Solved

WSUS - Clients not updating

Posted on 2008-10-22
15
4,086 Views
Last Modified: 2012-08-14
I have sucessfully installed WSUS 3.1 and am able to see "most" of the computers on my network. I have set up so that GPO forces the computers to update daily at 10am but nothing seems to happen. I have synchronized my WSUS server and approved a number of updates but when the time comes for computers to update, nothing happens with them. All of my computers are running Windows XP SP2 and have the latest Windows Update client.

I'm not sure if there is some GPO set that would disallow the computers to update or not and am hoping someone can give me some things to look at to troubleshoot this.
0
Comment
Question by:jb61264
  • 10
  • 5
15 Comments
 
LVL 4

Expert Comment

by:lawson2305
ID: 22777646
Have you verified these settings are being set on these workstations?

Check:
REGEDIT
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]

The other thing is if we could see your C:\WINDOWS\windowsupdate.log

Look for something like this:
      d04      DnldMgr      *************
      d04      DnldMgr      ** START **  DnldMgr: Downloading updates [CallerId = AutomaticUpdates]
      d04      DnldMgr      *********




               DnldMgr        * All files for update were already downloaded and are valid.
      b28      AU      >>##  RESUMED  ## AU: Download update [UpdateId = {34B52415-A5BA-41E9-8072-9D2DEE8B22A9}, succeeded]
      b28      AU      #########
      b28      AU      ##  END  ##  AU: Download updates
      b28      AU      #############
      b28      AU      Setting AU scheduled install time to 2008-09-04 02:00:00
      b28      AU      AU setting pending client directive to 'Install Approval'

You can see in this log where the download starts.  You can then see if it errors on the download and if successful will enter an install time as you see at the bottom.
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22777771
Sorry to add more but in WSUS if you right click on the approved update and select "status report" this will also give you some details to what is going on.  This will show you if any clients have downloaded the update and so on.  You can then see the list of computers this is set for and should show:
Status of:
Failed
Not Installed
Downloaded

If you are getting the GPO settings in that area then here is how you fix 99% of all wsus updating issues.
-----------------------------------------------------------------------
Click START, Choose Run
In the Run box, type "services.msc" (without the quotes)
Click OK
Right click the Automatic Updates service,
Click stop.
Stopping the service will take a moment.

Or

net stop wuauserv

Rename the "SoftwareDistribution" folder :
a. Click Start, click Run, type "%systemroot%" (without the quotes" and then click OK.
b. Right click the SoftwareDistribution folder, and then click Rename
c. Type SoftwareDistribution.old, and then press ENTER to rename this folder.

Good to rename windowsupdate.log file at this time also so you can see a fresh log.

Click START, Choose Run
In the Run box, type "services.msc." (without the quotes)
Click OK
Right -click the Automatic Updates service
Click Start.
Starting the service will take a moment.

Or

net start wuauserv

wuauclt /detectnow
----------------------------------------------------------------------------------------
If you image your machines in anyway(Ghost, RIS using riprep):
create a batch file to do this or execute each step on the client manually:
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f
net start wuauserv
wuauclt.exe /resetauthorization /detectnow
----------------------------------------------------------------------------------------
0
 

Author Comment

by:jb61264
ID: 22777839
In [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] the following are set:

(Default) - (value not set)
ElevateNonAdmins - 0x0000000 (0)
WUServer - http://bpdf9
WUStatusServer - http://bpdf9

In [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] the following are set:

(Default)  -  (value note set)
AUOptions  -  0x0000000 (4)
NoAutoRebootWithLoggedOnUsers  -  0x000000 (1)
NoAutoUpdate  -  0x0000000 (0)
ScheduledInstallDay  -  0x0000000 (0)
ScheduledInstallTime  -  0x0000000 (10)
UseWUServer  -  0x00000000 (1)

These were the settings on one of the clients I checked and have been "testing with

Here is the windowsupdate log file for the last three days (looks like the clients are having trouble connecting?):

