locked
Deleted machine showing up as still needing updates RRS feed

  • Question

  • Hello,

    I am new to WSUS and still trying to figure things out. I have deleted a machine from WSUS 3.2 as it is has been retired. I have a bunch of updates that say needed by one computer. That one computer is the one I have deleted. Is there a way to get these updates to reflect that the machine has been deleted?

    Friday, February 9, 2018 4:33 PM

All replies

  • Remove That Machine Again from WSUS Console.

    Anyway If you have configure Client side Target, You have to delete that Computer Object from AD also...

    Furthermore.... Please update Your WSUS upto latest patch level.

    Then Remove Sever from console and add WSUS Server into WSUS console after rebooting WSUS server and let me know the stsus

    Friday, February 9, 2018 11:10 PM
  • The issue you have is about WSUS Maintenance. Simply stated - you aren't doing it. Not that you know about doing it or what not because you're new to WSUS, but this is the reason why you're seeing your issues.

    As mentioned by Udara, since the machine was removed from AD - the device should be removed from WSUS - either manually, or by other methods. One of the 'tools' that Microsoft has is the Server Cleanup Wizard (SCW). The unfortunate part to this tool is that it's not very good, however it WILL remove computer objects that have not reported into WSUS within 30 days. The downside, is that this SCW has to be run Manually.

    This answers your question directly, but now I'm going to open your eyes to a new possibility as there are many more things that SHOULD be done by a WSUS Administrator that are not documented well. WAM does them all for you!

    Please have a look at the WSUS Automated Maintenance (WAM) system. It is an automated maintenance system for WSUS, the last system you'll ever need to maintain WSUS!

    https://community.spiceworks.com/scripts/show/2998-wsus-automated-maintenance-formerly-adamj-clean-wsus

    What it does:

    1. Add WSUS Index Optimization to the database to increase the speed of many database operations in WSUS by approximately 1000-1500 times faster.
    2. Remove all Drivers from the WSUS Database (Default; Optional).
    3. Shrink your WSUSContent folder's size by declining multiple types of updates including by default any superseded updates, preview updates, expired updates, Itanium updates, and beta updates. Optional extras: Language Packs, IE7, IE8, IE9, IE10, Embedded, NonEnglishUpdates, ComputerUpdates32bit, WinXP.
    4. Remove declined updates from the WSUS Database.
    5. Clean out all the synchronization logs that have built up over time (configurable, with the default keeping the last 14 days of logs).
    6. Compress Update Revisions.
    7. Remove Obsolete Updates.
    8. Computer Object Cleanup (configurable, with the default of deleting computer objects that have not synced within 30 days).
    9. Application Pool Memory Configuration to display the current private memory limit and easily set it to any configurable amount including 0 for unlimited. This is a manual execution only.
    10. Checks to see if you have a dirty database, and if you do, fixes it. This is primarily for Server 2012 WSUS, and is a manual execution only.
    11. Run the Recommended SQL database Maintenance script on the actual SQL database.
    12. Run the Server Cleanup Wizard.

    It will email the report out to you or save it to a file, or both.

    Although the script is lengthy, it has been made to be super easy to setup and use so don't over think it. There are some prerequisites and instructions at the top of the script. After installing the prerequisites and configuring the variables for your environment (email settings only if you are accepting all the defaults), simply run:

    .\Clean-WSUS.ps1 -FirstRun

    If you wish to view or increase the Application Pool Memory Configuration, or run the Dirty Database Check, you must run it with the required switch. See Get-Help .\Clean-WSUS.ps1 -Examples

    If you're having trouble, there's also a -HelpMe option that will create a log so you can send it to me for support.


    Adam Marshall, MCSE: Security
    http://www.adamj.org
    Microsoft MVP - Windows and Devices for IT

    Saturday, February 10, 2018 6:55 PM
  • Hi,

    Please try to run the following command to see if it still exists (please change the "Client_Name" ):

    $wsus.getcomputertargets() | where {$_.fulldomainname -eq "client_name"}

      

    Best Regards,

    Elton


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    • Edited by Elton_Ji Monday, February 12, 2018 3:12 AM
    Monday, February 12, 2018 3:11 AM
  • Thanks you all for your responses. It turns out someone put that old machine back on the network. I didn't even bother to ping it first time around because I thought it had been scrapped when it was retired. I appreciate all the answers thoough and am sure they will come in handy going down the road.
    • Proposed as answer by Elton_Ji Tuesday, February 13, 2018 2:35 AM
    Monday, February 12, 2018 4:37 PM
  • Hi Nick,

    Thank you for the feedback.

    Refer this WSUS troubleshooting guidance for future troubleshooting..

    https://gallery.technet.microsoft.com/office/Troubleshooting-WSUS-d63da113

    Monday, February 12, 2018 4:58 PM