Windows Server 2008R2 & windows server 2012 R2
Pubcn Net 发布于 服务器 5月 28,2009

Windows Update fails with 8000FFFF (E_UNEXPECTED)

Quick Solution:  Check the permissions on  the root of C: and ensure that BUILTINUsers have Read access.

Long Story:

8000FFFF == E_UNEXPECTED, not very helpful…

Had a client where windows update was continually failing with the error code 8000FFFF.  When looking in the Windows Update log we’d see errors like this:

WARNING: PTError: 0x80248014
Handler FATAL: CBS called Error with 0x8000ffff, <— Checked the CBS.log file but that didn’t give any clues.
Handler FATAL: Error source is 106.
DnldMgr Error 0x8000ffff occurred while downloading update; notifying dependent calls.
AU        # WARNING: Download failed, error = 0x8000FFFF
AU        # WARNING: Download failed, error = 0x8000FFFF
AU      WARNING: BeginInteractiveInstall failed, error = 0x8024000C
CltUI   WARNING: AU directive Interactive Progress is exiting due to error 8024000C

 

And in the event viewer upon each run we’d see these events:

Log Name:      Application
Source:        ESENT
Date:          7/2/2008 3:05:16 PM
Event ID:      491
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      XXXX
Description:
Catalog Database (1560) Catalog Database: An attempt to determine the minimum I/O block size for the volume “C:” containing “C:Windowssystem32CatRoot2” failed with system error 5 (0x00000005): “Access is denied. “.  The operation will fail with error -1032 (0xfffffbf8).

Log Name:      Application
Source:        Microsoft-Windows-CAPI2
Date:          7/2/2008 3:05:16 PM
Event ID:      257
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      XXXX
Description:
The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032.

 

 

 

 

 

After seeing this data I did a stare and compare between my root permissions and his and found that he’d modified the c: permissions on his system:

His machine:
c:tempxcacls c:
C: NT AUTHORITYSYSTEM:(OI)(CI)F
    BUILTINAdministrators:(OI)(CI)F

Mine:
C:>xcacls c:
c: BUILTINAdministrators:F
    BUILTINAdministrators:(OI)(CI)(IO)F
    NT AUTHORITYSYSTEM:F
    NT AUTHORITYSYSTEM:(OI)(CI)(IO)F
    BUILTINUsers:(OI)(CI)R <— This is the key one missing that was causing the headache.
    NT AUTHORITYAuthenticated Users:(OI)(CI)(IO)C
    NT AUTHORITYAuthenticated Users:(special access:)
                                     FILE_APPEND_DATA

The Cryptographic Services runs under “Network Service” which would require Users to have read access.  I added BUILTINUsers with read access to C and all worked again.

Hopefully this post will guide others with similar issues to the solution quickly.

我曾因为在windows server 2008下面修改系统盘权限多次遇到这个问题,搜索了很多解决办法,根本不管用,上面的解决办法我已经试过,绝对可以解决这个update问题!

目前共 0 条评论