29.2 C
Ahmedabad
Friday, July 4, 2025
type here...
CM InfrastructureWSUS

After patch schedule completed, WSUS Service was not starting

By Haresh Hirani
0
451

Error message:

After the patch install for June 2022, wsus console not starting and services not starting

Let me give detail reason behind that. This will happen when you are having internal DB and while applied patch there will be local service account was missing from permission or logon local service permission will get reset

Below are the two-account needed to Add part of local

If you want to look on event :

The server event log (Event Viewer -> Windows Logs -> System) shows an error with the EventID 7041 and Service Control Manager as a source. The event description says:

 

This service account does not have the required user right “Log on as a service”.

 

To solve problem, We have to grant permission to NT SERVICE\ALL SERVICES and NT SERVICE\MSSQL$MICROSOFT##WID

 

Let focus how to grant access

Step 1: Open the Local Group Policy Editor: gpedit.msc

  • Go to Computer Configuration –> Windows Settings –> Security Settings –> Local Policies –> User Rights Assignment
  • Find the Log on as a service policy;
  • As you can see, there is no NT SERVICE\ALL SERVICES

 

Step 2: We are not seeing account in these we have only one option to add  a service account to a local policy?  possible way I could find to grant the “Log on as a service” permissions to NT SERVICE\ALL SERVICES is to use the ntrights.exe tool

 

Download and install the Server 2003 Resource Kit (rktools.exe) or in Download attached file

Step 3: Execute below command

cd “C:\Program Files (x86)\Windows Resource Kits\Tools”ntrights.exe +r SeServiceLogonRight -u “NT SERVICE\ALL SERVICES”

 

Granting SeServiceLogonRight to NT SERVICE\ALL SERVICES … successful

Step 4:  There is no NETWORK SERVICE in the current permissions list, add this account as well. If necessary, add the permissions for NT SERVICE\MSSQL$MICROSOFT##WID in the same way:

 

ntrights.exe +r SeServiceLogonRight -u “NT SERVICE\MSSQL$MICROSOFT##WID”

 

Step 5: Validate applied NT SERVICE\ALL SERVICES has appeared in the “Log on as a service” permissions in the Group Policy Editor console.

Restart your Windows Server and restart wsus service it will start working as normal

 

Keep learning

Haresh Hirani
Email:
[email protected]
[email protected]
Facebook https://www.facebook.com/Hiraniconfigmgr-120189361980772/
Follow us: https://www.linkedin.com/in/hiraniconfigmgr 
Twitter: https://twitter.com/hiraniconfigmgr

Author

  • Hi, I Haresh Hirani, I am the person behind this webpage. Welcome to my page, Thank you for visiting the website and my page! My website is all about Microsoft technologies. More about ConfigMgr and all other technologies which are interesting for me. However, larger percentage of my posts are related to SCCM. Normally, like to post the interesting issues which I came across in my day to day tech life. you will find only solutions which comes on my day to day life.

Previous article
SCCM 1702 Servicing: Update stuck in Installing state
Next article
Powershell – DNS resolution for multiple hostnames
- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Search

Latest posts

I’m the person behind this webpage. Thank you for visiting the website and about me page! My website is all about Microsoft technologies. More about ConfigMgr and all other technologies which are interesting for me. However, larger percentage of my posts are related to SCCM. Normally, like to post the interesting issues which I came across in my day to day tech life. you will find only solutions which comes on my day to day life.

Hot Category

Popular Post

© COPYRIGHT Hiraniconfigmgr.com

Developed By : Deepcoder