks Max!
Perfect thanks for this. Had me scratching my head :)
Thanks, but this is not working at my WSUS Server.
Worked for me! Thank you so much.
Worked like a charm! Thank you so much!
This + The following steps resolved it for me:
- Launch IIS Manager
- Open "Application Pools"
- Right click "WsusPool"
- Select "Advanced Settings..."
- Change (General) Queue Length from 1,000 (Default) to 25,000
- Change (Rapid-Fail Protection) Service Unavailable from "HttpLevel" (Default) to Reponse to "TcpLevel"
- Change (Rapid-Fail Protection) Failure Internal (minutes) from (Default) "5" to "30"
- Change (Rapid-Fail Protection) Maximum Failures from (Default) "5" to "30"
Press "OK"
- CLI "iisreset"
Fixed my issue, I had roughly 1800000KB set.
Changed that to 0 reset IIS in cmd, launched WSUS all set.