WSUS repair and refresh as a backup

(imported topic written by SmearODeer91)

Ok I Know I’m not the only one out there running both systems both as a backup to Check BigFix and to cover pathcing those office installs you have not had time to fix. Who Can argue? Its cheap and Free :slight_smile:

First I noticed my new virtual machines and their Imaged based hardware counter parts were not coming into WSUS. This was well documented in Microsoft land and User groups. (Long and short: Poor image creation allowed Automatic Update server to be run and thus creat annoying regkeys that niether sysprep or SID Changers will fix. You have all done this with Bigfix client deploy for your image creation so should not be Very new.)

2nd I Created a Task to allow for automatic repair accross the 15000 plus clients. I Did Not Test on The 64bit as those are always built from Source media in our enviroment (Only 10) And not on 2008 as they are built from a depoyment server with scripted installs.

// Reset WSUS Client

delete __appendfile

delete netquiet.bat

appendfile @ECHO OFF

appendfile start “” /min /b net %1 %2 > NUL 2> NUL

move __appendfile netquiet.bat

wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” netquiet.bat stop “wuauserv”

wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” netquiet.bat stop “BITS”

regdelete "

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

" “PingID”

regdelete "

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

" “AccountDomainSid”

regdelete "

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

" “SusClientId”

regdelete "

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

" “SusClientIdValidation”

wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” netquiet.bat start “wuauserv”

wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” netquiet.bat start “BITS”

delete __appendfile

delete netquiet.bat

waithidden cmd.exe /C wuauclt /resetauthorization /detectnow

regset "

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate

" “WSUSFix”=dword:00000001

You Will Notice I Created a test value inthe Reistry for the Relavance. Ic an be incremented as Needed.

Relevance looks like…

((((name of operating system as lowercase starts with “win”) AND ((language of version block of file “kernel32.dll” of system folder contains “English”) OR (exists value of key “HKLM\System\CurrentControlSet\Control\Nls\MUILanguages” of registry))) AND (not exists key “HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion” whose (exists value “ProductId” of it OR exists value “CommonFilesDir” of it) of registry AND not exists values “PROCESSOR_ARCHITECTURE” whose (it as string as lowercase = “ia64”) of keys “HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment” of registry)) AND ((name of it = “Win2000” OR name of it = “WinXP” OR name of it = “Win2003”) of operating system) AND (not exist key “HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate” whose (exists value “WSUSFix” whose (it as string = “1”) of it) of registry))

3rd I Cleared my WSUS Machine by selecting all and Deleting.

4th I Delpoyed my TASK “TROUBLESHOOTING: WSUS Client Fix. (Clients not Reporting in WSUS)”

5th I Built another TASK to allow for forced updates after I Make Changes in AD to the policies. Its Called “TROUBLESHOOTING: WSUS Client side forced status update.” And Looks Like this…

// WSUS Update

waithidden cmd.exe /C wuauclt /detectnow

Relevance looks like…

(name of operating system as lowercase starts with “win”)

Thought someone out there could find some of this usefull

Bob