Sometimes you find your WSUS server keeps crashing over and over again. WSUS is unavailable and/or the WSUS management console hangs. When you start to investigate as to why Windows Server Update Services crashes, you’ll notice the following error message being logged in the HTTPErr log files:
2017-05-08 05:03:53 203.0.113.144 56433 203.0.113.4 80 HTTP/1.1 POST /SimpleAuthWebService/SimpleAuth.asmx 503 707060612 AppOffline WsusPool
In the Eventlog you might find an error like:
The WSUS administration console was unable to connect to the WSUS Server via the remote API.
Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.
And sometimes clients checking for Windows Updates would quickly error out with a code
0x80244021 which indicates the inability to reach WSUS.
To improve WSUS availability, you need to increase IIS Private Memory Limit. The default limit is set to 1843200KB. And when an IIS worker process uses more than 2GB WSUS crashes and the problem occurs.
Change Private Memory Limit (KB) to a higher number that fits your server specifications or simply
0 , which means no limit, instead of the hard-coded 1843200. Follow this path to find the setting:
Internet Information Services (IIS) Manager → Server → Application Pools → Select “WSUSPool” → Actions Advanced → Recycling → change “Private Memory Limit (KB)“.
This’ll improve WSUS availability.
Pro tip: to get the WSUS version in PowerShell (thanks to Johan de Haan @ Serverfault):
[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration") $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer("wsus-server",$False) $wsus.Version
If you want to step in to help me cover the costs for running this website, that would be awesome. Just use this link to donate a cup of coffee ($5 USD for example). And please share the love and help others make use of this website. Thank you very much!
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.
AppCmd introduction and examples
IIS application pool recycle on specific times, not regular time interval
Conditionally start Application Pools on remote IIS web servers
Windows Server 2019 – now available in preview
Windows Server 2016 on Hyper-V stuck at stopping
List all SPNs used in your Active Directory