Solved

WSUS fix? Batch file needed to run once, then delete

Posted on 2007-11-15
13
5,955 Views
Last Modified: 2010-04-21
Hello all -

I have WSUS running - after updating to 3.0, I currently have about 93 clients that aren't checking in.

During the troubleshooting process - I found network connectivity to be present, all looks well. I then ran the batch file listed below on a PC - and then forced a gpupdate and the client started checking in and pulling updates no problem. HOwever, I do not have the time, nor does the network admin to actually touch every one of these PCs to run this.

@echo on
net stop wuauserv
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
wuauclt /resetauthorization /detectnow


I have this batch file in a public share \\suserver\share1  for example.

I would like to be able to have a script that runs, that copies this file to the local machines from the suserver- runs it - then deletes itself. Is this possible?
0
Comment
Question by:eulogy1211
  • 5
  • 5
  • 2
  • +1
13 Comments
 
LVL 4

Expert Comment

by:stea1mic
Comment Utility
Have you thought about adding it to your login scripts?
0
 

Author Comment

by:eulogy1211
Comment Utility
Yes - I have.

I was worried about it rerunning multiple times on the PCs - that's why I wanted it to be deleted after the batch file ran.

I also don't think it would make a difference on PCs that are working fine under WSUS (about 60 are OK) - so I was planning on linking it via GP to the entire computers OU. But still having it deleted would be nice.
0
 
LVL 4

Expert Comment

by:stea1mic
Comment Utility
We did a very basic check for something similar.  We wanted to uninstall SMS clients, but only once.  So we had it check for a text file on the c:\ drive and skip processing if it was there, else it did the job and then created the file.

@ echo off

IF EXIST c:\done.txt (
      goto exit
) ELSE (


echo Uninstall SCCM Client
\\server\share\ccmsetup.exe /uninstall

echo Uninstall SMS Adv Client
\\server\share\ccmclean.exe /all /q

echo Remove SCCM Install Client Directory
IF EXIST c:\windows\system32\ccmsetup (
    rmdir /s /q c:\windows\system32\ccmsetup
    echo done > c:\done.txt
) ELSE (
    echo done > c:\done.txt
    goto next
)

:next
echo Remove SMS Adv Client Directory
IF EXIST c:\windows\system32\ccm (
    rmdir /s /q c:\windows\system32\ccm
    echo done > c:\done.txt
) ELSE (
    echo done > c:\done.txt
    goto exit
)
)
:exit
echo Complete
0
 
LVL 38

Expert Comment

by:Shift-3
Comment Utility
You could also run the commands remotely using PsExec.
http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx
0
 
LVL 12

Accepted Solution

by:
chandru_sol earned 500 total points
Comment Utility
Hi,

The below script should work for you and it will also log the information in the common share. There is one more problem in WSUS is that if both machines have the same SID only one machine will show up.

Put this as the computer startup script as this solved the issues with 1000 machines in my network

This runs only once and documents the SID and machine name of all the machines and it creates a registry key called Client id Checked and if the reg key is present it will not run again

'Script starts here
'--------------------8<----------------------


' Folder that the script needs create/write access to, one file for
' each SusClientId will be created.
sFolderPath = "\\Server\share"


' Path and name of file where the script will log the name
' of the computers where the SusClientId is deleted by the script.
' This script is for administrator information only, it's content is
' not used by the script in any way.
' Using _ as first character in the name will cause it to be
' listed first in Explorer
sLogFilePath = sFolderPath & "\_ClientIdResetLog.txt"


Const OpenAsASCII      =  0
Const OverwriteIfExist = -1
Const ForAppending = 8


Set oShell = CreateObject("WScript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")
Set oWshNetwork = CreateObject("WScript.Network")


sRegKey = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate"


' Suppress error in case values does not exist
On Error Resume Next


' Check for registry marker
sIDChecked = oShell.RegRead(sRegKey & "\ClientIdChecked")
Err.Clear


' To be sure the script is run only once, test on marker
If sIDChecked <> "yes" Then


   SusClientId = ""   ' init value
   sSusClientId = oShell.RegRead(sRegKey & "\SusClientId")
   If sSusClientId <> "" And oFSO.FolderExists(sFolderPath) Then


     sFilePath = sFolderPath & "\" & sSusClientId & ".txt"


     If oFSO.FileExists(sFilePath) Then


       ' Another computer is using the same SusClientId, we need to
       ' clear out the registry values.