2008-10-20      02:01:01:268      1448      28c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-20      02:01:01:268      1448      28c      Misc        = Process: C:\Program Files\Windows Defender\MpCmdRun.exe
2008-10-20      02:01:01:268      1448      28c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-20      02:01:01:268      1448      28c      COMAPI      -------------
2008-10-20      02:01:01:268      1448      28c      COMAPI      -- START --  COMAPI: Search [ClientId = Windows Defender]
2008-10-20      02:01:01:268      1448      28c      COMAPI      ---------
2008-10-20      02:01:01:283      1448      28c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-20      02:01:01:283      1448      28c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-20      02:01:01:283      1448      28c      COMAPI        - WARNING: Exit code = 0x80070422
2008-10-20      02:01:01:283      1448      28c      COMAPI      ---------
2008-10-20      02:01:01:283      1448      28c      COMAPI      --  END  --  COMAPI: Search [ClientId = <NULL>]
2008-10-20      02:01:01:283      1448      28c      COMAPI      -------------
2008-10-20      02:01:01:283      1448      28c      COMAPI      FATAL: Unable to initiate asynchronous search, hr=80070422
2008-10-20      02:01:01:299      1448      28c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-20      02:01:01:299      1448      28c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-21      02:01:01:262       392      67c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      02:01:01:278       392      67c      Misc        = Process: C:\Program Files\Windows Defender\MpCmdRun.exe
2008-10-21      02:01:01:278       392      67c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-21      02:01:01:262       392      67c      COMAPI      -------------
2008-10-21      02:01:01:278       392      67c      COMAPI      -- START --  COMAPI: Search [ClientId = Windows Defender]
2008-10-21      02:01:01:278       392      67c      COMAPI      ---------
2008-10-21      02:01:01:278       392      67c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-21      02:01:01:278       392      67c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-21      02:01:01:278       392      67c      COMAPI        - WARNING: Exit code = 0x80070422
2008-10-21      02:01:01:278       392      67c      COMAPI      ---------
2008-10-21      02:01:01:278       392      67c      COMAPI      --  END  --  COMAPI: Search [ClientId = <NULL>]
2008-10-21      02:01:01:278       392      67c      COMAPI      -------------
2008-10-21      02:01:01:278       392      67c      COMAPI      FATAL: Unable to initiate asynchronous search, hr=80070422
2008-10-21      02:01:01:278       392      67c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-21      02:01:01:278       392      67c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-21      15:55:23:743      3480      f9c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      15:55:23:758      3480      f9c      Misc        = Process: C:\Program Files\Internet Explorer\iexplore.exe
2008-10-21      15:55:23:758      3480      f9c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-21      15:55:23:743      3480      f9c      Misc      wuauserv is disabled
2008-10-21      16:24:49:322       536      bb0      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      16:24:49:322       536      bb0      Misc        = Process: \??\C:\WINDOWS\system32\winlogon.exe
2008-10-21      16:24:49:322       536      bb0      Misc        = Module: C:\WINDOWS\system32\wuaueng.dll
2008-10-21      16:24:49:322       536      bb0      Shutdwn      FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF
2008-10-21      22:01:30:406      3380      e00      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      22:01:30:421      3380      e00      Misc        = Process: C:\Program Files\Internet Explorer\iexplore.exe
2008-10-21      22:01:30:421      3380      e00      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-21      22:01:30:406      3380      e00      Misc      wuauserv is disabled
2008-10-22      02:11:01:370      1872      92c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-22      02:11:01:386      1872      92c      Misc        = Process: C:\Program Files\Windows Defender\MpCmdRun.exe
2008-10-22      02:11:01:386      1872      92c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-22      02:11:01:370      1872      92c      COMAPI      -------------
2008-10-22      02:11:01:386      1872      92c      COMAPI      -- START --  COMAPI: Search [ClientId = Windows Defender]
2008-10-22      02:11:01:386      1872      92c      COMAPI      ---------
2008-10-22      02:11:01:386      1872      92c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-22      02:11:01:386      1872      92c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-22      02:11:01:386      1872      92c      COMAPI        - WARNING: Exit code = 0x80070422
2008-10-22      02:11:01:386      1872      92c      COMAPI      ---------
2008-10-22      02:11:01:386      1872      92c      COMAPI      --  END  --  COMAPI: Search [ClientId = <NULL>]
2008-10-22      02:11:01:386      1872      92c      COMAPI      -------------
2008-10-22      02:11:01:386      1872      92c      COMAPI      FATAL: Unable to initiate asynchronous search, hr=80070422
2008-10-22      02:11:01:401      1872      92c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-22      02:11:01:401      1872      92c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-22      09:45:45:701       536      4cc      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-22      09:45:45:717       536      4cc      Misc        = Process: \??\C:\WINDOWS\system32\winlogon.exe
2008-10-22      09:45:45:717       536      4cc      Misc        = Module: C:\WINDOWS\system32\wuaueng.dll
2008-10-22      09:45:45:701       536      4cc      Shutdwn      FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF

0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22778684
Ok so this is your wsus server http://bpdf9

Here is what I would look more into:
wuauserv is disabled

open services.msc
Go to "Automatic Updates"
make sure it is set to Automatic and STARTED.

