How do I remove a recalcitrant WSUS server from my network

Question

I've been busy with a couple of cloud migrations and now I'm getting back to my other work. I'm trying to get into WSUS and it's not happening. I'm trying to run it from the 2016 server it's installed on and I get the console with the "Connect to Server..." note. I click on that and then enter the server address in the Connect To Server window and that brings up the note "Cannot connect to '192.168.x.xxx.' The remote server could not be contacted." I'm not sure about the mention of "remote server," but this is the way I've done it. I'm getting a lot of WSUS-specific events in Event Viewer > Application (mostly Event 18456). Here's what I'm mostly seeing:

Event 7032
The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,

Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC.

System.IO.IOException -- The handshake failed due to an unexpected packet format.

Source
System

Stack Trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
** this exception was nested inside of the following exception **

System.Net.WebException -- The underlying connection was closed: An unexpected error occurred on a send.

Source
Microsoft.UpdateServices.Administration

Stack Trace:
at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.GetUpdateServer(PersistedServerSettings settings)
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer()
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools()
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Event 7053
The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,

Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC.

System.NullReferenceException -- Object reference not set to an instance of an object.

Source
Microsoft.UpdateServices.UI.SnapIn

Stack Trace:
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ResetScopeNode()
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Event 18456
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. Reason: Failed to open the explicitly specified database 'SUSDB'. [CLIENT: <named pipe>]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Event 17137
Starting up database 'SUSDB'
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I ran sfc /scannow and it found a LOT of errors (I can't see how to attach the text file with the output). Because of that I was going to remove the WSUS role and install it on another server, but clicking on the box in Control Panel doesn't remove the selection. I've rebooted the server several times but no joy. I need to get this going because it's been a while since I've run it and my vulnerability scanner (which I just got running again) is telling me to get to it.

Thanks,

Joe B

Answer 1

Follow my guide - https://www.ajtek.ca/wsus/how-to-remove-wsus-completely-and-reinstall-it/
That should get you going.

Answer 2

Yes, the instructions worked, but the server is still showing up in Server Manager as a WSUS server. Is there a way to prevent that from happening?

Thanks,

Joe B

Answer 3

Have you restarted the server since removing it all? that's odd that it's still listed in Server Manager.

Answer 4

Yes, I restarted the server and after that I power-cycled it, but it's still showing up in MS Server Manager as a server hosting WSUS. Any other suggestions? Diagnostic steps?

Thanks,

Joe B

Answer 5

Go into Server Manager > Manage > Remove Roles and Features. Are any of the WSUS items selected there? Screenshot? Also verify Remote Server Administration Tools are not installed for the WSUS Feature