Event ID 1016 — WSHA Client Remediation

Applies To: Windows Server 2008

Remediation refers to the act or process of correcting a client configuration or software state that is not compliant with network health requirements. If Network Access Protection (NAP) policies are configured for automatic remediation, the Windows Security Health Agent (WSHA) will attempt to modify the client configuration to bring it into compliance with network health requirements.

For the WSHA, remediation of a client computer configuration depends on health requirements specified by the Windows Security Health Validator (WSHV) and the access of client computers to resources required to update and maintain their configuration to meet requirements of the WSHV.

Event Details

Product: Windows Operating System
ID: 1016
Source: Microsoft-Windows-SystemHealthAgent
Version: 6.0
Symbolic Name: MSSHA_EVENT_AU_REMEDIATION_FAIL
Message: Automatic remediation for Automatic Updates failed. Windows could not turn on Automatic Updates.
Failure Code: %1

Resolve

Enable the Windows Update service

This error condition indicates that the Windows Update service is not running, or that updates were not successfully installed. To resolve this condition, start the Windows Update service, and install the required updates.

To perform this procedure, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

To enable and use the Windows Update service:

  1. On the NAP client computer, click Start, click Run, type services.msc, and then press ENTER.
  2. In the console tree, double-click Windows Update.
  3. In the Windows Update Properties window, next to Startup type, choose Automatic.
  4. Under Service status, click Start.
  5. If the service has been started successfully, the service status will be displayed as Started. Click OK.
  6. On the NAP client computer, click Start, click Run, type wuapp.exe, and press ENTER.
  7. In the Windows Update window, click Check for updates.
  8. Download and install all required updates.

Verify

To verify that remediation was successful and the client computer is compliant with requirements of the WSHV:

  1. On the NAP client computer, click Start, point to All Programs, click Accessories, and then click Command Prompt.
  2. In the command window, type netsh nap client show state, and then press ENTER.
  3. In the command output, under System health agent (SHA) state, locate Windows Security Health Agent.
  4. Verify that the value of Remediation state is Success and not Could not update.
  5. Verify that the value of Fixup Message is The Windows Security Health Agent has finished updating its security state and not The Windows Security Health Agent failed to update the security state of this computer.

WSHA Client Remediation

NAP Infrastructure