Looks like the update service is not running.
0
 

Author Comment

by:jb61264
ID: 22779191
It is set to Automatic and Started on the server...please note that the log file I posted above was from a client and not the WSUS server.

Here's my most recent log entries after trying your first suggestions:


2008-10-22	11:14:12	3108	c28	Misc	===========  Logging initialized (build: 5.8.0.2694, tz: -0500)  ===========

2008-10-22	11:14:12	3108	c28	Misc	  = Process: c:\fa99c73048124fc438f1fc\wusetup.exe

2008-10-22	11:14:12	3108	c28	Setup	Windows Update Client standalone setup : resource dll path is c:\fa99c73048124fc438f1fc\en\wusetupr.dll

2008-10-22	11:14:12	3108	c28	Setup	***********  Setup: Checking whether self-update is required  ***********

2008-10-22	11:14:12	3108	c28	Setup	  * Inf file: c:\fa99c73048124fc438f1fc\wusetup.inf

2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\cdm.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update required for C:\WINDOWS\system32\iuengine.dll: target version = 5.4.3790.2180, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuapi.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuauclt.exe: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update required for C:\WINDOWS\system32\wuauclt1.exe: target version = 5.4.3790.2180, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuaucpl.cpl: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuaueng.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:12	3108	c28	Setup	Update required for C:\WINDOWS\system32\wuaueng1.dll: target version = 5.4.3790.2180, required version = 5.8.0.2694

2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wucltui.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wups.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wups2.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuweb.dll: target version = 7.0.6000.381, required version = 5.8.0.2694

2008-10-22	11:14:13	3108	c28	Setup	  * IsUpdateRequired = Yes

2008-10-22	11:14:13	3108	c28	Setup	Windows Update Client standalone setup : eula file path is c:\fa99c73048124fc438f1fc\en\eula.rtf

2008-10-22	11:14:19	3108	c30	Setup	*************

2008-10-22	11:14:19	3108	c30	Setup	** START **  Setup: Installing client binaries

2008-10-22	11:14:19	3108	c30	Setup	*********

2008-10-22	11:14:19	3108	c30	Setup	  * Download directory: c:\fa99c73048124fc438f1fc\

2008-10-22	11:14:19	3108	c30	Setup	  * Stop and start service: Yes

2008-10-22	11:14:19	3108	c30	Setup	Starting file operations for section iuengine_Standalone

2008-10-22	11:14:19	3108	c30	Setup	Successfully copied source file c:\fa99c73048124fc438f1fc\iuengine.dll to C:\WINDOWS\system32\iuengine.dll.wusetup.1148125.new

2008-10-22	11:14:19	3108	c30	Setup	Setup successfullly moved C:\WINDOWS\system32\iuengine.dll.wusetup.1148125.new to C:\WINDOWS\system32\iuengine.dll

2008-10-22	11:14:19	3108	c30	Setup	File operations for section iuengine_Standalone completed successfully

2008-10-22	11:14:19	3108	c30	Setup	Starting file operations for section wuauclt1_Standalone

2008-10-22	11:14:19	3108	c30	Setup	Successfully copied source file c:\fa99c73048124fc438f1fc\en\wuauclt1.exe to C:\WINDOWS\system32\wuauclt1.exe.wusetup.1148421.new

2008-10-22	11:14:20	3108	c30	Setup	Setup successfullly moved C:\WINDOWS\system32\wuauclt1.exe.wusetup.1148421.new to C:\WINDOWS\system32\wuauclt1.exe

2008-10-22	11:14:20	3108	c30	Setup	File operations for section wuauclt1_Standalone completed successfully

2008-10-22	11:14:20	3108	c30	Setup	Starting file operations for section wuaueng1_Standalone

2008-10-22	11:14:21	3108	c30	Setup	Successfully copied source file c:\fa99c73048124fc438f1fc\en\wuaueng1.dll to C:\WINDOWS\system32\wuaueng1.dll.wusetup.1149609.new

2008-10-22	11:14:21	3108	c30	Setup	Setup successfullly moved C:\WINDOWS\system32\wuaueng1.dll.wusetup.1149609.new to C:\WINDOWS\system32\wuaueng1.dll

