After patch schedule completed, WSUS Service was not starting

Error message:

After the patch install for June 2022, wsus console not starting and services not starting

Let me give detail reason behind that. This will happen when you are having internal DB and while applied patch there will be local service account was missing from permission or logon local service permission will get reset

Below are the two-account needed to Add part of local

If you want to look on event :

The server event log (Event Viewer -> Windows Logs -> System) shows an error with the EventID 7041 and Service Control Manager as a source. The event description says:

 

This service account does not have the required user right "Log on as a service".

 

To solve problem, We have to grant permission to NT SERVICE\ALL SERVICES and NT SERVICE\MSSQL$MICROSOFT##WID

 

Let focus how to grant access

Step 1: Open the Local Group Policy Editor: gpedit.msc

  • Go to Computer Configuration –> Windows Settings –> Security Settings –> Local Policies –> User Rights Assignment
  • Find the Log on as a service policy;
  • As you can see, there is no NT SERVICE\ALL SERVICES

 

Step 2: We are not seeing account in these we have only one option to add  a service account to a local policy?  possible way I could find to grant the “Log on as a service” permissions to NT SERVICE\ALL SERVICES is to use the ntrights.exe tool

 

Download and install the Server 2003 Resource Kit (rktools.exe) or in Download attached file

Step 3: Execute below command

cd “C:\Program Files (x86)\Windows Resource Kits\Tools”ntrights.exe +r SeServiceLogonRight -u “NT SERVICE\ALL SERVICES”

 

Granting SeServiceLogonRight to NT SERVICE\ALL SERVICES ... successful

Step 4:  There is no NETWORK SERVICE in the current permissions list, add this account as well. If necessary, add the permissions for NT SERVICE\MSSQL$MICROSOFT##WID in the same way:

 

ntrights.exe +r SeServiceLogonRight -u “NT SERVICE\MSSQL$MICROSOFT##WID”

 

Step 5: Validate applied NT SERVICE\ALL SERVICES has appeared in the “Log on as a service” permissions in the Group Policy Editor console.

Restart your Windows Server and restart wsus service it will start working as normal

 

Keep learning

Haresh Hirani
Email:
[email protected]
[email protected]
Facebook https://www.facebook.com/Hiraniconfigmgr-120189361980772/
Follow us: https://www.linkedin.com/in/hiraniconfigmgr 
Twitter: https://twitter.com/hiraniconfigmgr

X


You may also like

CMInfra_05_ AWS Cloud Standalone WSUS Clients are not communicating with WSUS

AWS Cloud Standalone WSUS Clients are not communicating with WSUS.

  • 07-04-2021
CMInfra_06_ After restore of primary site SUP not synchronizing on secondary site

After restore of primary site SUP not synchronizing on secondary site.

  • 07-04-2021
CMInfra_18_WSUS Post Installation is keep failing.

WSUS Post Installation is keep failing..

  • 08-04-2021
CMInfra_21_WSUS SP2 Console is keep getting crash

WSUS SP2 Console is keep getting crash.

  • 08-04-2021
CMInfra_22_WSUS Particular group many devices are stop reporting to wsus

WSUS Particular group many devices are stop reporting to wsus.

  • 10-04-2021

0 Comments

    No Comments

Leave a Comment


About Author

  • Thank you for visiting ! Here is all about Microsoft technologies. More about ConfigMgr and all other tech...

    Read More
x
This website is using cookies. More info. That's Fine