Windows Server Update Services (WSUS) installation fails

Windows Server Update Services (WSUS) installation fails

When you try to install Windows Server Update Services (WSUS) on Windows server 2012 R2 you might get the error

The request to add or remove features on the specified server failed. The operation cannot be completed, because the server that you specified requires a restart.

image

Restarting the server does not change anything.

Looking at the event log will give us a good idea about the cause of the problem:

The MSSQL$MICROSOFT##WID service was unable to log on as NT SERVICEMSSQL$MICROSOFT##WID with the currently configured password due to the following error:

Logon failure: the user has not been granted the requested logon type at this computer.

Service: MSSQL$MICROSOFT##WID

Domain and account: NT SERVICEMSSQL$MICROSOFT##WID

This service account does not have the required user right “Log on as a service.”

User Action

Assign “Log on as a service” to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

image

One typical reason could be a Group policy in Active Directory restricting the Log on as a Service right to something other than expected by Windows, as shown below:

Removing this policy or configuring it with the rights expected by Windows would be a good place to start.

image

image

Default Local security Setting on Windows Server 2012 R2 would normally be:

image

When you successfully install WSUS on a Windows 2012 R2 server with no GPO’s, the local Security Setting would change to:

image

Table of Contents

Share this post
Search blog posts
Authors
Modern Workplace consultant and a Microsoft MVP in Enterprise Mobility.
Modern Workplace consultant and a Microsoft MVP in Windows and Devices for IT.

Infrastructure architect with focus on Windows Client management & security.

Cloud & security specialist with focus on Microsoft backend products and cloud technologies.

Infrastructure architect with focus on design, implementation, migration and consolidation.

Infrastructure consultant with focus on cloud solutions in Office365 and Azure.

follow us in feedly
Categories

Follow on SoMe