2008-10-22	11:14:21	3108	c30	Setup	File operations for section wuaueng1_Standalone completed successfully

2008-10-22	11:14:21	3108	c30	Setup	Starting registry operations for section iuengine_Standalone

2008-10-22	11:14:21	3108	c30	Setup	Completed registration operations for section iuengine_Standalone: status 0

2008-10-22	11:14:21	3108	c30	Setup	Starting registry operations for section wuauclt1_Standalone

2008-10-22	11:14:21	3108	c30	Setup	Completed registration operations for section wuauclt1_Standalone: status 0

2008-10-22	11:14:21	3108	c30	Setup	Starting registry operations for section wuaueng1_Standalone

2008-10-22	11:14:21	3108	c30	Setup	Completed registration operations for section wuaueng1_Standalone: status 0

2008-10-22	11:14:21	3108	c30	Setup	Processing registry operations completed. Deleting backup files.

2008-10-22	11:14:21	3108	c30	Setup	Successfully deleted backup file C:\WINDOWS\system32\iuengine.dll.wusetup.1148125.bak

2008-10-22	11:14:21	3108	c30	Setup	Successfully deleted backup file C:\WINDOWS\system32\wuauclt1.exe.wusetup.1148421.bak

2008-10-22	11:14:21	3108	c30	Setup	Successfully deleted backup file C:\WINDOWS\system32\wuaueng1.dll.wusetup.1149609.bak

2008-10-22	11:14:21	3108	c30	Setup	FATAL: Warning: Failed to restart wuauserv service: 0x80070422

2008-10-22	11:14:21	3108	c30	Setup	  * WARNING: Exit code = 0x80070422

2008-10-22	11:14:21	3108	c30	Setup	*********

2008-10-22	11:14:21	3108	c30	Setup	**  END  **  Setup: Installing client binaries

2008-10-22	11:14:21	3108	c30	Setup	*************

2008-10-22	11:14:21	3108	c30	Setup	FATAL: InstallUpdatedBinaries failed with error 0x80070422

2008-10-22	11:14:24	3108	c28	Setup	wusetup has finished.  Exit code is 0. Reboot is NOT needed

2008-10-22	11:17:09:336	 532	e58	Misc	===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========

2008-10-22	11:17:09:336	 532	e58	Misc	  = Process: \??\C:\WINDOWS\system32\winlogon.exe

2008-10-22	11:17:09:336	 532	e58	Misc	  = Module: C:\WINDOWS\system32\wuaueng.dll

2008-10-22	11:17:09:336	 532	e58	Shutdwn	FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF

Open in new window

0
 
LVL 4

Accepted Solution

by:
lawson2305 earned 500 total points
ID: 22779391
wuauserv is disabled

This is not supposed to be done on the SERVER but on the Client where you pulled this log from.  When completing the step you described above it started the service for you.  This is why you see entries in the log now.

Make sure BITS is running:

AT CLIENT:
 To resolve this problem, make sure that BITS and the Automatic Updates service are started..

1. Click Start, click Run, type services.msc, and then click OK.
2. In the list of services, right-click Automatic Updates, and then click Properties.
3. In the Startup type list, click Automatic, and then click Apply.
4. If Service status is set to Stopped, click Start, and then click OK.
5. Right-click Background Intelligent Transfer Service, and then click Properties.
6. In the Startup type list, click Manual, and then click Apply.
7. If Service status is set to Stopped, click Start, and then click OK.
0
 

Author Comment

by:jb61264
ID: 22779475
I wonder if there is a GPO for BITS and Automatic Updates? Automatic Updates is disabled and BITS is set to "Manual"...I see this on a number of the machines I just looked at as well
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 4

Expert Comment

by:lawson2305
ID: 22779683
did you have a different update solution before?

Check out this:
configuring Automatic Updates via GPO.
http://support.microsoft.com/kb/328010
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22786729
GPO - Computer Configuration \ Windows Settings \ Security Settings \ System Services \ Automatic Updates
Set to Automatic

You may need to adjust permissions after doing this:
For Windows XP Automatic Update Service to function the security should be set to Administrators - Full Control, Authenticated Users - Read & Stop, Start, and pause, and SYSTEM - Full Control.
-----------------------------------------------
Since it is default that this is Automatically started I would first take a test machine and change to Automatic and do a gpupdate /force restart and then see if the service is back to disabled.  Or use "resultant set of policy" snapin to test your policies.

