I have a strange occurrence maybe someone can help me with. I've been pulling my hair out on this one for months and can't seem to find a solution.
A bit of background:
Enterprise environment that is OFFLINE, WSUS server is updated manually and push out updates down from a central WSUS over a WAN to multiple separate domains (also offline) that push all updates further down to individual servers and workstations. Don't ask why it's offline, as I'd love for it to be online, and it's not really important to the problem (I think).
This works on 90% of machines/ domains. I have two domains with around 200 workstations and 20 servers each where almost all computers are experiencing an error (specifically 0x80070005) installing the cumulative updates each month. Mostly the windows 10 clients, but on one of the domains it's also all of my Server 2019 boxes experiencing the issue as well. Some older Server 2012 R2 boxes experience no issues at these sites thus far.
All Windows 10 Machines are currently running 21H2, for reference, updates are loaded monthly, so most machines/servers are completely up-to-date, either by manual install or otherwise (manual install of msp files does work, as noted below).
Now, what I've done as far as troubleshooting:
-Stopped wuauserv and deleted/replaced c:\Windows\SoftwareDistrubution folder
-Stopped cryptSvc service and also replaced catroot2 folder
-Ran SFC and DISM (though because this crosses multiple computers and multiple servers I didn't think it was file corruption, but I've tried a great many things at this point)
-Ran troubleshooters for both BITS and WindowsUpdate
-Turned off virus scanner temporarily to remove it as a factor (no effect, same outcome)
-Firewall turned off (no effect, same outcome)
Grabbed logs, this are the pertinent parts:
2022/10/27 03:03:27.1841494 6720 9164 Misc FAILED [80070005] Failed to move file from \?\C:\WINDOWS\SoftwareDistribution\Download\091e4c73930bbf3ec46f3f913eede42a\Windows10.0-KB5018410-x64.cab to \?\C:\WINDOWS\SoftwareDistribution\Download\c9f02d14c9b6e742ef1fe0e4462e9144\Windows10.0-KB5018410-x64.cab
2022/10/27 03:03:27.1841540 6720 9164 Misc FAILED [80070005] Method failed [SusMoveOrCopyDirectoryContentsHelperRecursive:1673]
2022/10/27 03:03:27.1841851 6720 9164 Misc FAILED [80070005] Method failed [SusMoveOrCopyDirectoryContentsHelper:1754]
2022/10/27 03:03:27.1846394 6720 9164 DownloadManager Resetting shared sandbox
2022/10/27 03:03:27.1854964 6720 9164 DownloadManager FAILED [80070005] GDR
2022/10/27 03:03:27.2612272 6720 3000 Handler Loaded state: cCompleteIterations: 0, pt: Unknown, nNextRequestID: 0.
2022/10/27 03:03:27.2674763 6720 9164 DownloadManager FAILED [80070005] Error occurred while downloading update 076417E6-4FFA-4F8A-8CA0-5964A175DE47.200; notifying dependent calls.
As I completely deleted the SoftwareDistribution folder and it was replaced with a new version when the service started back up, I can't imagine folder permissions are at play here, so I'm at a loss. Now for the real reason I'm pulling my hair out:
- MSP files for the same updates work every time (manual update), this has been my stopgap solution for these sites for the last few months.
- These updates DO INSTALL typically over enough failed attempts, but usually it takes 40 or so tries of manually looking for updates, which initially led me to think BITS, but these all have the same group policies governing them and there is (seemingly) no difference between workstations at domains that are functioning and updating properly, and workstations/servers that are giving the error. Any assistance would be greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 15%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
