Resolved: Feature update to Windows 10, version 1709 – Error 0x80242006

Working with some of my team mates this week, I was hearing about multiple machines failing the Fall Creators Update (FCU) 1709 with a Windows Update error of ” Feature update to Windows 10, version 1709 – Error 0x80242006 ” .  Looking around the internet I see a lot of people hitting the common solutions but no real success.

Common Solution (doesn’t always work)

  1. Run the Windows Update Troubleshooter
    1. Open the Windows Settings – Formerly known as the Control Panel
    2. Select Update & Security – Last option
    3. Select Troubleshoot – 4th one down left side
    4. Click on Windows Update under Windows.
    5. Click on Advanced on the Windows update dialog box and click on Run as administrator (Enter the credentials if required).
    6. Click on Next and follow onscreen instruction complete the Windows Update troubleshooter
  2. Deleting the %windir%\SoftwareDistribution folder (requires you to stop several services)

The two steps above only partially fixes the issue.  Solution is below!

Windows Update Log File

  1. Create the Windows Update Log file: Get-WindowsUpdateLog
    1. PowerShell Source: https://blogs.technet.microsoft.com/mniehaus/2017/10/10/improved-windows-update-log-formatting-with-windows-10-1709/
  2. Open the log file
    1. I still use cmtrace.exe as my primary log file viewer
      1. https://www.microsoft.com/en-us/download/details.aspx?id=50012
    2. I have found Glogg is much faster but less formatting
      1. http://glogg.bonnefon.org/download.html

Root Cause

You have at least two issues

  1. Partial download in the Software Distribution folder may be corrupted (someone rebooted for a reason)
  2. Real: You windows update agent registered a download but can’t clear it out

Solution

You need to stop services remove/rename two folders then restart services.  Please be aware cryptSvc will try to restart so do the following quick.

  1. Press Windows Key + X on the keyboard and then select “Command Prompt (Admin)” or “Windows PowerShell (Admin)” from the menu.
  2. Stop the following services in order Windows Update Services, Cryptographic, Background Intelligent Transfer Service (BITS), and MSI Installer.  The following command lines will work just fine.
net stop wuauserv
net stop cryptSvc
net Stop DoSvc
net stop bits
net stop msiserver

3. Rename the SoftwareDistribution and Catroot2 folders.

ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 Catroot2.old

4. Now, let’s restart the BITS, Cryptographic, MSI Installer and the Windows Update Services.

net start msiserver
net start bits
net start DoSvc
net start cryptSvc
net start wuauserv

5. Rerun Windows Update to install FCU 1709

Notes

Media Creation Tool Fails

Media creation tool did not work in this environment because all clients are configured to be controlled via Microsoft System Center Configuration Manager (SCCM or ConfigMgr)

PowerShell

How to stop and start services

Get-Service BITS | Where {$_.status –eq 'Stopped'} |  Start-Service

Get-Service BITS | Where {$_.status –eq 'Running'} |  Stop-Service

How to rename a folder

Rename-Item -path 'C:\Windows\SoftwareDistribution' -NewName 'C:\Windows\SoftwareDistribution.old'

Rename-Item -path 'C:\Windows\catroot2' -NewName 'C:\Windows\catroot2.old'

 

 

Advertisements

What’s new in Windows 10 Fall Creators Update, Redstone 3, 1709, 16299, etc

Hello all,

In the past month I have done 3 separate talks about the new release of Windows 10 FCU (1709).  The link below is the slides from the last talk:

CTSMUG201710 – Fall Creators Update 1709

The 5 links below are the most useful but I call out a lot of good data below.

Best

WAAS: Naming Structure Not-So-Secret Decoder Ring

In the past year we have had a lot of Nomenclature Changes for Windows As A Service (WAAS).  The following slide from Ignite 2017 really clears it up.  Just like designer MUD in a SPA.

WAAS Naming Alignment 01

How often Office and Windows updated?

WAAS Naming Alignment 02

What versions of Microsoft System Center Configuration Manager (ConfigMgr / SCCM) supports 1709 next week.

WAAS Naming Alignment 03

Windows 10 Fall Creators Update, 1709, Microsoft Windows [Version 10.0.16299.15], Redstone 3, RS3 release is Oct 17th 2017.  I know a lot of names for the same piece of software.

I am excited for next week.