Then if no policy is setting this (maybe one existed in the past) then add the above to your WSUS GPO and you will be all set.
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22795558
jb61264

Is there anything else we can do to help you here?  Did you figure out your issues?

Did you use a different update solution before?

Please let me know the status of your wsus deployment issues.
0
 

Author Comment

by:jb61264
ID: 22796848
Sorry I couldn't reply yesterday....was out of the office.

I'm still having issues with WSUS but I don't think it is related to my setup on the server or GPO's...one thing I have noticed over the last year of being at my present job was that whenever we did manual updates we had to run a script first called "SetServiceObjectSecurity.cmd"...are you familiar with this?

It seems like I cannot get my machine or any other PC on our network to update unless I run this script and then go in and manually start the Windows Update service and the BITS service.

I apologize for not remembering to mention this as its been a long time since I tried to update something manually and when I was messing around with mine yesterday, I remembered having to run this script which I've posted below.

Why would I have to run this batch file? Is there something I can set on our system so I don't have to run it?


========================================================================

@echo off

Echo This batch file will Set Service Object Security for WUAUSERV & BITS.

Echo Please wait...

@echo on

sc sdset bits "D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)" >>C:\SetServiceObjectSecurity.log

sc sdset wuauserv "D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)" >>C:\SetServiceObjectSecurity.log

@echo off

Echo Open C:\SetServiceObjectSecurity.log for SUCCESS entry.

Echo Open the Services applet from control panel to see if the services are started.

Echo For any errors; report on http://groups.msn.com/NTarabia

@echo off

Pause

========================================================================

Open in new window

0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22827117
jb61264,
I'm not a programmer so I can't say what this is completely doing but it appears that it is changing the permissions on these two services.  I have listed above how you can fix this with the Automatic Updates service via GPO.  Is anything running in the login script or startup of the workstations that changes this in the first place?

If you build a brand new desktop from CD does this happen?    If so then it is something in login script or GPO.  If not then could be something on your desktops running this at startup or in your build process not using a install cd like Ghost, RIS or Altiris.
0
 

Author Comment

by:jb61264
ID: 22830981
lawson2305...thanks so much for sticking with me through all of this...I'm not a programmer either but I know there is a login script that was put into place by the previous person here....I've attached to this post. Not sure if it is doing anything that would make it so I have to run that "SetServiceObjectSecurity" script to allow me to autoupdate. I'm not using any sort of preinstallation environment when I build a new desktop so I think you're right that it has to be in the login script or the GPO...is there a way to export a GPO for someone to look at?...would you know where to look in the GPO to find out if something is creating this?
Option Explicit
 

Dim objNetwork

Dim computerName, user

Dim cn, rs

Dim strComputer, objWMIService

Dim colNicConfigs, objNicConfig, objNic, strIPAddress, ipAddress 

Dim myOS, objOS, objGroup, objUser, strAdmin, colSoftware, objSoftware 

Dim sSQL, s2SQL, s3SQL, s4SQL

Dim test, charSwap, test2, test3, charSwap2, test4

Dim VideoSet, SoundSet, MemorySet, DiskSet, BIOSSet

Dim Video, videoSQL, Sound, soundSQL, Memory, memSQL, Disk, DType, driveSQL, BIOS, BDate, bioSQL
 
 

Set objNetwork = CreateObject("Wscript.Network")

computerName = objNetwork.ComputerName

user = objNetwork.UserName
 
 

set cn = CreateObject("ADODB.Connection")

set rs = CreateObject("ADODB.Recordset")
 

cn.Open "Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=INVENTORY;Data Source=bpdf2"
 
 

if cn.State <> 1 then

  MsgBox "Database Connection Failed"

  WScript.Quit

end if
 

strComputer = "."
 

Set objWMIService = GetObject("winmgmts:" _

 & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 

'''''''''''''''''''''''''''''''''Network''''''''''''''''''''''''''''''''''''''''

Set colNicConfigs = objWMIService.ExecQuery _

 ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")

 
 

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

'''''''''''''''''''''''''''''Service Pack'''''''''''''''''''''''''''''''''''''''

Set myOS = objWMIService.ExecQuery _

    ("Select * from Win32_OperatingSystem")

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''admin rights'''''''''''''''''''''''''''''''''''''''

Set objGroup = GetObject("WinNT://" & computername & "/Administrators")

strAdmin = ""

For Each objUser in objGroup.Members

	If objUser.Name = user Then

		strAdmin = "YES"

