Windows XP SP2 & all Security fixes.
We are having problems(error 0x800704dd) using the Windows Update Agent V3
(7.2.6001.784) when we use the agent when nobody is logged on.
We didn't have this problem in earlier builds of the Windows Update Agent.
We can reproduce this problem using psexec.exe and the MBSA package.
To reproduce the problem you need to install the latest
WindowsUpdateAgent30-x86.exe, MBSASetup-x86-EN.msi and C:\wsusscn2.cab on the
test system.
Create a Test.bat file containing the MBSA command :
"C:\Program Files\Microsoft Baseline Security Analyzer 2\mbsacli.exe"
/xmlout /catalog c:\wsusscn2.cab /unicode >c:\results.xml
Now we launch the Test.BAT file from another system in the network
The problem doesn't occur when the systemaccount is used but it does occur
when a local account is used.
psexec \\brojlnxpvm -s c:\temp\test.bat
PsExec v1.86 - Execute processes remotely
Copyright (C) 2001-2007 Mark Russinovich
Sysinternals - www.sysinternals.com
C:\WINDOWS\system32>"C:\Program Files\Microsoft Baseline Security Analyzer
2\mbs
acli.exe" /xmlout /catalog c:\wsusscn2.cab /unicode 1>c:\results.xml
■M i c r o s o f t B a s e l i n e S e c u r i t y A n a l y z e r
V e r s i o n 2 . 1 ( 2 . 1 . 2 1 0 4 . 0 )
( C ) C o p y r i g h t 2 0 0 2 - 2 0 0 7 M i c r o s o f t C o r p
o r
a t i o n . A l l r i g h t s r e s e r v e d .
c:\temp\test.bat exited on brojlnxpvm with error code 0.
C:\Program Files\Microsoft Visual Studio 8\VC>psexec \\brojlnxpvm -u Leen
c:\tem
p\test.bat
psexec \\brojlnxpvm -u Leen c:\temp\test.bat
PsExec v1.86 - Execute processes remotely
Copyright (C) 2001-2007 Mark Russinovich
Sysinternals - www.sysinternals.com
Password:
C:\WINDOWS\system32>"C:\Program Files\Microsoft Baseline Security Analyzer
2\mbs
acli.exe" /xmlout /catalog c:\wsusscn2.cab /unicode 1>c:\results.xml
■M i c r o s o f t B a s e l i n e S e c u r i t y A n a l y z e r
V e r s i o n 2 . 1 ( 2 . 1 . 2 1 0 4 . 0 )
( C ) C o p y r i g h t 2 0 0 2 - 2 0 0 7 M i c r o s o f t C o r p
o r
a t i o n . A l l r i g h t s r e s e r v e d .
A n e r r o r o c c u r r e d w h i l e s c a n n i n g f o r s
e c
u r i t y u p d a t e s . ( 0 x 8 0 0 7 0 4 d d )
c:\temp\test.bat exited on brojlnxpvm with error code 0.
Extract from the WindowsUpdate.log
2008-10-29 16:24:48:327 556 dac Misc =========== Logging initialized (build:
7.2.6001.784, tz: +0100) ===========
2008-10-29 16:24:48:327 556 dac Misc = Process: C:\Program Files\Microsoft
Baseline Security Analyzer 2\mbsacli.exe
2008-10-29 16:24:48:327 556 dac Misc = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-29 16:24:48:327 556 dac COMAPI -------------
2008-10-29 16:24:48:327 556 dac COMAPI -- START -- COMAPI: Search [ClientId
= MBSA]
2008-10-29 16:24:48:327 556 dac COMAPI ---------
2008-10-29 16:24:48:347 1420 230 Service WARNING: GetUserTokenFromSessionId
failed with error 800704dd for session 0
2008-10-29 16:24:48:357 556 dac COMAPI WARNING: Unable to listen to
self-update/shutdown event (hr=0X800704DD)
2008-10-29 16:24:48:357 556 dac COMAPI WARNING: Unable to establish
connection to the service. (hr=800704DD)
2008-10-29 16:24:48:357 556 dac COMAPI - WARNING: Exit code = 0x800704DD
2008-10-29 16:24:48:357 556 dac COMAPI ---------
2008-10-29 16:24:48:357 556 dac COMAPI -- END -- COMAPI: Search [ClientId = ]
2008-10-29 16:24:48:357 556 dac COMAPI -------------
2008-10-29 16:24:48:357 556 dac COMAPI FATAL: Unable to perform synchronous
search. (hr=800704D Besturingssysteem: Windows XP
> The problem doesn't occur when the systemaccount is used but it does occur
> when a local account is used.
>> 2008-10-29 16:24:48:347 1420 230 Service WARNING: GetUserTokenFromSessionId
>> failed with error 800704dd for session 0
>> 2008-10-29 16:24:48:357 556 dac COMAPI WARNING: Unable to listen to
>> self-update/shutdown event (hr=0X800704DD)
>> 2008-10-29 16:24:48:357 556 dac COMAPI WARNING: Unable to establish
>> connection to the service. (hr=800704DD)
0x800704DD ERROR_NOT_LOGGED_ON
The operation being requested was not performed because the user has not
logged on to the network. The specified service does not exist.
