Windows Vista Tips
Home Register Members Search Windows Vista Tips File Database Links
Member Login:

Windows Vista Tips > Newsgroups > Windows Server > Update Services > Re: WSUS 3.0 - The server is failing to download some updates

Reply
Thread Tools Display Modes

Re: WSUS 3.0 - The server is failing to download some updates

 
 
Lawrence Garvin [MVP]
Guest
Posts: n/a

 
      10-01-2009
"yeiyei1986" <> wrote in message
news:...
>
> Hey. I have the same problem here.
>
> Try this to get the problem solved.
>
> 1. if you have WSUS in a Domain controler computer you may have to
> grant to the folder of wsus (the one selecte in wsus intalation) to user
> NETWORK SERVICE whith full access.
> 2. in the data base selected for wsus use grant access of db_owner to
> NETWORK SERVICE user.

Not unless somebody has changed the parent permissions, or employed a
Security Template after WSUS was installed.

WSUS properly creates all necessary NTFS permissions on WSUS-created
resources.

It *may* be necessary to grant the NETWORK SERVICE account READ permissions
on a non-SYSVOL drive where the \WSUS folder is created, if that has not
been previously done. If you were experiencing issues downloading updates to
a non-SYSVOL drive -- THIS is the change you probably should have made.

The NETWORK SERVICE account does not need any permissions on the \WSUS
folder, but should have
- Full Control permissions on the ~\WSUS\UpdateServicesDBFiles folder and
inherited down
- Full Control permissions on the ~\WSUS\WSUSContent folder and inherited
down
- Read/Write permissions on the ~\WSUS\UpdateServicesPackages folder and
inherited down
- Read & Execute / List Folder Contents / Read permissions on the
%ProgramFiles%\Update Services folder and inherited down.

The permissions have no significance whether WSUS is installed on a DC, a
member server, or a standalone server. The NETWORK SERVICE account is not a
domain member, and exists on all machines.

If you encountered security issues that were "fixed" by granting the
permissions you have documented, you have applied incorrect permissions
changes, and in any event there is absolutely no reason to change the
permissions inside the database.

The correct permissions are documented in the WSUS Operations Guide. You may
want to reconcile your entire installation with those documented permissions
to ensure you have not unnecessarily created any security thruways.


--
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)

My Blog: http://onsitechsolutions.spaces.live.com
Microsoft WSUS Website: http://www.microsoft.com/wsus
My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin
 
Reply With Quote
 
 
 
Reply

« Re: WSUS help | Benefits to using SQL2005 »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: WSUS 3.0 sp1 is failing to download and synchronise updates Meinolf Weber [MVP-DS] Active Directory 0 06-15-2009 06:27 AM
WSUS Approved Updates Failing Download Michael Senior Update Services 1 07-06-2007 03:51 AM
Re: WSUS 3.0 - The server is failing to download some updates Lawrence Garvin \(MVP\) Update Services 3 06-01-2007 04:23 PM
WSUS updates failing to download irweazel Update Services 8 10-15-2006 10:19 AM
Office SP1 updates failing download through WSUS Gabe S Update Services 0 07-19-2005 09:32 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Windows Vista Tips - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59