question

MHasanAlizade-1089 avatar image
0 Votes"
MHasanAlizade-1089 asked JustinEmlay-1133 answered

Windows Server 2022 WSUS Fatal Error: The schema version of the database is from a newer version of WSUS

Hi,
I recently upgraded Windows Server from 2016 to 2022!
In post-install processes, I receive the following error for the WSUS service:

 Log file is located at C:\Users\m-alizadeh\AppData\Local\Temp\\WSUS_PostInstall_20220223T152505.log
 Post install is starting
 Fatal Error: The schema version of the database is from a newer version of WSUS 
 than currently installed.  You must either patch your WSUS server to at least 
 that version or drop the database.

Furthermore, in the WSUS console there is the following error:

 The WSUS administration console was unable to connect to the WSUS Server via the remote API. 
    
 Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.
    
 The WSUS administration console was unable to connect to the WSUS Server via the remote API. 
    
 Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.
    
 System.Net.Sockets.SocketException -- No connection could be made because the target machine actively refused it 192.168.0.1:8530
    
 Source
 System
    
 Stack Trace:
    at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
    at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
 ** this exception was nested inside of the following exception **
    
    
 System.Net.WebException -- Unable to connect to the remote server
    
 Source
 Microsoft.UpdateServices.Administration
    
 Stack Trace:
    at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
    at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.GetUpdateServer(PersistedServerSettings settings)
    at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer()
    at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools()



***I did the following actions, which were unsuccessful:

  • I removed the WSUS service, deleted the updates storage folder!

  • I renamed SUSDB.MDF in the "WID\Data" folder

  • I restarted the IIS Service as well as the application pool of WSUS

  • I re-installed the WSUS service but it did not work!

It would be highly appreciated if anybody could help me.
Thanks in advance***


windows-serverwindows-server-update-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AJTek-Adam-J-Marshall avatar image
0 Votes"
AJTek-Adam-J-Marshall answered

Follow my guide to remove WSUS fully and reinstall. It sounds like you didn't fully remove it.

https://www.ajtek.ca/wsus/how-to-remove-wsus-completely-and-reinstall-it/

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Amandayou-MSFT avatar image
1 Vote"
Amandayou-MSFT answered Amandayou-MSFT edited

Hi,

Thanks for your posting in Q&A.

Agree with AJTek-Adam-J-Marshall, the issue may be WSUS is not removed completely.

We need to:

Remove WSUS Role and Windows Internal Database (WID) Feature.

Remove C:\WSUS or where ever the WSUSContent folder resides.

Remove C:\Windows\WID (specifically: delete the SUSDB.mdf and SUSDB_log.ldf in C:\Windows\WID\Data). If you don't remove the WID role and its files on a reinstall, it will re-attach to the same database.

In IIS, remove the 'WSUS Administration' website and the 'WsusPool' Application Pool if they still exist.

Restart the server and re-add the WSUS And WID Roles. Let it install, and then restart the server again.

Now try to do the post-installation configuration.

If this doesn't work, disjoin the server from the domain, and restart. Try the post-installation steps again. If it works, the issue is a policy on your domain that is causing the issues. You can then rejoin the server to the domain.

After you've removed WSUS completely following the instructions above, you can then go ahead and install it again if you so choose.




If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for your reply.

I did all the steps but the fatal error still exists!!
Post install is starting
Fatal Error: The schema version of the database is from a newer version of WSUS
than currently installed. You must either patch your WSUS server to at least
that version or drop the database.

Furthermore, the WSUS server is also our Domain Controller. Is it possible to disjoin the Server from the Domain?

0 Votes 0 ·
Amandayou-MSFT avatar image Amandayou-MSFT MHasanAlizade-1089 ·

Hi,

Thanks for your reply.

the WSUS server is also our Domain Controller.

Yes, It is not recommended that we install WSUS on DC by Microsoft. To aviod the further problem, we could find the new Windows server 2022, and install the WSUS and let the client point to the new WSUS directly.

Best regards,
Amanda

0 Votes 0 ·
AJTek-Adam-J-Marshall avatar image
1 Vote"
AJTek-Adam-J-Marshall answered MHasanAlizade-1089 edited

This is why Microsoft does not recommend installing WSUS on a Domain Controller. What you've done is against recommendations and what has happened is the groups WSUS needs to operate are no longer 'local' because a DC does not have any 'local' groups.

You cannot disjoin a domain controller from a domain unless you are demoting it to a member server first and then disjoining it.

You are better to try to fix this problem than to disjoin it.

Create 2 Domain Local groups

Name: WSUS Administrators
Description: Members of this group can administer the Windows Server Update Services role.
Name: WSUS Reporters
Description: Members of this group can generate reports but cannot approve updates or configure the Windows Server Update Services role.

Then try to run the postinstall again.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for your explanation.

The 2 Domain Local groups existed without any members! I added domain admins, administrator, and my account to the groups.

