-
Notifications
You must be signed in to change notification settings - Fork 157
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error Installing Windows Server Updates with Ansible #589
Comments
Is a very problematic update where I've found Microsoft release a new patch roughly every hour and 1/3 times is extremely problematic with trying to install. The following code was recently added with 9bb5483 and is part of the ansible.windows 2.1.0 release. ansible.windows/plugins/modules/win_updates.ps1 Lines 1937 to 1958 in c207ed4
What the code does is detect if the Windows Update API failed to install that specific KB and use a workaround process using |
If you are on Server Core, there is a fix from Microsoft If you are on Server full you need to increase the size of the winre parition from the default size. |
SUMMARY
Hi everyone,
I'm trying to automate Windows Updates on my servers using Ansible. I created a dedicated Administrator user on the machine to run updates with Ansible.
The updates start, but they don't install. I always get an error. I've tried on multiple installations, but the result is always an update error. However, I haven't seen this issue with Windows 11, for example, only with the Server version.
If I start this updates manually with Windows Update is going to install without problems.
ISSUE TYPE
COMPONENT NAME
win.update
ANSIBLE VERSION
ansible 2.10.8
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0]
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
Windows Server 2022
STEPS TO REPRODUCE
name: Update Windows
hosts: windows
tasks:
win_updates:
category_names:
- SecurityUpdates
- CriticalUpdates
- UpdateRollups
log_path: C:\log.txt
EXPECTED RESULTS
ACTUAL RESULTS
TASK [Install all security updates with automatic reboots] *********************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: at Invoke-WithPipeOutput, : line 1005
fatal: [dc2.auxbit.it]: FAILED! => {"changed": true, "failed_update_count": 1, "filtered_updates": {"ea67cabb-aaf1-4482-a9aa-d6048b7bc15f": {"categories": ["Definition Updates", "Microsoft Defender Antivirus"], "downloaded": false, "filtered_reason": "category_names", "filtered_reasons": ["category_names"], "id": "ea67cabb-aaf1-4482-a9aa-d6048b7bc15f", "installed": false, "kb": ["2267602"], "title": "Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.405.802.0) - Current Channel (Broad)"}}, "found_update_count": 1, "installed_update_count": 0, "msg": "Failed to install all updates - see updates for more information", "reboot_required": false, "rebooted": false, "updates": {"a8a2d6e3-c6dc-4eb8-bcfb-8c8c7d947899": {"categories": ["Microsoft Server operating system-21H2", "Security Updates"], "downloaded": false, "failure_hresult_code": 2147944003, "failure_msg": "Unknown WUA HRESULT 2147944003 (UNKNOWN 0x80070643)", "id": "a8a2d6e3-c6dc-4eb8-bcfb-8c8c7d947899", "installed": false, "kb": ["5034439"], "title": "2024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439)"}}}
or the Event Viewer of Windows is writing this:
Installation Failure: Windows failed to install the following update with error 0x8024200B: 2024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439).
The text was updated successfully, but these errors were encountered: