Colin Weeks July 16, 2017 No Comments

WSUS With Windows 10 1607

There was a case where a 2012 R2 server was being used to deploy Windows updates via WSUS to centrally manage client update approvals. Once the Windows 10 classification was added the WSUS console would not open. When connecting to the console an error stating that it could not connect to the database.

After further investigation and testing, it appeared that a recent update to the server had caused the issue. Specifically, the Windows update KB3159706 had caused this issue. This update appears to enable the new decryption feature in Windows 10 so that it can natively decrypt ESD files. After uninstalling this update the console worked as normal, however, the Windows 10 1607 machines weren’t appearing in the console correctly and updates weren’t applying correctly.

To resolve this issue, following steps were carried out:

  • Ensured that the April 2014 rollup was installed on the server KB2919355 along with KB3095113.
  • Installed KB3159706 on the server and restarted.
  • Opened an elevated command prompt and then ran following command “C:\Program Files\Update Services\Tools\wsusutil.exe postinstall /servicing”
  • Enabled HTTP Activation in roles and features within server manager.
  • Restarted the WSUS service.

Once the above steps had been completed, the console opened correctly and you could view all the Windows 10 1607 devices along with their associated updates. The WSUS console was able to push out Windows patches to Windows 10 machines correctly.

Reference : https://support.microsoft.com/en-us/help/3159706/update-enables-esd-decryption-provision-in-wsus-in-windows-server-2012-and-windows-server-2012-r2