Share via

WSUS Server Cleanup Delete Unused Update Revisions fails often

GettnBetter 6 Reputation points
2022-04-12T04:36:31.35+00:00

I have an issue at all sites with WSUS cleanup. Specifically with Microsoft antivirus definitions and the deleting unused update revisions cleanup. After a period of time, it varies, this cleanup fails. I find myself having to set all updates in the WSUS database to unapproved and set all declined updates to unapproved. Then the cleanup works. After, I have to re-approve all updates. It's rather tedious.

We set only the antivirus and edge updates to auto-approve, this seems necessary to maintain reasonable workstation and server health. I like the Microsoft antivirus at our servers, it seems to work well. I also like the visibility of the update status. I'd actually prefer if these two portions of WSUS were moved to it's own service maybe.

Question is, am I doing something wrong that is causing this cleanup task to consistently fail? It seems to me that something is fundamentally wrong with this cleanup or the auto-declining of virus definitions is getting in the way.

Windows for business | Windows Server | User experience | Other
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rita Hu -MSFT 9,661 Reputation points
    2022-04-13T09:24:10.88+00:00

    @GettnBetter
    Thanks for your posting on Q&A.

    Here are several links which may be helpful.
    https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/wsus-console-crashes

    Please follow the below link to set up the WSUS Cleanup task in Task Scheduler to clean up the superseded ans expired updates.
    https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/wsus-maintenance-guide#setting-up-the-wsus-cleanup-task-in-task-scheduler

    In addition, please follow the below link to configure the Application Pool:
    https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/windows-server-update-services-best-practices
    It is useful in most cases.

    Hope the above will be helpful.

    Best regards,
    Rita

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
  2. Adam J. Marshall 10,356 Reputation points MVP
    2022-04-12T14:34:09.99+00:00

    Are you performing the proper WSUS maintenance including but not limited to running the Server Cleanup Wizard (SCW), declining superseded updates, running the SQL Indexing script, etc.?

    https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-8-wsus-server-maintenance/

    There is more than just running the SCW!

  3. Adam J. Marshall 10,356 Reputation points MVP
    2022-04-12T17:22:00.347+00:00

    Curious - are your WSUS groups changing during these times?

    0 comments
  4. GettnBetter 6 Reputation points
    2022-04-12T18:32:44.693+00:00

    I have seen this when I delete a group but none of the sites have created or deleted groups since last October. Computers are moved between groups fairly often.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.