When this occurs, the WSUS Administration console logs the following error message:
Non-running services: SelfUpdate
- The permissions on the C:\Program Files\Update Service\SelfUpdate directory are missing or incorrectly configured, or the IUSR_ComputerName account has been removed from the Users group.
- The SelfUpdate virtual directory is missing from the WSUS server.
- The SelfUpdate virtual directory is not configured for the default site on port 80.
- The SelfUpdate virtual directory does not have anonymous access permissions.
- The default Web site is configured to use specified IP addresses and is missing an entry for 127.0.0.1.
- The default Web site does not have anonymous access permissions.
- The WSUS server also has Microsoft Windows Sharepoint Services installed. The WSUS resources have not been excluded from Sharepoint management.
- The Selfupdate.msi installation was defective. Therefore, files are missing from the ~\Selfupdate subfolders.
|Domain/Users or Local/Users||Read&Execute, Read, List Folders|
|IUSR_ComputerName||Read&Execute, Read, List Folders|
To resolve a problem where the SelfUpdate virtual directory is missing or there is no SelfUpdate virtual directory listed under the Web site that is bound to port 80, run the Selfupdate.msi file that is located in the Program files\Update services\Setup folder.
To resolve issues where the SelfUpdate virtual directory does not have anonymous access permissions, open IIS Manager, expand the default Web site, right-click the SelfUpdate virtual directory, and then click Properties. On the Directory Security tab, click edit under Authentication and access control. Make sure that anonymous access is enabled.
Note This step should be performed for the default Web site as well. The SelfUpdate tree does not work if you have a Web site that is bound to a specific IP address in your IIS configuration. The workaround is either to set your IIS configuration to respond to "All unassigned" addresses or to add 127.0.0.1 to the list of IP addresses used for SelfUpdate. For information about how to configure WSUS to run on a computer that is also running Windows Sharepoint Services, see page 87 in the Microsoft Windows Server Update Services Operations Guide. This guide is located on the following Microsoft Web site:
Configuration 1: WSUS is installed on the default Web siteConfigure the default Web site by using the following settings:
Configuration 2: WSUS is installed on a custom Web siteConfigure the default Web site on port 80 by using the following settings:
- You must configure the SelfUpdate virtual directory under the default Web site or any other Web site to listen on Port 80.
- The SelfUpdate virtual directory points to C:\Program Files\Update Service\SelfUpdate.
- The WSUSAdmin virtual directory is the only virtual directory in IIS that should have security set to Integrated Windows Authentication. Set all other virtual directories security to Anonymous Access Enabled.
문서 ID: 920659 - 마지막 검토: 2008. 7. 21. - 수정: 1