It appears that System has the Perms required in order to detect/install
updates and the local account being used does not.
There are 2 rrors shown here for errors that occur when scanning for
security updates with MBSA 2.1, but neither show 0x800704DD -
http://technet.microsoft.com/en-us/security/cc184922.aspx
Q: Why am I seeing error "An error occurred while scanning for security
updates. (0x8024402c)"?:
Q.Why am I seeing error "An error occurred while scanning for security
updates. (0x80244019)"?
Since this newsgroup deals with client-side issues with Windows Update,
perhaps you'd be better served posting this to either the WSUS or MBSA NGs.
Try WSUS first:
http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=microsoft.public.windows.server.update_services
MBSA (Security Baseline Analyzer)
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.security.baseline_analyzer&cat=en_US_c7babbb6-8955-4765-bd46-24111b893df4&lang=en&cr=US
I'd forward it to one of the above but you're using a Web-based
newsreader and may never find the thread <w>
MowGreen [MVP 2003-2009]
===============
*-343-* FDNY
Never Forgotten
===============
I think I didn't make myself very clear. We have made a vbscript that uses
the WindowsUpdate API to check if there're patches to install etc... We
launch this script via a LocalSystem Windows Service specifying a
username/password so we can access to a fileshare on the network. This worked
perfect untill version 7.2.6001.784. We were able to reproduce this problem
using MSBA and psexec so we could rule out our script and our Windows
Service. There is nothing "wrong" with the account. All works perfect in pre
7.2.6001.784 WindowsUpdate clients or when there is somebody logged in.
The script worked without someone being logged on in the previous V. of
the WUA ?
If you haven't seen this yet, suggest reading it and
" * Using the Windows Update Agent API
* WUA API Reference "
via the links on the bottom of the page:
http://msdn.microsoft.com/en-us/library/aa387099%28VS.85%29.aspx
There's a " Send comments about this topic to Microsoft " link at the
bottom of the above page, too.
MowGreen [MVP 2003-2009]
===============
*-343-* FDNY
Never Forgotten
===============
C:\tmp>psexec.exe \\*** -u Administrator -p *** cscript c:\tmp\test.vbs
PsExec v1.94 - Execute processes remotely
Copyright (C) 2001-2008 Mark Russinovich
Sysinternals - www.sysinternals.com
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
c:\tmp\test.vbs(166, 2) (null): The operation being requested was not performe
d because the user has not logged on to the network. The specified service does
not exist.
cscript exited on *** with error code 0.
---------------------------------------
In WindowsUpdate.log
2008-10-21 15:31:41:453 1132 f80 COMAPI ----------- COMAPI: IUpdateServiceManager::AddScanPackageService -----------
2008-10-21 15:31:41:453 1132 f80 COMAPI - ServiceName = Offline Sync Service
2008-10-21 15:31:41:453 1132 f80 COMAPI - ScanFileLocation = C:\WINDOWS\system32\wsusscan.cab
2008-10-21 15:31:41:468 480 c88 Service WARNING: GetUserTokenFromSessionId failed with error 800704dd for session 0
--------------------------------
----------------------------------
0x800704DD
-2147023651
Error_Not_Logged_On to network
2009-02-12 13:49:58:814 2340 dd8 Misc =========== Logging initialized
(build: 7.2.6001.788, tz: -0700) ===========
2009-02-12 13:49:58:814 2340 dd8 Misc = Process:
C:\WINDOWS\system32\cscript.exe
2009-02-12 13:49:58:814 2340 dd8 Misc = Module:
C:\WINDOWS\system32\wuapi.dll
2009-02-12 13:49:58:814 2340 dd8 COMAPI -------------
2009-02-12 13:49:58:814 2340 dd8 COMAPI -- START -- COMAPI: Search
[ClientId = <NULL>]
2009-02-12 13:49:58:814 2340 dd8 COMAPI ---------
2009-02-12 13:49:58:845 844 448 Service WARNING: GetUserTokenFromSessionId
failed with error 800704dd for session 0
2009-02-12 13:49:58:845 2340 dd8 COMAPI WARNING: Unable to listen to
self-update/shutdown event (hr=0X800704DD)
2009-02-12 13:49:58:861 2340 dd8 COMAPI WARNING: Unable to establish
connection to the service. (hr=800704DD)
2009-02-12 13:49:58:861 2340 dd8 COMAPI - WARNING: Exit code = 0x800704DD
2009-02-12 13:49:58:861 2340 dd8 COMAPI ---------
2009-02-12 13:49:58:861 2340 dd8 COMAPI -- END -- COMAPI: Search
[ClientId = <NULL>]
2009-02-12 13:49:58:861 2340 dd8 COMAPI -------------
2009-02-12 13:49:58:861 2340 dd8 COMAPI FATAL: Unable to perform synchronous
search. (hr=800704DD)
0x800703F0
-2147023888
ERROR_NO_TOKEN
An attempt was made to reference a token that does not exist