Slide Source: https://view.officeapps.live.com/op/embed.aspx?src=https%3A%2F%2F8gportalvhdsf9v440s15hrt.blob.core.windows.net%2Fignite2017%2Fsession-presentations%2FBRK3075.PPTX

Windows 10 Fall Creators Update (1709) Deprecated Features – PowerShell 2.0 is EOL among others

Fall Created Update (2017 RS3 1709) will be removing some more security holes.  I wonder if some of these are in response to the SMB1 fiasco (WannaCry for example).

  • TLS RC4 ciphers.
  • The SCCM Windows Hello deployed feature which has been replaced with the Registration Authority of Active Directory Federation Services
  • SysKey.exe gone in favor of Bitlocker
  • Enhanced Mitigation Experience Toolkit (EMET) is being removed for Windows Defined Exploit Guard (WDEG) feature
  • PowerShell 2.0 is very security holey – Twitter Tears Shed – Jeffery Snover
    • For example you can invoke PoSH 2.0 if it is installed.  Since it lacks logging you will have no idea what happened.  Most companies I work with just remove it from 1703.

Posted July 20th 2017 a list of features that are being depreciated or Removed from 1709.

Deprecated

Windows PowerShell 2.0

Applications and components should be migrated to PowerShell 5.0+.

Microsoft Paint

Will be available through the Windows Store. Functionality integrated into Paint 3D.

RSA/AES Encryption for IIS

We recommend that users use CNG encryption provider.

System Image Backup (SIB) Solution

We recommend that users use full-disk backup solutions from other vendors.

TLS RC4 Ciphers

To be disabled by default. For more information, see the following Windows IT Center topic:

TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016

Removed

Enhanced Mitigation Experience Toolkit (EMET)

Use will be blocked. Consider using the Exploit Protection feature of Windows Defender Exploit Guard as a replacement.

Syskey.exe

Removing this nonsecure security feature. We recommend that users use BitLocker instead. For more information, see the following Knowledge Base article:

4025993 Syskey.exe utility is no longer supported in Windows 10 RS3 and Windows Server 2016 RS3

TCP Offload Engine

Removing this legacy code. This functionality was previously transitioned to the Stack TCP Engine. For more information, see the following PFE Platform Blog article:

Why Are We Deprecating Network Performance Features (KB4014193)?

 

 

Full List Source: https://support.microsoft.com/en-us/help/4034825/features-that-are-removed-or-deprecated-in-windows-10-fall-creators-up

Free eBooks from Microsoft

https://blogs.msdn.microsoft.com/mssmallbiz/2017/07/11/largest-free-microsoft-ebook-giveaway-im-giving-away-millions-of-free-microsoft-ebooks-again-including-windows-10-office-365-office-2016-power-bi-azure-windows-8-1-office-2013-sharepo/?ranMID=24542&ranEAID=lw9MynSeamY&ranSiteID=lw9MynSeamY-wEHi3i0.hlt_HnAwmoDS7w&tduid=(00fbd30d71024abaab2b5cb6c5e7c446)(256380)(2459594)(lw9MynSeamY-wEHi3i0.hlt_HnAwmoDS7w)()

 

Free eBooks.. get em while they are … free!

Including:

  • Windows 10
  • Office 365
  • Office 2016
  • Power BI
  • Azure
  • Windows 8.1
  • Office 2013
  • SharePoint 2016
  • SharePoint 2013
  • Dynamics CRM
  • PowerShell
  • Exchange Server
  • System Center
  • Cloud
  • SQL Server and more!

Client Health: Repair the WMI Path and ensure WMI is added

Once upon a time I wrote a Client Health repair script for Windows XP SMS and SCCM 2007 environments.  By far and away the biggest issue was WMI corruption.  The point of this script was to fix as much as humanly possible WITHOUT using WMI.  No minor feat and you can see one section below here.   A major issue that was EASILY remedied was ensuring WMI was in the system path.  This was recently pointed out to me that people were charging for simple logic.  So here is a nice way to do it for free with a few more frills thrown in for free.

Solution: Fix the WMI in the System Path

The fix below will parse you entire system path and remove any %variable%, remove duplicates, and ensure certain items are in the System path like WMI.  I always wanted to add in a check to look for UNC (\\) paths as those always make a system go slower.