	Elseif strAdmin = "YES" Then

		strAdmin = "YES"

	else

		strAdmin = "NO"

	End If

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

'''''''''''''''''''''''''''''''''Video''''''''''''''''''''''''''''''''''''''''''

Set VideoSet = GetObject("winmgmts:").InstancesOf("Win32_videoController")

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''Sound''''''''''''''''''''''''''''''''''''''''''

Set SoundSet = GetObject("winmgmts:").InstancesOf("Win32_SoundDevice")

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''Memory'''''''''''''''''''''''''''''''''''''''''

Set MemorySet = GetObject("winmgmts:").InstancesOf("Win32_LogicalMemoryConfiguration")

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''Drive''''''''''''''''''''''''''''''''''''''''''

Set DiskSet = GetObject("winmgmts:").InstancesOf("Win32_LogicalDisk")

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

''''''''''''''''''''''''''''''''Bios'''''''''''''''''''''''''''''''''''''''''

Set BIOSSet = GetObject("winmgmts:").InstancesOf("Win32_BIOS")

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

On Error Resume Next

set rs.ActiveConnection = cn

For Each objNicConfig In colNicConfigs 

  Set objNic = objWMIService.Get _

   ("Win32_NetworkAdapter.DeviceID=" & objNicConfig.Index)

IF Err Then

  For Each strIPAddress In objNicConfig.IPAddress

    ipAddress = strIPAddress
 

	sSQL = "INSERT INTO network(computername,IP,MAC,device,date)"

	sSQL = sSQL & "VALUES('" &  computerName & "','" & ipAddress & "','" & objNicConfig.MACAddress & "','" & objNicConfig.Description & "','" & Now & "')"

  	rs.Open sSQL, cn, 3

  Next

End If

  For Each strIPAddress In objNicConfig.IPAddress

    ipAddress = strIPAddress
 

	sSQL = "INSERT INTO network(computername,IP,MAC,device,date)"

	sSQL = sSQL & "VALUES('" &  computerName & "','" & ipAddress & "','" & objNic.MACAddress & "','" & objNic.Description & "','" & Now & "')"

  	rs.Open sSQL, cn, 3

  Next

Next
 

'msgBox sSQL

	

For Each objOS In myOS

	s2SQL = "INSERT INTO servicepack(computername,OS,latest,date)"

	s2SQL = s2SQL & "VALUES('" &  computerName & "','" & objOS.Name & "','" & objOS.ServicePackMajorVersion & "','" & Now & "')"

'msgBox s2SQL

rs.Open s2SQL, cn, 3
 

Next

	s3SQL = "INSERT INTO rights(computername,username,date,localadmin)"

	s3SQL = s3SQL & "VALUES('" &  computerName & "','" & user & "','" & Now & "','" & strAdmin & "')"

rs.Open s3SQL, cn, 3

'msgBox s3SQL
 

'''''''''''''''''''''''''''''''''software'''''''''''''''''''''''''''''''''''''''

Set colSoftware = objWMIService.ExecQuery _

    ("Select * from Win32_Product")

    

For Each objSoftware in colSoftware
 

test = objSoftware.Name

charSwap = "'"

test2 = Replace(test, charSwap, "")  
 

	s4SQL = "INSERT INTO software(computername,product,version,date)"

	s4SQL = s4SQL & "VALUES('" &  computerName & "','" & test2 & "','" & objSoftware.Version & "','" & Now & "')"

rs.Open s4SQL, cn, 3

'msgBox s4SQL

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''Video SQL insert'''''''''''''''''''''''''''''''

For each Video in VideoSet

	videoSQL = "INSERT INTO videocard(computername,value,date)"

	videoSQL = videoSQL & "VALUES('" &  computerName & "','" & Video.Description & " (" & Video.VideoModeDescription & ")" & "','" & Now & "')"

	'WScript.Echo "Card:" & Video.Description & VBlf & _

	'"Current: " & Video.VideoModeDescription
 

rs.Open videoSQL, cn, 3
 

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''Sound SQL insert'''''''''''''''''''''''''''''''

For each Sound in SoundSet
 

test3 = Sound.ProductName

charSwap2 = "'"

test4 = Replace(test3, charSwap2, "") 
 

		 soundSQL = "INSERT INTO soundcard(computername,value,date)"

		 soundSQL = soundSQL & "VALUES('" &  computerName & "','" & test4 & "(" & Sound.Manufacturer & ")" & "','" & Now & "')"

