SRV 2016, Windows Patch, BSOD, STOP CODE, 0xc000021a or CRITICAL SERVICE FAILED, ROLLBACK, Blue screen how to

Hello,

This is a collection of some technical things we used to recover a SRV 2016 with blue screens. We assume the first crash was related to a too early SRV 2016 VL Release ISO and ESX 6.5 (From 2018) and a combination of a Windows Defender Update.

This may help you to recover a server 2016 in general. It's so rare with 2012R2/2016 that this may help because it's not daily and people tend to go back A Snapshot or restore from Veeam these days. Still we have seen this happen.

 

SRV 2016, Windows Patch, BSOD, STOP CODE, 0xc000021a or CRITICAL SERVICE FAILED, ROLLBACK, Blue screen how to

Windows Patch, BSOD, STOP CODE, 0xc000021a, ROLLBACK, Blue screen how to (Notice the PAGE FILE Partition where memory DUMP was done)

BSOD, Bluescreen on Server 2016

STOP CODE, 0xc000021a

STOP CODE, CRTITICAL SERVICE FAILED

 

Server 2016 problems patches 02/2021: KB4601318 fails to update, fails at 24% Windows Server 2016 - Microsoft Q&A

Customer did run following VMware setup for the cluster (Because they wanted to test the newer release for some days)

VMware ESX Versions:

6.5 Version 9298722

ESXi 6.5 U2C

ESXi650-201808001

8/14/2018

9298722

NA

6.5 Version 13635690

ESXi 6.5 EP 14

ESXi650-201905001

05/14/2019

13635690

N/A

 

Build numbers and versions of VMware ESXi/ESX (2143832)

 

Rollback of Updates that caused the Bluescreen if you installed Windows Update before.

 

  • Choose blue recovery console
  • Choose troubleshoot
  • Choose cmd.exe
  • Change KEYBOARD layout so you type the Local Admin password correct
  • Logon with Local Admin password

Rollback the last updates with: dism /image:D:\ /cleanup-image /revertpendingactions (D: is the drive where your Windows Server install is thus where c:\porgram files and c:\windows are (Search that Partition from C: to Z:))

 

 

Enter password (Hopefully)

 

Change KEYBOARD layout so you type the Local Admin password correct

Logon with Local Admin password

Search the windows Partition

 

Check with:

Sfc /scannow

 

 

Run: checkdisk if you think there is damage to file system or disk:

Chkdsk G: /f /r /x

 

Check the pending operations he should do or has done during the crash:

 

Remove C:\windows\winsxs\pending.xml.

Cd g:\windows\winsxs\

Rename pending.xml pending.old

 

Rollback the last updates with:

dism /image:D:\ /cleanup-image /revertpendingactions

D: is the drive where your Windows Server install is thus where c:\porgram files and c:\windows are (Search that Partition from C: to Z:)

 

 

Error: 0x800f082f

BAD: (Looks more worse now….)

 

GOOD: (Looks good until you try to reinstall the same patch in 1 week again…)

 

Weputil.exe reboot

OR

Type: EXIT

OR NOT

If you have "CRITICAL SERVICE FAILED" this could be related to a UNSIGNED DRIVER or something is wrong with Certificates (CODE SIGNING). Maybe ask

Firewall TEAM if they block CERTIFICATE REVOCATION and if they don't know what you talk about check yourself. Read more on blog.

Try these BOOT Option with F8

If the Server comes UP with "Disbale Driver Signature Enforcement" and you don't need that (Because it's not a high secure server you could disable it permanent). We do not recommend this on an Exchange Server as example or anything security related.

If it comes up run:

Sfc /scannow

 

Manually disable certificate signature validation:

open CMD.exe as an Administrator

bcdedit -set loadoptions DDISABLE_INTEGRITY_CHECKS

 

Re-enable the certificate validation

open CMD.exe as an Administrator

bcdedit -set loadoptions DENABLE_INTEGRITY_CHECKS

 

    

FAQ: How to remove Remove failed packages in Windows PE

 

Looking why the Server crashed with NIRSOFT tool Bluescreenview

 

 

Microsoft recommends the PAGE FILE Partition to be RAM + SOME XXXMB. This is what happens IF the Server ever has a blue screen so don't do it that way.

I am unsure if the Server would have picked the Partition if no more space was there (Like they recommend). Never like that Rekommandation.

Die Größe der Auslagerungsdatei sollte die Größe des physikalischen RAMs im System überschreiten (SharePoint Server) - SharePoint Server | Microsoft Docs

Ursache: Eine bewährte Methode für Windows ist es, die Größe der Auslagerungsdatei auf einen Wert größer als oder gleich der Gesamtmenge des verfügbaren physischen Speichers festzulegen. Für die automatische Wiederherstellung von Heapspeicher funktioniert die Speicherbereinigung in der Regel effektiver, wenn die Größe des verwalteten Heapspeichers sich der Auslagerungsgröße nähert. Unterschreitet die Größe der Auslagerungsdatei die RAM-Größe, werden neue Zuordnungen von verwaltetem Speicher erteilt, wodurch die Speicherbereinigung aufwändiger wird und die CPU-Beanspruchung steigt.

 

 

 

2020 WSUS-Server content Drive suddenly no space over 300GB *.ESD Upgrade files

Windows Update Server filling since a few months over the 350GB max. Value you know from WSUS-Server which runs over years

  • You checked the internal WSUS GUI Command to clean (That does not free space often…)
  • You cleaned the WSUS maybe even if free or commercial scripts like Adamj Clean-WSUS
  • Still you don't get under 350GB for the WSUS content drive
  • You are at a point where the SQL Cleanup stales, Your SQL Management Studio crash
  • You would have to use sqlcmd.exe to clean the WSUS because no space left

Source:

The Source is mostly ESD Windows Distribution Files (*.ESD) or updating from Windows 10 to other W10 versions. These exploded that last few months. Maybe you did one update like a 1903 to 1909 and now you have the full range coming in. This is around 120 to 160GB on Data.

