The WSUS installation from Server Manager fails with a fatal error stating, “The schema version of the database is from a newer version of WSUS than currently installed.” This error requires either patching the WSUS server to at least that version or dropping the database. Windows update indicates that the system is up to date. Please see how to delete ADFS Windows Internal Database without access credentials, and How to deploy WordPress on Azure App Service.
Note: Microsoft Does not recommend installing WSUS on a Domain Controller. Because of this, I tested to see what could possibly happen.The first step in the deployment of Windows Server Update Services (WSUS) is to make important decisions, such as deciding the WSUS deployment scenario, choosing a network topology, and understanding the system requirements. Below is an example architecture for Endpoint Point Configuration Manager deployment. You can see, I will be deploying WSUS also on the Configuration Manager.
Also, see “Post-Deployment (configuration) of Active Directory Federation Service (ADFS) in Windows Server“, and how to fix Windows 2016 Servers do not show up on the WSUS console.
WSUS Post Deployment Issue
When you try to install WSUS on Server 2022 using the Windows Internal Database (WID) or SQL Server. You may get a “WSUS Post-deployment Configuration Failed” error message as shown below.
Microsoft.UpdateServices.Administration.CommandException: The schema version of the database is from a newer version of WSUS than currently installed. You must either patch your WSUS server to at least that version or drop the database.As you can see the post-install log is below. The process timed out. When WSUS is installed a domain controller. This will cause database access issues due to how the database is configured.
Also, when prompted to run the WSUS Post installation, it will timeout as well and not succeed.
Remove Windows Server Update Services [WSUS]
Uninstall the WSUS Role and reinstall it on a non-domain Controller. If you get WSUS to work on a DC which is possible as I have tested this in the past, this is not best practice.
Note: If you still want to install it on a DC, Uninstall WSUS from the domain controller, demote the server to a non-domain controller, and reinstall WSUS.
Remove WSUS via PowerShell
To remove WSUS from your server, you can run the PowerShell command below as an administrator.
Remove-WindowsFeature -Name UpdateServices,UpdateServices-DB,UpdateServices-RSAT,UpdateServices-API,UpdateServices-UI -IncludeManagementTools
We will discuss how to remove the Windows Internal Database (WID) after discussing how to remove WSUS Role via GUI.
Remove WSUS Role via the GUI using Server Manager
Launch the Server Manager, and click on Manage. Select Remove Roles and features
We only have one server in the pool. Click Next.
Unselect the WSUS Server Update Services, this will automatically uncheck the sub-roles. Click Next to continue.
When prompted with the “Remove Roles and Features Wizard”, click Remove Features.
As you can see, the WSUS Role has been unselected. Click Next to continue
On the Confirmation page, click “Remove”.
It is safe to close the “Remove Roles and Feature Wizard” right now. You can view the status from the server manager.
Learn how to configure Windows server update services, and Uninstall WDS: How to remove Windows Deployment Services role via the GUI and PowerShell.
Remove WSUS Windows Internal Database
Remove WSUS Role if you do not plan to reinstall WSUS on this server. Navigate to the path C:\Windows\WID\Data and delete the following files “SUSDB.mdf and SUSDB_log.ldf).
If the WID was only used for WSUS. You can remove the entire WID Folder: C:\Windows\WID folder.
You can also remove the WSUS website and application pool or IIS Role all together on the Domain Controller.
Restart the Server and reinstall WSUS on another Server.
See ‘Add and remove IIS Web Server on Windows Server 2019 via the Server Manager and PowerShell“, and how to Start, Stop and Restart Windows Server Update WSUS Services via PowerShell and CMD.
Reinstall WSUS
Launch the Server Manager, and Click on Add Roles and Features. On the Role Server Role, select WSUS Server.
When prompted to add features, Click on Add features, and then on Install.
Once the WSUS Role installation is complete, you can click on “Launch WSUS “Post-Installation Task”.
As you can see, the installation succeeded on a non-Domain Server.
Now you should be able to access the Update Services Console. See How to target WSUS clients with the registry keys.
I hope you found his article useful on “The schema version of the database is from a newer version of wsus”. Please feel free to leave a comment below.
The post The schema version of the database is from a newer version of wsus appeared first on TechDirectArchive.