3

I've painted myself into a corner. I've just installed Service Pack 1 on a Windows 2008 R2 server that is hosted in a remote datacentre with no possibility of logging in with a 'real' screen and keyboard. SP1 seems to have broken Remote Desktop protocol (RDP), I get to the log-in screen, log in and briefly see the Welcome message, then the RDP session is terminated like so:

RDP session disconnect dialog

The service provider (OVH) has a virtual KVM thingy that is supposed to help out in this situation, but the server blue-screens when booting into that mode (it is some sort of virtual environment apparently). OVH engineers say that vKVM isn't supported for 2008 servers, so that tool is useless... almost. The one ray of hope is that I am able to boot the server into safe mode using vKVM and it doesn't blue-screen, but:

  • I can't uninstall the service pack because the server manager doesn't run in safe mode
  • I can't install VNC because Windows Installer doesn't run in safe mode
  • I can't install updates because Windows Update doesn't run in safe mode (anecdotal evidence suggests that installing further updates would have solved this issue).

There isn't a full system backup of this server because the backup system is based on FTP and it just wasn't feasible, so I can't simply restore from backup. All of the important data is backed up, however. So I have the option to rebuild the server from scratch, I'd really hope to avoid that though as the down time is undesirable.

Any suggestions on how I can paint myself back out of this corner without a full reinstall? e.g. is there some remote access software that can be installed in safe mode? Is there a known fix for RDP? Is there a way to roll back a service pack from safe mode?

Tim Long
  • 1,728
  • 1
  • 20
  • 41

1 Answers1

4

Okay.. had some coffee and thinking a little straighter. Deleting previous responses and providing better info:

The original release of the update from KB2667402 causes this issue. It notes in the known issues that applying SP1 after the update causes RDP issues.

The patch was re-released to address and correct the RDP issue.

So, you should be able to start the server up normally and remotely uninstall the original version of the patch via WMI

wmic /node:<SERVER> /user:<USER> process call create "powershell wusa /uninstall /kb:2667402 /quiet /forcerestart"

After uninstalling the KB and the subsequent forced restart, you should be able to RDP to the server again. At that point, you should be able to install the updated version of the same KB

Footnote: This did solve the problem but it wasn't necessary for me to use WMI remotely. I was able to boot into safe mode using the virtual KVM and use the WUSA command line directly to uninstall KB2667402. All was then working after a reboot. This allowed me to sidestep all the firewall and permissions issues associated with letting a remote user access WMI.

Tim Long
  • 1,728
  • 1
  • 20
  • 41
Rex
  • 7,815
  • 3
  • 28
  • 44
  • heck why not run the kb* via wmic – tony roth Jun 13 '12 at 17:11
  • or for that matter just restart rdp so see if that fixes things. – tony roth Jun 13 '12 at 17:12
  • Would make sense to run the KB via WMI - not thinking straight today. Don't think restarting RDP will work though. I just realized my command is wrong too as I have it uninstalling the KB that I just told him to install. LOL - gotta go correct it – Rex Jun 13 '12 at 17:13
  • also doesn't wusa use the msi process? – tony roth Jun 13 '12 at 17:16
  • yes, but you should be able to run this remotely with the server booted normally – Rex Jun 13 '12 at 17:17
  • 2
    hahah damn now I'm not thinking correctly!!! – tony roth Jun 13 '12 at 17:17
  • happens to the best of us tony.. :) – Rex Jun 13 '12 at 17:26
  • @Rex - this looks like an excellent suggestion. However I have to connect over a WAN and WMi gives me access denied. I think I may be able to change the WMI permissions and firewall rules in safe mode to overcome this, I will try it in an hour or so as I can't take the server offline during peak hours. Any advice on enabling WMI remote management? – Tim Long Jun 13 '12 at 17:41
  • @Rex plan b - I think it might be possible to uninstall an update from within safe mode, so I will try that before using the WMI suggestion. BTW I have +1'd your answer and will likely mark it as 'accepted' once the fix is applied. – Tim Long Jun 13 '12 at 17:57
  • Got it! I didn't need to use WMI. I was able to boot into safe mode using the virtual KVM and use the WUSA command line directly to uninstall KB2667402. Reboot and all sorted. Thanks Rex, you da man. – Tim Long Jun 13 '12 at 23:03