Looking in the c:WindowsWindowsUpdate.log file I could see that there was an error with BITS (Background Intelligent Transfer Service) which Windows Update uses to download updates. This led me to use the bitsadmin tool to see if there was any downloads stuck:

1. Open a command prompt as administrator

2. Type in the following command and press enter:

bitsadmin /list /allusers

3. If there any lines in the output such as the following then we need to reset the jobs:

{04D0B991-54E3-41C4-B475-572D9E31BFE5} ‘WU Client Download’ SUSPENDED 0 / 1 0 / 13352278

To kill off the jobs is not as simple as it seems as even with an administrator account I could not kill off the jobs giving me an unable to cancel error. The task had to be run as system as a scheduled task:

1. Open up notepad and put in the following line:

bitsadmin /reset /allusers

2. Save the notepad file back as a batch file by save as and giving it a name with the extension .bat

3. Open Task Scheduler and create a new task that runs that batch file and put it to run at a certain time or manually.

4. Before the task runs we just need to change the user account that it runs under system by clicking on Change User or Group button, typing in system as object name and clicking on Check Names:

5. Either schedule the job to run or right click on the job and select run now.

Once the job has run then you can again run the bitsadmin /list /allusers and you should get an output showing no jobs:

The update for the Anti Spam updates should then install without any problems and you should no longer receive this alert.

Hope this helps.

Cheers

Paul

Related posts:

1. Windows Updates do not download on Server 2003 Problem At a customer site that had critical updates to...
2. HRESULT: 0x800f0818 Unable to add/modify Roles or Features through Server Manager or Powershell after installing updates After installing numerous Windows Updates, usually when bringing a newly...
3. Activation context generation failed for "C:Windowssystem32conhost.exe” Error We have came across an error this month after patching...

Related posts brought to you by Yet Another Related Posts Plugin.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7022
Description:
The FSCController service hung on starting.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7001
Description:
The FSEIMC service depends on the FSCController service which failed to start because of the following error:
After starting, the service hung in a start-pending state.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7001
Description:
The Microsoft Exchange Transport service depends on the FSEIMC service which failed to start because of the following error:
The dependency service or group failed to start.

Solution:

Ensure Service Pack 2 is installed for Forefront Security for Exchange Server

Related posts:

1. Information Store and Microsoft Exchange Transport service do not start Automatically after a Reboot We came across an issue recently on a Exchange 2007...
2. NLB cluster []: Timer starvation has been detected. This might be due to a denial of service attack or a very high server load. During this period, some connections might fail. If this problem recurs frequently, analyze the threat and take appropriate measures and/or add more servers to the cluster. Event ID 105 on a server running Windows 2008 R2 On a Windows 2008 R2 server running TMG 2010 and...
3. Security Update for Microsoft .NET Framework 4 Stuck at 66% Downloading on SCCM We came across an issue today with a certain update...

Related posts brought to you by Yet Another Related Posts Plugin.

“550 5.7.1 :127.0.0.3:Client host … blocked using 88.blocklist.zap; Mail from IP banned. To request removal from this list please forward this message to delist.forefront@messaging.microsoft.com”

If you are sure that the sender is legitimate and trusted, mail from the senders domain can be allowed by completing the followings solution.

Solution:

Add the IP address of the remote domain to the “IP Allow List” on your Edge servers. (This IP can be found in the NDR or by contacting the remote party):

Related posts:

1. HTML Mails sent Via OWA and Outlook 2011 are received as Plain Text mails externally Recently we came across an issue on an Exchange 2010...

Related posts brought to you by Yet Another Related Posts Plugin.

Solution:

Run the “fixsqlserverlogin.vbs” script from the “Installing Forefront TMG SP1” TechNet article:

http://technet.microsoft.com/en-us/library/ff717843.aspx#fixsqlserverlogin_vbs

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

To resolve this issue I implemented IIS 7’s shared configuration and put a process in to replicate the content between web servers.

You will need a domain account (or local account on each web server if your web servers aren’t domain joined) which will be used to access the shared configuration (it only does this – your web applications continue to run under what ever application pool identity you have set) and a file share to store the configuration on.

Assuming you’re at the stage of having a configured web server with the IIS configuration how you want it you need to export the configuration:

1. On the first web server / machine which will host the shared configuration create a directory & share it giving full share and ntfs permissions to the service account created, all other permissions should be removed.
2. In IIS manager on the server with IIS configured as per the previous steps click on the server node in the left pane, then open shared configuration in the right pane, then finally select the export configuration option on the right, store the export in the directory created in step 1, entering an encryption key (this should be recorded as it is needed for all nodes which will be accessing the shared configuration).
3. When exported tick the ‘Enable shared configuration’ box, enter the UNC path to the configuration (eg \machinenameiisconfig) enter the username domainserviceaccount and the password for that account, press apply, you will be prompted for the encryption key provided in step 2.
4. Restart the server to apply configuration, then check IIS is still functioning and the IIS manager can be accessed.

The above steps will reconfigured your already configured web server to work from the shared configuration, now we need to replicate the web content and configure all other web servers to work from the same configuration.

There are several ways of replicating the physical content, DFSR is one option, however I chose not to use it as the content on the web servers is staying static so frequent updates to the other nodes will not be required and it gives the operator responsible for the servers more control over how content updates are deployed.  So instead I used robocopy (which has been built in since Vista / Server 2008) to mirror the content from the configured server to all others (this was executed on the web server to be copied to):

robocopy \configuredwebserverc$inetpubwwwroot c:inetpubwwwroot /MIR

Once the file content was in place two quick steps are required to configure IIS to use the shared configuration:

1. Open IIS manager, click on the server name in the left pane, then select the shared configuration option in the right pane, tick the ‘Enable shared configuration’ box, enter the UNC path to the configuration as specified on the first web server (eg \machinenameiisconfig) enter the username domainserviceaccount and the password for that account, press apply, you will be prompted for the encryption key.
2. Restart the server to apply configuration, then check IIS is still functioning and the IIS manager can be accessed.

This process will replicate all application pools and IIS configuration, however if you have ODBC data sources etc.. (things external to IIS which your web applications are using) then you will need to find a way to replicate these settings as well. 

An important point is how IIS behaves if the configuration becomes unavailable, under Server 2008 (not R2) if the configuration disappears IIS will essentially stop, under R2 the server will detect this, continue working and reconnect when the configuration source comes back online.  You can enable offline files for added resiliency should you require it.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Forefront Threat management Gateway the successor to ISA server 2006 is now RTM and the eval is available for download form the following link above

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.