My Windows Server Update Services on Server 2012 R2 has had some availability issues over the past few months. The unreliability really picked up in frequency in the past month. It made the problem more apparent to its clients but easier to troubleshoot at the same time. Clients checking for Windows Updates would quickly error out with a code 0x80244021 which indicates the inability to reach WSUS. This was confirmed by clients being able to “check online for updates from Microsoft Update” successfully. The event log on the server logged a variety of errors which basically said different elements of WSUS were unavailable.
The fastest resolution to make Windows Updates from WSUS work again was just a reboot of the server. When the frequency picked up, I was able to catch one of the instances and do a bit of troubleshooting. I found the WSUS services were reporting fine though I was unable to get into the console on the server. If I performed an ‘iisreset’ command, everything started working again. This helped by speeding up the resolution and narrowing the problem down to IIS.
Researching the issue, I found a thread reporting similar issues. The main symptom was that the IIS Worker Process was consuming more RAM than what was available to it. The default limit is set to 1843200KB or 1.8GB. An IIS Worker Process was using over 2GB of RAM when the problem would occur.
My server had more RAM available so the solution was to raise the amount of memory available to IIS. To do so, launch Internet Information Services.
Expand your server and choose Application Pools.
Right-click the WsusPool and choose Advanced Settings.
When the Advanced Settings window opens up find the Recycling section near the bottom. Change Private Memory Limit (KB) to a higher number that fits your server specifications or ‘0’, which means no limit, instead of the hard-coded 1843200.
Hit OK.
Back under Application pools, right-click on the WsusPool again and choose ‘Recycle…’.
Since implementing this change, WSUS has been available consistently through the console and clients checking for new updates.