[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 616
  • Last Modified:

New Desktops not showing up in WSUS

I have had WSUS running on my system for quite some time now and everything worked just fine.  About 2 months ago now I launched all brand new desktops for the company and I cannot get any of the desktops to show up in WSUS meaning I am not distributing any updates.  I tried running the detectnow command and that does not help.  I cannot figure out why my desktops are not registering to WSUS.  Does anyone have any idea upon why this is not working?

Thanks
0
mfehrmann
Asked:
mfehrmann
  • 8
  • 6
  • 5
  • +2
2 Solutions
 
bwalker1Commented:
Have you verified that the computer accounts are getting the GPO assigning the WSUS server?
0
 
brwwigginsCommented:
I would try going to the windows update site and see if there is a newer version of the client that needs to be downloaded. If there is download it and see if the desktops will start to appear in WSUS.
0
 
mfehrmannAuthor Commented:
I am almost positive that they are getting the correct GPO.  Is there a way to verify this?  Also I have tried going to Windows update.  I did that before I made the ghost for these machines.  
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Netman66Commented:
Were these imaged using Sysprep?

If you run GPRESULT, do you see the Group Policy applying that affect WSUS settings?

Let us know.
0
 
Giuseppe "Pino" De FrancescoSenior Solution ArchitectCommented:
Hiya,
if you open the client's Automatic Update applet (from Control Panel) what do you read?

Cheers
Pino
0
 
mfehrmannAuthor Commented:
Yes it says the Default Domain Policy was applied and that is where I have all the automatic update stuff configured.  Also when I go to the Automatic Update applet it is all greyed out and it says everyday at 3:00am which is what I want it to do.  I just can't see any of the computers when I go to the WSUS console.  
0
 
Giuseppe "Pino" De FrancescoSenior Solution ArchitectCommented:
0
 
Netman66Commented:
Try this on one PC:

Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
Delete the PingID, SUSClientID and the AccountDomainSID key values
Stop and start the Wuauserv Service
From the command prompt run: wuauclt /resetauthorization /detectnow

Give it some time and report back whether you see it now.

Also check permissions on the Self Update virtual server - anonymous access must be allowed.


0
 
mfehrmannAuthor Commented:
OK this is what I found so far and this is really odd.  If I go up to one of my new workstation and run the wuauclt.exe /detectnow the workstation will find the WSUS server and the updates ready icon in the system tray will pop up and want to install the updates.  

When I look at the WSUS console the workstation shows up.  

Ok now if I go to another workstation and do the same thing the workstation will update but when I go to the WSUS server the first workstation that I got to show up is now gone and the last workstation I ran the command on is now there.

 Basically I can only add one at a time and the previous one disappears.  What is going on here?
0
 
Giuseppe "Pino" De FrancescoSenior Solution ArchitectCommented:
It seems that your workstations are made all from the same ghost image... same Windows Unique Identifier.... Call your supplier, you've paid for a lot of licences but got only one cloned many times.

Cheers
Pino
0
 
mfehrmannAuthor Commented:
Actually I am the one that ghosted these machines from one machine.  Is there a way to change the Windows unique ID
0
 
Giuseppe "Pino" De FrancescoSenior Solution ArchitectCommented:
Also if such a method exist, explain it is against this site rules AND against the law. I agree that Microsoft is quite expensive, that's why I suggest to install linux instead... but is hard to get people convinced.

The only solution you have is to buy the licences. To mae many clones from a single HD you have to buy an OEM licence... then build up your distribution HD and... buy OEM licensc codes ;)

Cheers
Pino
0
 
Netman66Commented:
Huh?  

Anyway, I asked that before - if you imaged them all using Sysprep.  The answer is NO.

Remove each PC from the Domain by putting it into a Workgroup.
Delete the computer account from AD.

Download and extract Sysprep.
Create a folder on each PC on the root of C: called "Sysprep".
Copy the tools into this folder (the ones you downloaded).
Go Start>Run>c:\sysprep\sysprep.exe
Wait for it to shut down the PC.

Restart the PC.
Follow the Wizard.
Rejoin the domain.

When you image a workstation, you MUST run Sysprep before you create the master Ghost image - all your computers now share the same SID...



0
 
mfehrmannAuthor Commented:
I own more than enough licenses.  I did it this way so I could get all the software on the machines that I needed.  I was told from Microsoft myself that this would be OK for me.  I will try what Netman66 suggested and see how that goes.  Where do I download sysprep from?  Is that right from Microsoft?
0
 
mfehrmannAuthor Commented:
So when should I take the image from the machine?  I should do it right after I run the sysprep.exe?
0
 
Netman66Commented:
Yes.  Right after Sysprep is run and it shuts down.  Boot with a DOS Disk with network support, Ghost to a network share.

0
 
mfehrmannAuthor Commented:
Ok I see.  I also found a way easier way to generate new SID's and it is for people like me who did not run sysprep.  It is call newsid and is made my sysinternals.  It works great and all by itself.  Just generates the new SID and reboots itself.  Now my PC's are showing up in my WSUS server.  I guess that was the problem the whole time.  Thanks everyone for your help and I am going to divide up the points here.

Thanks
0
 
Netman66Commented:
Keep in mind, that if you run into problems and require a call to Microsoft, that they will not support the method you used to regenerate the SID.  I'm not saying it doesn't work, just that MS won't support it.

Good job.

0
 
mfehrmannAuthor Commented:
I have never called microsoft for desktop support and hope I dont have to.  Again thank you for your help!!!  You have solved a two month problem here.  I guess maybe I should have called microsoft on this one huh. :)
0
 
Netman66Commented:
You're a bugger for punishment, aren't you!  :o)

0

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

  • 8
  • 6
  • 5
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now