		 'WScript.Echo "Card:" & Sound.ProductName & VBlf & _

		 '"Manufacturer: " & Sound.Manufacturer
 

'msgBox soundSQL

rs.Open soundSQL, cn, 3
 

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''Memory SQL insert''''''''''''''''''''''''''''''

For each Memory in MemorySet

	memSQL = "INSERT INTO memorycard(computername,value,date)"

	memSQL = memSQL & "VALUES('" &  computerName & "','Total:" & Memory.TotalPhysicalMemory/1024 & " (Virtual:" & Memory.TotalvirtualMemory/1024 & ", Page:" & Memory.TotalPageFileSpace/1024 & ")" & "','" & Now & "')"

	'WScript.Echo "Total:" & _

	'Memory.TotalPhysicalMemory/1024 & VBlf & _

	'"Virtual: " & Memory.TotalvirtualMemory/1024 & VBlf & _

	'"Page: " & Memory.TotalPageFileSpace/1024
 

'msgBox memSQL

rs.Open memSQL, cn, 3
 

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
 

'''''''''''''''''''''''''''''''''Drive SQL insert'''''''''''''''''''''''''''''''

For each Disk in DiskSet

	Select Case Disk.DriveType

		Case 0

			DType = "Unknown"

		Case 1

			DType = "No Root Directory"

		Case 2

			DType = "Removable Disk"

		Case 3

			DType = "Local Disk"

		Case 4

			DType = "Network Drive"

		Case 5

			DType = "Compact Disc"

		Case 6

			DType = "RAM Disk"

	End Select

if DType = "Local Disk" then

	driveSQL = "INSERT INTO drivecard(computername,value,date)"

	driveSQL = driveSQL & "VALUES('" &  computerName & "','Drive:" & Disk.DeviceID & " (Name: " & Disk.Description & ", File System: " & Disk.FileSystem & ", Size: " & Disk.Size & ", Free Space: " & Disk.FreeSpace & ", Compressed: " & Disk.Compressed & ")" & "','" & Now & "')"
 

	'WScript.Echo "Drive:" & Disk.DeviceID & VBlf & _

	'"Name: " & Disk.Description & VBlf & _

	'"Type: " & DType & VBlf & _

	'"File System: " & Disk.FileSystem & VBlf & _

	'"Size: " & Disk.Size & VBLF & _

	'"Free Space: " & Disk.FreeSpace & VBlf & _

	'"Compressed: " & Disk.Compressed	

'msgBox driveSQL

rs.Open driveSQL, cn, 3
 

end if
 

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

'''''''''''''''''''''''''''''''''BIOS SQL insert''''''''''''''''''''''''''''''''

For each BIOS in BIOSSet

	BDate = Left(BIOS.ReleaseDate,8)

	BDate = Mid(BDate,5,2) & "/" & Mid(BDate,7,2) & "/" & _

	Mid(BDate,1,4)	

	

	bioSQL = "INSERT INTO bioscard(computername,value,date)"

	bioSQL = bioSQL & "VALUES('" &  computerName & "','Name: " & BIOS.Name & " (Manufacturer: " & BIOS.Manufacturer & ", Date: " & BDate & ")" & "','" & Now & "')"
 

	'WScript.Echo "Name: " & BIOS.Name & VBlf & _

	'"Manufacturer: " & BIOS.Manufacturer & VBlf & _

	'"Date: " & BDate
 

'msgBox bioSQL

rs.Open bioSQL, cn, 3

	

Next

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 

cn.Close

set rs = Nothing

set cn = Nothing
 

'WScript.Quit
 
 
 
 

Dim Network, Group, Drive, Share, SHELL 'test, 

'On Error Resume Next

Set SHELL = CreateObject("WScript.Shell")

Set Network = CreateObject("WScript.Network")
 

'SHELL.Run("\\bpdf2\logon\delete.bat")
 

SHELL.Run("net time \\wsecdc /SET /YES")
 

Wscript.Sleep 2000
 

Drive = "F:"

Share = "\\bpdf2\FDL"

Network.MapNetworkDrive Drive, Share
 

Drive = "G:"

Share = "\\bpdf2\GROUP"

Network.MapNetworkDrive Drive, Share
 

'MapDrive
 

Drive = "I:"

Share = "\\bpdf2\Forms"

Network.MapNetworkDrive Drive, Share
 

'MapDrive
 

Drive = "K:"

