Win_updates fail with "Exception from HRESULT: 0x80072EE2"

[Milosz-Galecki-wttech]

SUMMARY

I'm using AWX to run ansbile, when I try to use win_updates on windows 2019 it failes no matter what state I use.

ISSUE TYPE

• Bug Report

COMPONENT NAME

win_updates

ANSIBLE VERSION

ansible [core 2.15.10]
  config file = None
  configured module search path = ['/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
  ansible collection location = /runner/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.18 (main, Jan 24 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True

COLLECTION VERSION

Collection      Version
--------------- -------
ansible.windows 2.3.0

OS / ENVIRONMENT

Windows Server 2019 Standard

STEPS TO REPRODUCE

- name: Check for missing updates
   ansible.windows.win_updates:
     state: searched
   register: update_search

EXPECTED RESULTS

{
  "changed": false,
  "reboot_required": false,
  "rebooted": false,
  "found_update_count": 2,
  "failed_update_count": 0,
  "installed_update_count": 0,
  "updates": {
    "2c6db99f-8d39-4580-8474-31c45fb79525": {
      "title": "Windows Malicious Software Removal Tool x64 - v5.122 (KB890830)",
      "kb": [
        "890830"
      ],
      "categories": [
        "Update Rollups",
        "Windows Server 2016",
        "Windows Server 2019",
        "Windows Server, version 1903 and later"
      ],
      "id": "2c6db99f-8d39-4580-8474-31c45fb79525",
      "downloaded": false,
      "installed": false
    },
    "6d2f24f2-b1c3-4581-acf3-f6da6293b984": {
      "title": "2024-03 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5035857)",
      "kb": [
        "5035857"
      ],
      "categories": [
        "Security Updates"
      ],
      "id": "6d2f24f2-b1c3-4581-acf3-f6da6293b984",
      "downloaded": false,
      "installed": false
    }
  },
  "filtered_updates": {
    "487c1462-373a-4651-86e2-699993710659": {
      "title": "2024-02 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5034682)",
      "kb": [
        "5034682"
      ],
      "categories": [
        "Microsoft Server operating system-21H2",
        "Updates"
      ],
      "id": "487c1462-373a-4651-86e2-699993710659",
      "downloaded": false,
      "installed": false,
      "filtered_reason": "category_names",
      "filtered_reasons": [
        "category_names"
      ]
    },
    "e048efc1-eaf7-4cbc-9f0d-37c2bdeab6ef": {
      "title": "Update for Microsoft Defender Antivirus antimalware platform - KB4052623 (Version 4.18.24020.7) - Current Channel (Broad)",
      "kb": [
        "4052623"
      ],
      "categories": [
        "Definition Updates",
        "Microsoft Defender Antivirus"
      ],
      "id": "e048efc1-eaf7-4cbc-9f0d-37c2bdeab6ef",
      "downloaded": false,
      "installed": false,
      "filtered_reason": "category_names",
      "filtered_reasons": [
        "category_names"
      ]
    }
  },
  "invocation": {
    "module_args": {
      "reject_list": null,
      "category_names": [
        "CriticalUpdates",
        "SecurityUpdates",
        "UpdateRollups"
      ],
      "reboot_timeout": 1200,
      "reboot": false,
      "server_selection": "default",
      "state": "searched",
      "accept_list": null,
      "skip_optional": false,
      "log_path": null
    }
  },
  "_ansible_no_log": false
}

ACTUAL RESULTS

{
  "changed": false,
  "reboot_required": false,
  "rebooted": false,
  "msg": "Searching for updates: Exception from HRESULT: 0x80072EE2 - Unknown WUA HRESULT 2147954402 (UNKNOWN 0x80072EE2)",
  "exception": "Exception from HRESULT: 0x80072EE2\r\nAt line:1496 char:21\r\n+                     throw $exp\r\n+                     ~~~~~~~~~~\r\n    + CategoryInfo          : OperationStopped: (:) [], COMException\r\n    + FullyQualifiedErrorId : Exception from HRESULT: 0x80072EE2\r\n \r\n\r\n\r\nat Invoke-AsyncMethod, <No file>: line 1496\r\nat Install-WindowsUpdate, <No file>: line 1733\r\nat <ScriptBlock>, <No file>: line 1989\r\nat Invoke-WithPipeOutput, <No file>: line 1005",
  "found_update_count": 0,
  "failed_update_count": 0,
  "installed_update_count": 0,
  "updates": {},
  "filtered_updates": {},
  "invocation": {
    "module_args": {
      "reject_list": null,
      "category_names": [
        "CriticalUpdates",
        "SecurityUpdates",
        "UpdateRollups"
      ],
      "reboot_timeout": 1200,
      "reboot": false,
      "server_selection": "default",
      "state": "searched",
      "accept_list": null,
      "skip_optional": false,
      "log_path": null
    }
  },
  "_ansible_no_log": false
}

[jborean93]

The error code here seems to be from WinINET WININET_E_TIMEOUT https://github.com/tpn/winsdk-10/blob/9b69fd26ac0c7d0b83d378dba01080e93349c2ed/Include/10.0.16299.0/shared/winerror.h#L57781-L57788

WinINET is the networking stack that WUA uses to download files and a timeout would indicate a connection problem with either the internal WSUS server (if configured) or trying to access the external Windows Update server from Microsoft. You'll have to figure out if your host is configured to talk to a WSUS server through one of its many group policy settings or if you don't have WSUS why it's unable to access the public Windows Update server. While the win_updates module has a setting to choose whether the managed server or Microsoft server is selected through server_selection it has no way of specifying an actual server and is reliant on your host to be configured correctly to talk to the server to get the updates.

[Milosz-Galecki-wttech]

Hi, It was a networking issue. I managed to resolve it.