locked
WSUS, cloned Server 2008 machines and registry keys RRS feed

  • Question

  • I am able to resolve issues with previous operating systems (XP, Vista, Server 2003) by running this script:
    Net stop wuauserv
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
    RMDIR %Windir%\SoftwareDistribution /Q /S
    DEL %Windir%\WindowsUpdate.log /Q /F
    net start wuauserv
    wuauclt /resetauthorization /detectnow

    The problem is that those registry keys don't exist in my Server 2008 x64 machines, so the script won't work on them. Our cloned servers are overwriting each other in WSUS, which then will only show the most recent machine to have checked in. The servers are getting their updates, but I don't have the reporting required for the auditors.

    Does anyone know the location of the registry keys in Server 2008 necessary to delete to resolve this problem? Thank you in advance,
    Cameron
    Wednesday, October 21, 2009 5:54 PM

Answers

  • I am able to resolve issues with previous operating systems (XP, Vista, Server 2003) by running this script:
    Net stop wuauserv
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
    RMDIR %Windir%\SoftwareDistribution /Q /S
    DEL %Windir%\WindowsUpdate.log /Q /F
    net start wuauserv
    wuauclt /resetauthorization /detectnow

    This is actually a legacy version of this script if you are using WSUS v3. The correct (current) version looks like this:

    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientValidationId /f
    wuauclt /resetauthorization /detectnow

    The other commands in the legacy script are either no longer relevant, or were never appropriate for this task.

    Particularly these two commands!!!
    > RMDIR %Windir%\SoftwareDistribution /Q /S
    > DEL %Windir%\WindowsUpdate.log /Q /F



    Lawrence Garvin, M.S., MCITP:EA, MCDBA
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    My Blog: http://onsitechsolutions.spaces.live.com
    • Marked as answer by Eric Zhang CHN Friday, November 13, 2009 6:51 AM
    Wednesday, October 21, 2009 8:30 PM

All replies

  • I am able to resolve issues with previous operating systems (XP, Vista, Server 2003) by running this script:
    Net stop wuauserv
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
    RMDIR %Windir%\SoftwareDistribution /Q /S
    DEL %Windir%\WindowsUpdate.log /Q /F
    net start wuauserv
    wuauclt /resetauthorization /detectnow

    This is actually a legacy version of this script if you are using WSUS v3. The correct (current) version looks like this:

    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
    REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientValidationId /f
    wuauclt /resetauthorization /detectnow

    The other commands in the legacy script are either no longer relevant, or were never appropriate for this task.

    Particularly these two commands!!!
    > RMDIR %Windir%\SoftwareDistribution /Q /S
    > DEL %Windir%\WindowsUpdate.log /Q /F



    Lawrence Garvin, M.S., MCITP:EA, MCDBA
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    My Blog: http://onsitechsolutions.spaces.live.com
    • Marked as answer by Eric Zhang CHN Friday, November 13, 2009 6:51 AM
    Wednesday, October 21, 2009 8:30 PM
  • Thanks for the prompt reply. This should help, and I will get my script cleaned up in the process.

    It turns out that my original speculation was wrong. I was using regedit launched on my PC as an admin, and connecting to the remote registries of several other machines. Oddly enough, the key WindowsUpdate does not appear remotely on the Server 2008 machines, but it does on all other operating systems. This lead me to believe the key did not exist at that location, when it merely wasn't visible remotely.

    If I RDP to the server itself, the key does appear in the exact spot one would expect it to. My newly cleaned up script should do the trick!

    Thanks again for your time,
    Cameron


    Wednesday, October 21, 2009 11:08 PM
  • Hey Guys,

       I am having the same issue too... Where I have some cloned machines that are not showing up on the console/MMC.  I know these machines are getting their updates because I check the logs on each machine and it shows up to date.  My question is:  Do you run this script on the client machines in question or do you run the script on the WSUS server?

    Any help with this would be much appreciated. 
    Thanx,
    Vic~
    Friday, December 18, 2009 2:02 PM
  • Do you run this script on the client machines in question or do you run the script on the WSUS server?
    On each client. The official documentation for this procedure is found in KB903262.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    My Blog: http://onsitechsolutions.spaces.live.com
    Friday, December 18, 2009 11:43 PM