Share = "\\bpdf6\QC"

Network.MapNetworkDrive Drive, Share
 
 

Drive = "L:"

Share = "\\bpdf2\SoftMaxPro"

Network.MapNetworkDrive Drive, Share
 

Drive = "M:"

Share = "\\bpdf2\MBL"

Network.MapNetworkDrive Drive, Share
 

'MapDrive 
 

Drive = "O:"

Share = "\\bpdf2\Applications"

Network.MapNetworkDrive Drive, Share
 

Drive = "P:"

Share = "\\bpdf2\pdl"

Network.MapNetworkDrive Drive, Share
 

Drive = "R:"

Share = "\\bpdf2\AML"

Network.MapNetworkDrive Drive, Share
 

Drive = "S:"

Share = "\\bpdf2\pcl"

Network.MapNetworkDrive Drive, Share
 

'MapDrive 
 

Drive = "T:"

Share = "\\bpdf2\Templates"

Network.MapNetworkDrive Drive, Share
 
 

'Drive = "U:"

'Share = "\\bpdf-software\software"

'Network.MapNetworkDrive Drive, Share
 

'MapDrive 
 

'Sub MapDrive()
 

'Network.RemoveNetworkDrive Drive

'Network.MapNetworkDrive Drive, Share

	'IF Err.Number = 0 Then		

		'Shell.Popup "Maped user " & Drive & " to " & Share

	'Else

  	'	Shell.Popup "Error mapping drive " & Drive & " to " & Share

	'End IF

'End Sub
 
 

Group = "UNL-AD\bpdf-bsn"

Drive = "J:"

Share = "\\bpdf2\bsn"
 

MapGroupDrive 
 

Group = "UNL-AD\bpdf-managers"

Drive = "N:"

Share = "\\bpdf2\admin"
 

MapGroupDrive 
 

Group = "UNL-AD\BPDF-QA"

Drive = "Q:"

Share = "\\bpdf6\qa"
 

MapGroupDrive 
 

Group = "UNL-AD\BPDF-admins"

Drive = "U:"

Share = "\\bpdf-software\software"

MapGroupDrive 
 
 

Group = "UNL-AD\BPDF-admins"

Drive = "V:"

Share = "\\bpdf-software\IT"
 

MapGroupDrive 
 

'Option Explicit
 
 
 

WScript.Quit
 
 

Sub MapGroupDrive ()
 

test = SHELL.Run("\\bpdf2\logon\IFMEMBER.EXE " & Group,0,True)
 

	if (test = 1) Then

		'Wscript.Echo " In Group: " & Group 	

		'Wscript.Echo Drive

		'Network.RemoveNetworkDrive Drive

		Network.MapNetworkDrive Drive, Share

			IF Err.Number = 0 Then		

				'Wscript.Echo "Maped " & Drive & " to " & Share

			Else

				'Shell.Popup "Error mapping group drive " & Drive & " to " & Share & " Error Number: " & Err.Number

			End IF

	End IF

End Sub

Open in new window

0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22842452
I don't believe it is anything in the login script doing this but I'm not 100% sure.

As far as GPO setting this you will need to look here:
GPO - Computer Configuration \ Windows Settings \ Security Settings \ System Services \

Now what you should do is use "resultant set of policy" snap in to see what is being GPO defined.
Info
http://technet.microsoft.com/en-us/library/cc758010.aspx
use
http://support.microsoft.com/kb/323276

Again though this would be much easier if you gave some background information as I have requested:
1.  If you build a brand new desktop from CD does this happen?    If so then it is something in login script or GPO.  If not then could be something on your desktops running this at startup or in your build process not using a install cd like Ghost, RIS or Altiris.
I need to know how you deploy your workstations.
2. Did you use a different update solution before?

Please answer the above questions and do this test.
Create a user account and do not give it your login script to RUN.  Build a new desktop from a XP CD without modifications, use original media.  Add the workstation to the domain and keep it in the Computers Objects folder.  Do these services get set to disabled after logging in now?  If so it has to be a GPO located at the root of your domain.  If not then add in the login script to this user account.  Does it now disable the services?  If so you know it is something in your login script.  If not then move the computer object one level into your OU and restart to see if anything is changed.  If so you know it is a gpo added to that OU.  If not got the next level and so on until you get where all your computer objects are located.

You are going to need to do some simple troubleshooting to find out where this is causing the issue (disabling your services).
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22903963
jb61264
Any update?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now