Posted on

Add virtual machine host fails with error 20408

I recently had a problem adding a host to a VMM server – all the obvious things had been checked. WinRM was enabled, firewall rules were in place. Service account had admin rights and DNS was correct.

Still, every time I attempted to add the host an error occurred:

“Error (20408) VMM could not get the specified instance Microsoft:{668f165d-4dae-bcb6-5007ff1fc2e8} of class http://schemas.microsoft.com/wbem/wsman/1/wmi/root/standardcimv2/MSFT_NetAdapterRssSettingData on the server server.fqdn. The operation failed with error NO_PARAM”

In this instance, the server was a 2016 one which has been upgraded from 2012 R2. The fix was bizarre. Save all VMs and remove the vswitches so that only normal physical adapters remain and then recreate the vswitches. The config was identical but clearly, something behind the scenes was wrong and recreating the vswitches worked. Retrying the same job on VMM resulted in success and the host was added to VMM.

Posted on

WSUSpool keeps stopping and console shows reset node

I recently found myself in a situation where WSUS would only work for a few minutes or even seconds at a time. A restart or IISReset could bring it back for a few minutes but it would soon stop again. The Configuration manager console didn’t show any errors but it also could not see any new updates.

The event log contained this message:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Eventually the fix was to increase the amount of memory avaliable to the app pool from the default 1843200 KB – you could set this to 0 so there is no limit or to a higher sensible limit. After doing this and running an IISRESET the app pool remained running and I was able to syncronize new updates as well as service updates to clients.

To do this open up IIS and click the plus by your servername, then on “Application pools”. Next right click on WsusPool and then left click on “Advanced Settings”, then scroll down and locate the “Private Memory limit (KB)” near the bottom and edit this value to 0 or something higher.

Posted on

Meltdown – Patching centos

The patches are out for centos 5/6/7 and you can install them simply by the normal update command.

yum update

and then restarting.

To check the patches are installed run:

rpm -q –changelog kernel | egrep ‘CVE-2017-5715|CVE-2017-5753|CVE-2017-5754’

and make sure you have entries for all three CVE numers.