Had to do a migration Windows Server Update Services (WSUS) Migration from 2008 R2 to 2012 R2
WSUS 3.2 Windows Server 2008 R2 to WSUS 6.3 Windows Server 2012 R2
Criteria’s has to be Met in my case.
- Retain Same Name.
- Retain Same IP.
- Retain Same Port – WSUS currently Running on Port 80.
- Downstream servers will be migrated later.
Use can use the Same methods to bring a new Server and do the same process. it shouldn’t be a issue.
Tasks –
- Take SQL Backup
- Copy WSUSContent Binaries.
- Install Test Windows Server , Test Domain , Install WSUS Role to verify it imports the database ok on 2012R2 . (Optional)
- Collected Local Administrators to manually Apply it Again on New server.
- Build New Server
- Restore SQL Database , WSUS Binaries on New Server.
- Verify Downstream servers.
- Verify Client Machines.
Step 1 –
Take SQL Backup .bak file of WSUS internal Database.
Login to Windows 2008 R2
Download SQL Server management Studio and install it .
Connect it to the Windows internal Database and take a backup of it.
Login as WSUS administrator. Run SQL Management Studio as Administrator
Server Instance
\\.\pipe\mssql$microsoft##ssee\sql\query
Windows Authentication
Choose Copy-Only Backup
Step 2 –
Copy WSUSContent Binaries.
Copy WSUSContent Folder to Safe Location for avoiding downloading the binaries again.
Step 3 –
Collected Local Administrators to manually Apply it Again on New server.
Step 4 – (Optional if you don’t want to retain Same Name,IP)
- Turned off Old WSUS server.
- Renamed the VM
- Removed Active Directory Account
- Built the WSUS Server with Same Name, Same IP
- Installed WSUS Role . Next Next Leave everything default (Specified Store Updates D:\WSUS in my case).
Enter the Path to store Upates
Step 5 –
Restore SQL Database on New Server.
Login as WSUS administrator. Run SQL Management Studio as Administrator
Server Instance
\\.\pipe\Microsoft##WID\tsql\query
Windows Authentication
Take a Backup of the Default Database.
Run the Query to Drop the Default Database –
USE master GO ALTER DATABASE SUSDB SET SINGLE_USER WITH ROLLBACK IMMEDIATE GO DROP DATABASE SUSDB GO
Placed the Backup as below location on the new server – C:\WsusBackup\SUSDB.bak’
Run the Query to Restore the Database –
RESTORE DATABASE [SUSDB] FROM DISK = N'C:\WsusBackup\SUSDB.bak' WITH FILE = 1, MOVE N'SUSDB' TO N'c:\Windows\WID\Data\susdb.mdf', MOVE N'SUSDB_log' TO N'c:\Windows\WID\Data\SUSDB_log.ldf', NOUNLOAD, STATS = 10
Copy the WSUSContent Binaries Folder – Merge it on the New server – Same location .
Then Run below
Cd “C:\Program Files\Update Services\Tools”
.\WsusUtil.exe postinstall CONTENT_DIR=D:\WSUS
Open Powershell ISE Run as Administrator
Make WSUS as Active.
$updateServer = get-wsusserver $config = $updateServer.GetConfiguration() $config.ServerId = [System.Guid]::NewGuid() $config.Save()
Do Post Install for Completion
.\WsusUtil.exe postinstall
if you don’t want to use the default Port. and use Port 80 for Updates (Optional)
Run below
.\WsusUtil.exe usecustomwebsite false
Step 6 –
Verify Downstream servers.
Now if you have downstream servers. Run Sync it should sync to verify things are fine.
if it doesn’t work
Try Unchecking Replica and put it back . Run Sync again.
If you used a different name, Update the same.
Default Ports WSUS _ Reference
- On WSUS 3.2 and earlier, port 80 for HTTP and 443 for HTTPS.
- On WSUS 6.2 and later , port 8530 for HTTP and 8531 for HTTPS
Step 7 –
Verify Client Machines.
Login to a client Machine Windows 7.
Run
wuaclt.exe /detectnow
wuaclt.exe /reportnow
C:\Windows\WindowsUpdate.log
To verify If it connects ok .
Try to Approve some patches and download.
Known Issues 1 – WSUS 2012 R2
After Windows Updates . Databases didn’t Start up.
Log Name: Application
Source: MSSQL$MICROSOFT##WID
Event ID: 18456
Task Category: Logon
Level: Information
Keywords: Classic,Audit Failure
User: NETWORK SERVICE
Description:
Login failed for user ‘NT AUTHORITY\NETWORK SERVICE’. Reason: Failed to open the explicitly specified database ‘SUSDB’. [CLIENT: <named pipe>]
Get-Hotfix -ID KB3159706
Found its installed.
Ran below steps;
- Open an elevated Command Prompt and run “C:\Program Files\Update Services\Tools\wsusutil.exe” postinstall /servicing
- Enable HTTP Activation under .NET Framework 4.5 Features in the Server Manager Add Roles and Features Wizard
- Restart the WSUS service
Known Issues 2 – Windows 10 Update Error 0x80070643 Client Side.
Resolution-
Resetting Windows Client Update Components (For Client Side Only)-
Please follow the below steps to reset the Windows Updates Components:
- Press Windows Key + X on the keyboard and then select “Command Prompt (Admin)” from the menu.
- Stop the BITS, Cryptographic, MSI Installer and the Windows Update Services. To do this, type the following commands at a command prompt. Press the “ENTER” key after you type each command.
net stop wuauserv
net stop cryptSvc
net stop bits
net stop msiserver
3. Now rename the SoftwareDistribution and Catroot2 folder. You can do this by typing the following commands in the Command Prompt. Press the “ENTER” key after you type each command.
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 Catroot2.old
4. Now, let’s restart the BITS, Cryptographic, MSI Installer and the Windows Update Services. Type the following commands in the Command Prompt for this. Press the ENTER key after you type each command.
net start wuauserv
net start cryptSvc
net start bits
net start msiserver
5. Type Exit in the Command Prompt to close it.
Excellent post
Thank you.
Msg 3605, Level 16, State 1, Line 1
Schema verification failed for database ‘SUSDB’.
Msg 3013, Level 16, State 1, Line 1
RESTORE DATABASE is terminating abnormally.
Error restore Database
wuauclt.exe /detectnow is true
wuaclt.exe /detectnow is worse
Great goods from you, man. I’ve understand your stuff previous to and you are just extremely great. I actually like what you have acquired here, certainly like what you are stating and the way in which you say it. You make it enjoyable and you still take care of to keep it smart. I can’t wait to read much more from you. This is really a terrific web site.
This is a good post and it helped me out. There are some details that were left out but all in all, this gave me the confidence to succeed. It also showed me that Microsoft makes all this stuff harder than it needs to be. Thanks!