Answered by:
WSUS, cloned Server 2008 machines and registry keys

Question
-
I am able to resolve issues with previous operating systems (XP, Vista, Server 2003) by running this script:
Net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
RMDIR %Windir%\SoftwareDistribution /Q /S
DEL %Windir%\WindowsUpdate.log /Q /F
net start wuauserv
wuauclt /resetauthorization /detectnow
The problem is that those registry keys don't exist in my Server 2008 x64 machines, so the script won't work on them. Our cloned servers are overwriting each other in WSUS, which then will only show the most recent machine to have checked in. The servers are getting their updates, but I don't have the reporting required for the auditors.
Does anyone know the location of the registry keys in Server 2008 necessary to delete to resolve this problem? Thank you in advance,
CameronWednesday, October 21, 2009 5:54 PM
Answers
-
I am able to resolve issues with previous operating systems (XP, Vista, Server 2003) by running this script:
Net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
RMDIR %Windir%\SoftwareDistribution /Q /S
DEL %Windir%\WindowsUpdate.log /Q /F
net start wuauserv
wuauclt /resetauthorization /detectnow
This is actually a legacy version of this script if you are using WSUS v3. The correct (current) version looks like this:
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientValidationId /f
wuauclt /resetauthorization /detectnow
The other commands in the legacy script are either no longer relevant, or were never appropriate for this task.
Particularly these two commands!!!
> RMDIR %Windir%\SoftwareDistribution /Q /S
> DEL %Windir%\WindowsUpdate.log /Q /F
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com- Marked as answer by Eric Zhang CHN Friday, November 13, 2009 6:51 AM
Wednesday, October 21, 2009 8:30 PM
All replies
-
I am able to resolve issues with previous operating systems (XP, Vista, Server 2003) by running this script:
Net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
RMDIR %Windir%\SoftwareDistribution /Q /S
DEL %Windir%\WindowsUpdate.log /Q /F
net start wuauserv
wuauclt /resetauthorization /detectnow
This is actually a legacy version of this script if you are using WSUS v3. The correct (current) version looks like this:
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientValidationId /f
wuauclt /resetauthorization /detectnow
The other commands in the legacy script are either no longer relevant, or were never appropriate for this task.
Particularly these two commands!!!
> RMDIR %Windir%\SoftwareDistribution /Q /S
> DEL %Windir%\WindowsUpdate.log /Q /F
Lawrence Garvin, M.S., MCITP:EA, MCDBA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com- Marked as answer by Eric Zhang CHN Friday, November 13, 2009 6:51 AM
Wednesday, October 21, 2009 8:30 PM -
Thanks for the prompt reply. This should help, and I will get my script cleaned up in the process.
It turns out that my original speculation was wrong. I was using regedit launched on my PC as an admin, and connecting to the remote registries of several other machines. Oddly enough, the key WindowsUpdate does not appear remotely on the Server 2008 machines, but it does on all other operating systems. This lead me to believe the key did not exist at that location, when it merely wasn't visible remotely.
If I RDP to the server itself, the key does appear in the exact spot one would expect it to. My newly cleaned up script should do the trick!
Thanks again for your time,
Cameron
Wednesday, October 21, 2009 11:08 PM -
Hey Guys,
I am having the same issue too... Where I have some cloned machines that are not showing up on the console/MMC. I know these machines are getting their updates because I check the logs on each machine and it shows up to date. My question is: Do you run this script on the client machines in question or do you run the script on the WSUS server?
Any help with this would be much appreciated.
Thanx,
Vic~Friday, December 18, 2009 2:02 PM -
Do you run this script on the client machines in question or do you run the script on the WSUS server?
On each client. The official documentation for this procedure is found in KB903262.
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.comFriday, December 18, 2009 11:43 PM