       ' delete values
       oShell.RegDelete sRegKey & "\AccountDomainSid"
       oShell.RegDelete sRegKey & "\PingID"
       oShell.RegDelete sRegKey & "\SusClientId"


       ' Stop and start the Automatic updates service
       oShell.Run "%SystemRoot%\system32\net.exe stop wuauserv", 0, True
       oShell.Run "%SystemRoot%\system32\net.exe start wuauserv", 0, True


       ' Run wuauclt.exe with resetauthorization
       sCmd = _
          "%SystemRoot%\system32\wuauclt.exe /resetauthorization /detectnow"
       oShell.Run sCmd, 0, True


       ' Create entry in log file.
       ' If script is not able to open the file for write access, it
       ' will give up after 5 seconds (10 loops)
       bUpdLogFinished = False
       iLoops = 0


       On Error Resume Next
       Do
         Err.Clear
         ' Open for appending
         Set fLogFile = oFSO.OpenTextFile(sLogFilePath, ForAppending, True)
         If Err.Number <> 0 Then
           ' Was not able to open the log file for writing
           ' Waiting 1/2 a second before trying again
           WScript.Sleep 500
         Else
           fLogFile.WriteLine Now & ", " & oWshNetwork.ComputerName
           fLogFile.Close
           bUpdLogFinished = True
         End If
         iLoops = iLoops + 1
       Loop Until bUpdLogFinished Or iLoops > 10


     Else
       ' No other computer have reported this SusClientId, we need
       ' to create a text file in the common folder using the SusClientId
       ' as file name. Putting the computer name inside the file.
       Set f = oFSO.CreateTextFile(sFilePath, OverwriteIfExist, OpenAsASCII)
       f.WriteLine oWshNetwork.ComputerName
       f.Close


     End If


   End If
   On Error Resume Next


   ' Create registry marker
   oShell.RegWrite sRegKey & "\ClientIdChecked", "yes"
End If
'--------------------8<----------------------


regards
Chandru
0
 

Author Comment

by:eulogy1211
Comment Utility
Thank you very much Chandru - I'm actually going on site Wednesday morning to attempt to implement this fix and hopefully have this resolved. I will then follow up with an update - once again thank you for your time, I appreciate it.
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
No worries. Let me know how you get on and if any help needed let me know

regards
Chandru
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Did you give this a try?

regards
Chandru
0
 

Author Comment

by:eulogy1211
Comment Utility
I did in fact get it deployed - set it up as a logon script under Group Policy - THe notepad files are all located in the share I specified - however - the clients are still not showing up in the SUS Console :(

I will award the points to you for your effort and help, however, not a resolution yet sadly.
0
 

Author Closing Comment

by:eulogy1211
Comment Utility
I must have a different issue then with WSUS, fix has been implemented - but still the same clients are not showing up in the sus console.
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
We will work to get the resolution

Did you find the machine SID in the share?

regards
Chandru
0
 

Author Comment

by:eulogy1211
Comment Utility
Could you help me clarify as to what part of the file name I'm looking at?

I have .txt documents for all clients that ran this script. Text within the document is obviously the hostname of the machine, from just skimming through real fast - I was looking at the first part of the subject - it appears all are unique - what exactly should I be looking  for?

I do really appreciate your help, Chandru! Thank you.
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
The text file will be the SID of the machine and the hostname will be the content of the text file

Can you delete the reg key client id checked in one of the machine which has got issues and see if that appears in the SUS once again?

No worries!

regards
Chandru
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

Suggested Solutions

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
I have published numerous articles here at Experts Exchange that present programs/scripts written in a language called AutoHotkey. Each of those articles has a brief paragraph describing where to download the product and how to install it. I have al…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video discusses moving either the default database or any database to a new volume.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now