The following script will NOT work.  Please see the full CLIFIX script

CLIFIX_Public_V4_18

Dim windir: windir = WSHShell.ExpandEnvironmentStrings("%WINDIR%")



' =============================================================================
' Method: CHK_SYSTEMPATH
' Description: checks that wbem is near the front of the sys path and cleans
' any duplicate statements from the path environment
' =============================================================================

Sub CHK_SYSTEMPATH()

 WindirPath = LCase(windir)
 System32path = LCase(windir & "\system32")
 WBEMpath = LCase(windir & "\system32\wbem")

 WindirPathFound = False
 System32pathFound = False
 WBEMpathFound = False
 SystemRoot = False

 strKeyNamePath = "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"
 strValueName = "Path"

'// GET PATH STATEMENT
 strValue = wshshell.regRead("HKLM\" & strKeyNamePath & "\" & strValueName)
 strValue = LCase(strValue)
 
 ARRpath = Split(LCase(strValue), ";")

 For i = 0 To UBound(ARRpath)
  'Repalce SystemRoot with actual value
  If InStr(ARRpath(i), LCase("%systemroot%")) <> 0 Then strValue = Replace(strValue, LCase("%systemroot%"), LCase(windir)) : SystemRoot = True : COLLECTMSG "CHK_SYSTEMPATH","Warning Replaced %systemroot%",SystemRoot
  If ARRpath(i) = WindirPath Then WindirPathFound = True
  If ARRpath(i) = System32path Then System32pathFound = True
  If ARRpath(i) = WBEMpath Then WBEMpathFound = True
 Next

If (WBEMpathFound = True) And (System32pathFound = True) And (WindirPathFound = True) And (SystemRoot = False) Then COLLECTMSG "CHK_SYSTEMPATH","All Paths Found",WBEMpathFound: Exit Sub

 COLLECTMSG "CHK_SYSTEMPATH","PATH",strValue
 '// Log the results
 logit=False
 If WBEMpathFound = False Then strValue = WBEMpath & ";" & strValue : COLLECTMSG "CHK_SYSTEMPATH","Error WBEMpathFound", WBEMpathFound:logit=True : CLIENTSTATE = CLIENTSTATE + 1
 If WindirPathFound = False Then strValue = WindirPath & ";" & strValue : COLLECTMSG "CHK_SYSTEMPATH","Error WindirPathFound", WindirPathFound :logit=True : CLIENTSTATE = CLIENTSTATE + 1
 If System32pathFound = False Then strValue = System32path & ";" & strValue : COLLECTMSG "CHK_SYSTEMPATH","Error System32pathFound",System32pathFound:logit=True : CLIENTSTATE = CLIENTSTATE + 1
 
 If logit = True Then StrERRType = StrERRType & "SYSTEMPATH_"

 '//Take out duplicates
 'Dictionary Object is Much faster
 ARRpath = Split(LCase(strValue), ";")
 Set PureString = CreateObject("Scripting.Dictionary")
 For i = 0 To UBound(ARRpath)
  If Not PureString.Exists(ARRpath(i)) Then PureString.Add ARRpath(i), ARRpath(i) : Debug(ARRpath(i))
 Next
 strValues = ""
 For Each strKeyName in PureString.Keys
  strValues = strValues & strKeyName & ";"
 Next
 Set PureString = Nothing
 'Remove duplicate semicolons
 If InStr(strValues, ";;") <> 0 Then strValues = Replace(Replace(strValues, ";;", ";"), ";;", ";")
 'Remove trailing semicolons
 ln = Len(strValues)
 If InStr(ln, strValues, ";") <> 0 Then strValues = Left(strValues, ln - 1)
 '// Set PATH STATEMENT
 'Set to current runtime path
 Set oEnv = WshShell.Environment("System")
 oEnv("Path")=strValues
 Set oEnv = Nothing
 'Set to Registry for next restart
 wshshell.regwrite "HKLM\" & strKeyNamePath & "\" & strValueName,strValues,"REG_SZ" 
 RegCounter "CHK_SYSTEMPATH",1
 COLLECTMSG "CHK_SYSTEMPATH","PATH_CLEAN", strValues
End Sub

WI 15048: SCCM Control Panel Applet missing – Command line to run it

With the improvements to the control panel the Configuration Manager Control Panel Applet (CPL) has disappeared.  To add insult to injury the default location of the SCCM client is not indexed nor in the system path.

Open the Configuration Manager CPL

c:\windows\ccm\SMSCFGRC.cpl

SMS back from the dead 🙂  I always wondered if the files were not renamed due to all the white and black listing applications that would have to be updated… or if it is just because that is how they were checked into the coding suite.

 

Best