This add. to the 350GB you normally have with running a certain range of products from like 2010-2016 office and W7/W10.

Quick and Dirty Workaround:

When you can't approve new updates and they are urgent and you can't expand the Disk temporary because it's a VM or the storage team refuses to do so (Because they like to save money for the customer [Who understands why?])

  1. Make sure nobody in your SBS or Enterprise does need those updates
  2. Just delete them from the \WSUSCONTENT\ drive recursive with del *.esd /s
  3. Find the person who turned the category on without thinking in advance ;-)
  4. Cancel the Download in the WSUS-GUI and also DENY them if there still NON APPROVED

Check other WSUS category from us:

http://www.butsch.ch/category/WSUS.aspx

 

Afterwards choose "cancel download" and "DENY" them.

 

 

 

WSUS, W10 19XX > Feature update to Windows 10, Unable to find Resource

Unable to deploy W10 > W10 19XX (Feature Updates) to Windows 10 Clients via WSUS on Server 2012 R2.

That is a patch you need to Update your W10 client from W10 19XX to 19XX/20XX via WSUS.

This should have been fixed by Update KB 2919355 and Windows8.1-KB3095113-v2-x64. However on some WSUS Server 2012 R2 we could not install the patch (Depending on the order you installed Patches and installed the WSUS role timely). The patch does open the handling of ESD files in the Web server IIS (So the IIS know what to do with the Extension and how to Deliver it). You can manually add that entry in IIS.

Error you see in WSUS Server

Feature update to Windows 10 (business editions), version 1909, de-de x64

Event reported at 27.08.2020 03:08:

(Unable to Find Resource:) ReportingEvent.Client.167; Parameters: Funktionsupdate für Windows 10 (Business-Editionen), Version 1909, de-de x64

 

Here is how to solve manual

Right side "ADD"

File name extension:

.esd (With the dot infront)

MIME type:

application/octet-stream

OK

Close and maybe restart IIS or best WSUS Server.

After reboot of the WSUS you that the clients download the update.

You can read here further info:

https://support.microsoft.com/de-de/help/3095113/update-to-enable-wsus-support-for-windows-10-feature-upgrades

This pre-needs KB 2919355

 

SRV2016, WSUS Server, Report Viewer 2012 CRL Types

Server 2016 running WSUS-Server if you click on a Report you the error with the Report Viewer as before.

If you did not install the WSUS in an SQL and used the WID (Windows Internal Database) or have a different Version

Of or many SQL Versionen mixed on that machine.

ERROR:

ENG: The Microsoft Report Viewer 2012 Redistributable is required for this feature

DEU: Für dieses Feature ist Microsoft Report Viewer 2012 Redistributable erforderlich

  1. Install Microsoft System CLR Types (If needed)

Microsoft System CLR Types for Microsoft® SQL Server® 2012

32BIT

http://go.microsoft.com/fwlink/?LinkID=239643&clcid=0x409

64BIT

http://go.microsoft.com/fwlink/?LinkID=239644&clcid=0x409

 

  1. Download and install MICROSOFT® REPORT VIEWER 2012 RUNTIME

https://www.microsoft.com/en-us/download/details.aspx?id=35747

These are the two files you need to install:

Close and reopen the WSUS console and it works now

WIN7 Windows Update stuck / hangs / hängt

 

Some times the Windows 7 Update Client is stuck. Here is how to solve this in 2017.

This happens on Brand new installation of Windows 7 SP1 PRO or ENTERPRISE Media 64BIT (OEM or VL). The Internet conenction looks fine, You have no packet lost, Your MTU Size is correct. Simply Windows Update hangs and does that for hours. Sometimes it goes through and the time this could happen we have seen from 4 hrs to 3 Days.

 

First hint: On some Patches DISCONNECT the Network cable from your Client! (3020369 as example)

You need to Install 3 Patches from the Windows Update Catalog in a certain order. Keep in MIND that you need to Reboot (Restart) and also in certain cases UNLUG the Internet Connection before installing the Patches. Otherwise the Client will search endless again with the first patch.

http://catalog.update.microsoft.com/v7/site/home.aspx

Search for all 3 Patches mentioned below an add them to the Download basket

3020369

3172605

3125574

Then choose to Download all of them

 

KB3020369 (https://support.microsoft.com/de-ch/help/3020369/april-2015-servicing-stack-update-for-windows-7-and-windows-server-2008-r2)

REBOOT

KB3172605 (https://support.microsoft.com/de-de/help/3172605/july-2016-update-rollup-for-windows-7-sp1-and-windows-server-2008-r2-sp1)

REBOOT

 

Om most systems we heard this two Patches solved it. IF that did not work also try:

KB3125574 (https://support.microsoft.com/de-ch/help/3125574/convenience-rollup-update-for-windows-7-sp1-and-windows-server-2008-r2-sp1)

REBOOT

 

 

Please see our further posting regarding WSUS and WSUS-Clients:

http://www.butsch.ch/post/WSUS-Windows-Update-Client-Agent-Commandline-wuaucltexe.aspx

http://www.butsch.ch/post/WSUS-Windows-Update-Server-Most-common-Problems-FAQ.aspx

http://www.butsch.ch/category/WSUS.aspx

http://www.butsch.ch/category/Hotfixes-Updates.aspx