How do I troubleshoot Window update failures for Amazon Elastic Compute Cloud instances?
I want to troubleshoot why my Microsoft Windows Amazon Elastic Compute Cloud (Amazon EC2) instances fail to update.
Resolution
Run the AWSSupport-TroubleshootWindowsUpdate automation
As a best practice, first use AWSSupport-TroubleshootWindowsUpdate automation to troubleshoot common issues related to Windows updates for Windows Amazon EC2 instances. Follow the recommendations that you receive when you run this automation.
Note: Before you start AWSSupport-TroubleshootWindowsUpdate, make sure that your AWS Identity and Access Management (IAM) user or role has the required permissions. For more information, see the Required IAM permissions section of the runbook.
To launch SAW automation, complete the following steps:
- Log in to the AWS Systems Manager console, and then open AWSSupport-TroubleshootWindowsUpdate.
- To run the automation, follow the steps under Instructions in the runbook.
- After the SAW automation completes, review the results in the Outputs section. The final report contains the detailed plaintext output of each step.
Important: If you continue to get Windows Update failures, then review the following steps to manually troubleshoot the issues.
Verify connectivity to the update servers when WSUS isn't used
Verify that your instances can reach the required Microsoft domains. For more information, see Configure your firewall to allow your first WSUS server to connect to Microsoft domains on the internet on the Microsoft website.
If the instances can't reach the domains, then check the following conditions:
- Your instances have internet connectivity.
- The security group and network access control list (network ACL) for your instances allow traffic on outbound ports 80 and 443.
- Your firewalls or proxy configurations allow access. For more information, see Issues related to HTTP/Proxy on the Microsoft website.
Check Windows Update for a corrupt component
The update installation might fail from corrupt Windows Update components. There are two ways to fix this issue:
Use the Windows Update Troubleshooter
The Windows Update Troubleshooter fixes corrupt components as well as other update-related issues. For more information on running the Troubleshooter, see Windows Update Troubleshooter on the Microsoft website.
Perform a manual reset
To stop all essential Windows Update services that might block a component reset, run the following commands:
net stop bitsnet stop wuauserv net stop cryptsvc
Rename the following folders under %Systemroot%\SoftwareDistribution. To rename the folders, run the following commands:
Ren %Systemroot%\SoftwareDistribution\DataStore DataStore.bakRen %Systemroot%\SoftwareDistribution\Download Download.bak
To restart all essential Windows Update services, run the following commands:
net start bitsnet start wuauserv net start cryptsvc
Check for antivirus software
Third-party software such as antivirus or scanning programs might interfere with the update process. They might also corrupt files or cause updates to fail.
To increase the chance of a successful update, exclude some files from your virus scanning software before the update. For a list of files to exclude, see Virus scanning recommendations for Enterprise computers that are running Windows or Windows Server on the Microsoft website.
For a list of other common Windows Update errors and their resolution, see Windows Update common errors and mitigation on the Microsoft website.
Review additional logs for troubleshooting options
If you still can't successfully run Windows Update for your instances, then check the Windows events, update, and CBS logs for specific errors. These logs are in the temporary folder that's created by the automation on the EC2 instance. For more information, see the output for the automation.
For more information on Windows Update errors, see Windows Update common errors and mitigation on the Microsoft website.
Related information
Conteúdo relevante
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há 3 anos