0

I use SSM document AWS-RunPatchBaseline to patch my windows servers. while trying to run it, I had this error with one of my servers:

    Invoke-PatchBaselineOperation : Exception Details: An error occurred when 
attempting to search Windows Update.
Exception Level 1:
    Error Message: Server execution failed (Exception from HRESULT: 0x80080005 
(CO_E_SERVER_EXEC_FAILURE))
    Stack Trace:    at WUApiLib.IUpdateSearcher.Search(String criteria)
       at Amazon.Patch.Baseline.Operations.PatchNow.Implementations.WindowsUpda
teAgent.SearchByGuids(List`1 kbGuids)
At C:\ProgramData\Amazon\SSM\InstanceData\i-0931550e0e5fd124d\document\orchestr
ation\52bc9b99-6ee4-4819-9234-8461530012f9\PatchWindows\_script.ps1:198 char:13
+ $response = Invoke-PatchBaselineOperation -Operation Install -SnapshotId 
'0b2d54 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
    + CategoryInfo          : OperationStopped: (Amazon.Patch.Ba...UpdateOpera 
   tion:InstallWindowsUpdateOperation) [Invoke-PatchBaselineOperation], Excep  
  tion
    + FullyQualifiedErrorId : Exception Level 1:
        Error Message: Exception Details: An error occurred when attempting to 
se    arch Windows Update.
    Exception Level 1:
            Error Message: Server execution failed (Exception from HRESULT: 
0x800800    05 (CO_E_SERVER_EXEC_FAILURE))
        Stack Trace:    at WUApiLib.IUpdateSearcher.Search(String criteria)
               at 
Amazon.Patch.Baseline.Operations.PatchNow.Implementations.WindowsU    
pdateAgent.SearchByGuids(List`1 kbGuids)


        Stack Trace:    at 
Amazon.Patch.Baseline.Operations.PatchNow.Implementati    
ons.InstallWindowsUpdateOperation.DoWindowsUpdateOperation()
           at 
Amazon.Patch.Baseline.Operations.PatchNow.Implementations.WindowsUp    
dateOperation.DoBeginProcessing()
    ,Amazon.Patch.Baseline.Operations.PowerShellCmdlets.InvokePatchBaselineOpe 
   ration

failed to run commands: exit status 4294967295

I tried to check this key : HKEY_LOCAL_MACHINE > Software > Policies > Microsoft > Windows > WindowsUpdate > UseWUServer but I could not find it inside my server. My server is windows server 2012 R2. I also looked into the CPUUtilization metric on Cloudwatch during the execution of the patch baseline and it seemed normal. Any clues?

Souad
  • 4,856
  • 15
  • 80
  • 140
  • Couple things to try first: 1. Make sure you are running the latest version of the agent (they just released a new version last night): https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-win.html 2. Troubleshooting Guide: https://docs.aws.amazon.com/systems-manager/latest/userguide/troubleshooting-remote-commands.html See what the logs say and if it's different, post that here and see if any more information comes to light. – DC.Skells Nov 06 '19 at 16:06
  • @Souad Were you able to resolve this? If yes what did you do to resolve this. I am having windows 2k16 servers where this fails everytime when I run PatchBaseline from AWS ssm manager run command console. All my servers are having full outbound access. – Shailesh Sutar Jan 16 '20 at 08:50
  • RunPatchBaseline works fine with Windows 2k12 and 2k19 servers but fails only in case of windows 2k16 servers. – Shailesh Sutar Jan 16 '20 at 08:57

1 Answers1

0

I tried below and worked:

Note: Important this section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

Refer the article How to back up and restore the registry in Windows

  1. Press Windows key + R. This will open Run. Alternatively, you can go to Start and search for ‘Run’
  2. In Run dialog box, type ‘regedit’ and hit Enter.
  3. In the navigation pane, locate and then select the following registry subkey: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion
  4. Now click on PushNotifications key
  5. On the right hand pane double-click on NoToastApplicationNotification DWORD file
  6. Under Value Data change the value to 0
  7. Restart the PC

In case you are not able to find the PushNotifications key, then follow the steps below.

  1. Under HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion right click on CurrentVersion, click on New, and then select Key.
  2. Rename the key as PushNotifications
  3. Now on the right hand pane right click on empty space and click on New and select DWORD (32-bit) Value
  4. Rename the DWORD file as NoToastApplicationNotification
  5. Double-click on the file and change the Value Data to 0
  6. Restart the PC

For more details check Prakhar_Khare answer.

Aditya Y
  • 651
  • 6
  • 12