I noticed in IIS, the 'WSUS Administration' website and the 'WsusPool' Application Pool are not created of their removal!

I am totally confused!!!

0 Votes 0 ·
TomaszMakara-6197 avatar image
0 Votes"
TomaszMakara-6197 answered Amandayou-MSFT commented

Hello @Amandayou-MSFT
The topic is on Windows Server 2022
How You could recommend NOT installing .NET 4.7 when DEFAULT .Net Version on Windows Server 2022 is 4.8
There is no way to fit this requirement.
.NET 4.8 is installed by default with (clean) operating system.



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for your clarification.

Yes, in windows server 2022, .NET Framework 4.8 is installed by default.

After uninstalling WSUS completely, we could install WSUS in windows server 2022.

Thanks again!

0 Votes 0 ·
HansonKenny-6598 avatar image
1 Vote"
HansonKenny-6598 answered

I'd really like to complement @AJTek-Adam-J-Marshall on his thorough and concise knowledge of all thing WSUS. Of all the issues I've come across with this horrid update manager, time and again I find myself following Adam's excellent walk-through's to solve my problems.

I was getting the same error as the original post. I found this article and followed the steps and everything is back in order.

I TOTALLY recommend using Adam's excellent Wsus Automated Maintenance product to keep the database fit and trimmed.

Thanks Adam :)

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PedroHerrera-9437 avatar image
2 Votes"
PedroHerrera-9437 answered AJTek-Adam-J-Marshall commented

1) Go to C:\Program Files\Update Services\Database

2) Take ownership of VersionCheck.sql from "TrustInstall"

3) Open file in notepad

4) On line 3 change "DECLARE @scriptMinorVersion int = (11)" to "DECLARE @scriptMinorVersion int = (51)"
the "11" is a typo

5) Restore ownership, if cant the make "Everyone" owner

6) Re-run post install config

7) Have a beer.

· 7
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I can confirm that on a brand new install of 2022 Datacenter, with May 2022 Media from Microsoft's Business Center,


C:\Program Files\Update Services\Database\VersionCheck.sql
has the following:

DECLARE @scriptMajorVersion int = (20348)
DECLARE @scriptMinorVersion int = (11)

and installs successfully, performs the post-install configuration tasks successfully (from server manager's launch post-install tasks link), and performs the initial sync successfully.

I'm not sure where you're getting your information from.

0 Votes 0 ·

I can also confirm this worked for me for a Windows 2022 install that had the post install fail.

Updating that line from Pedro Herrera's solution allowed my post installation steps to succeed.. Thank you so very much for posting it.

--Cori

0 Votes 0 ·

@CorinnePeterman-2621 Can you let me know what version of Server 2022 you have (Standard/Datacenter), and what was the scenario you had that this method fixed? Did you have it installed prior and this is a re-installation? Was this brand new, from media, with only the WSUS role added where it failed? What language of OS were you using? EN-US?

I'm trying to figure out why the change would be required, in what scenario. Like I said above, I literally installed Server 2022 Datacenter as a VM, added WSUS, and it worked out of the box (not attached to a domain).

0 Votes 0 ·

Hi Adam--

The Windows 2022 was a brand new installation for a new WSUS/SCCM install. The add/remove roles from GUI was used to install WSUS, not powershell as I was feeling lazy that day. Installed ok but failed on post installation steps repeatedly.

The server:
Edition Windows Server 2022 Standard
Version 21H2
Installed on ‎2/‎22/‎2022
OS build 20348.740

Language English

The SQL version:
Microsoft SQL Server 2019 (RTM-CU15) (KB5008996) - 15.0.4198.2 (X64)

The error we received in the post installation log:

  • DB is a higher version than the config scripts

  • The schema version of the database is from a newer version of WSUS than currently installed. You must either patch your WSUS server to at least that version or drop the database.


Once I edited the file as listed to change the Minor version to 51, I clicked to run the post-installation steps again and it completed successfully and created the site in IIS finally.



0 Votes 0 ·
Show more comments

@PedroHerrera-9437

It worked like a charm!!!Thxxx

0 Votes 0 ·
AJTek-Adam-J-Marshall avatar image
0 Votes"
AJTek-Adam-J-Marshall answered

I've written a blog on how to fix this.

https://www.ajtek.ca/wsus/wsus-post-deployment-configuration-failed-windows-server-2022/

Hope this helps the next person who has this problem.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JustinEmlay-1133 avatar image
0 Votes"
JustinEmlay-1133 answered

Thanks to @PedroHerrera-9437 for solving this!

I just did a clean install of Server 2022 May Update and the only thing I did with this server was install WSUS using WID.

en-us_windows_server_2022_updated_may_2022_x64_dvd_50c4a90e.iso

I'm here because of this error. I wish people would stop making false claims such as "If you are trying to install WSUS on a server using the Windows Internal Database (WID), you will likely NOT receive this error." It's useless information and not helpful in any way. This is very clearly and obviously happening while using WID.

Thanks again @PedroHerrera-9437!

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.