Events
Apr 29, 2 PM - Apr 30, 7 PM
Join the ultimate Windows Server virtual event April 29-30 for deep-dive technical sessions and live Q&A with Microsoft engineers.
Sign up nowThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Use the following steps to migrate the WSUS database (SUSDB) from a Windows Internal Database instance to a Local or Remote instance of SQL Server.
From PowerShell (elevated), run:
Stop-Service IISADMIN
Stop-Service WsusService
Important
These steps show how to detach the WSUS database (SUSDB) from the Windows Internal Database instance by using the sqlcmd utility. For more information about the sqlcmd utility, see sqlcmd Utility.
sqlcmd -S \\.\pipe\Microsoft##WID\tsql\query
use master
GO
alter database SUSDB set single_user with rollback immediate
GO
sp_detach_db SUSDB
GO
Tip
For example, if your SQL Instance Folder is C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL, and the WID Data folder is C:\Windows\WID\Data, copy the SUSDB files from C:\Windows\WID\Data to C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Data
Tip
This is also able to be done using Transact-Sql. Please see the SQL documentation for attaching a database for its instructions.
Example (using paths from previous example):
USE master;
GO
CREATE DATABASE SUSDB
ON
(FILENAME = 'C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Data\SUSDB.mdf'),
(FILENAME = 'C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Log\SUSDB_Log.ldf')
FOR ATTACH;
GO
After attaching the SUSDB, verify that NT AUTHORITY\NETWORK SERVICE has login permissions to the instance of SQL Server by doing the following:
The NT AUTHORITY\NETWORK SERVICE account should be listed. If it is not, you need to add it by adding New Login Name.
Important
If the SQL Instance is on a different machine from WSUS, the WSUS Server's computer account should be listed in the format [FQDN]\[WSUSComputerName]$. If not, the steps below can be used to add it, replacing NT AUTHORITY\NETWORK SERVICE with the WSUS Server's computer account ([FQDN]\[WSUSComputerName]$) This would be in addition to granting rights to NT AUTHORITY\NETWORK SERVICE
You should now see NT AUTHORITY\NETWORK SERVICE under Logins.
The NT AUTHORITY\NETWORK SERVICE account should be listed.
If it is not, add the account.
On the Login name textbox, enter the WSUS machine in the following format:
[FQDN]\[WSUSComputerName]$
Verify that the Default database is set to SUSDB.
Tip
In the following example, the FQDN is Contosto.com and the WSUS machine name is WsusMachine:
On the User Mapping page, select the SUSDB Database under Users mapped to this login
Check webservice under the Database role membership for: SUSDB:
Click OK to save settings.
Note
You may need to restart the SQL Service for the changes to take effect.
Important
Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.
Click Start, click Run, type regedit, and then click OK.
Locate the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UpdateServices\Server\Setup\SqlServerName
In the Value text box, type [ServerName]\[InstanceName], and then click OK. If the instance name is the default instance, type [ServerName].
Locate the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Update Services\Server\Setup\Installed Role Services\UpdateServices-WidDatabase
Rename the Key to UpdateServices-Database
Note
If you do not update this key, then WsusUtil will attempt to service the WID rather than the SQL Instance to which you have migrated.
From PowerShell (elevated), run:
Start-Service IISADMIN
Start-Service WsusService
Note
If you are using the WSUS Console, close and restart it.
Warning
Removing the WID role also removes a database folder (%SystemDrive%\Program Files\Update Services\Database) that contains scripts required by WSUSUtil.exe for post-installation tasks. If you choose to uninstall the WID role, make sure you back up the %SystemDrive%\Program Files\Update Services\Database folder beforehand.
Using PowerShell:
Uninstall-WindowsFeature -Name 'Windows-Internal-Database'
After the WID role is removed, verify that the following registry key is present: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Update Services\Server\Setup\Installed Role Services\UpdateServices-Database
Events
Apr 29, 2 PM - Apr 30, 7 PM
Join the ultimate Windows Server virtual event April 29-30 for deep-dive technical sessions and live Q&A with Microsoft engineers.
Sign up nowTraining
Module
Migrate Windows Server roles - Training
Learn how to install and use the Windows Server Migration Tools cmdlets to migrate commonly used server roles from earlier versions of Windows Server.
Certification
Microsoft Certified: Azure Database Administrator Associate - Certifications
Administer an SQL Server database infrastructure for cloud, on-premises and hybrid relational databases using the Microsoft PaaS relational database offerings.