Solved

WSUS - Clients not updating

Posted on 2008-10-22
15
4,468 Views
Last Modified: 2012-08-14
I have sucessfully installed WSUS 3.1 and am able to see "most" of the computers on my network. I have set up so that GPO forces the computers to update daily at 10am but nothing seems to happen. I have synchronized my WSUS server and approved a number of updates but when the time comes for computers to update, nothing happens with them. All of my computers are running Windows XP SP2 and have the latest Windows Update client.

I'm not sure if there is some GPO set that would disallow the computers to update or not and am hoping someone can give me some things to look at to troubleshoot this.
0
Comment
Question by:jb61264
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 5
15 Comments
 
LVL 4

Expert Comment

by:lawson2305
ID: 22777646
Have you verified these settings are being set on these workstations?

Check:
REGEDIT
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]

The other thing is if we could see your C:\WINDOWS\windowsupdate.log

Look for something like this:
      d04      DnldMgr      *************
      d04      DnldMgr      ** START **  DnldMgr: Downloading updates [CallerId = AutomaticUpdates]
      d04      DnldMgr      *********




               DnldMgr        * All files for update were already downloaded and are valid.
      b28      AU      >>##  RESUMED  ## AU: Download update [UpdateId = {34B52415-A5BA-41E9-8072-9D2DEE8B22A9}, succeeded]
      b28      AU      #########
      b28      AU      ##  END  ##  AU: Download updates
      b28      AU      #############
      b28      AU      Setting AU scheduled install time to 2008-09-04 02:00:00
      b28      AU      AU setting pending client directive to 'Install Approval'

You can see in this log where the download starts.  You can then see if it errors on the download and if successful will enter an install time as you see at the bottom.
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22777771
Sorry to add more but in WSUS if you right click on the approved update and select "status report" this will also give you some details to what is going on.  This will show you if any clients have downloaded the update and so on.  You can then see the list of computers this is set for and should show:
Status of:
Failed
Not Installed
Downloaded

If you are getting the GPO settings in that area then here is how you fix 99% of all wsus updating issues.
-----------------------------------------------------------------------
Click START, Choose Run
In the Run box, type "services.msc" (without the quotes)
Click OK
Right click the Automatic Updates service,
Click stop.
Stopping the service will take a moment.

Or

net stop wuauserv

Rename the "SoftwareDistribution" folder :
a. Click Start, click Run, type "%systemroot%" (without the quotes" and then click OK.
b. Right click the SoftwareDistribution folder, and then click Rename
c. Type SoftwareDistribution.old, and then press ENTER to rename this folder.

Good to rename windowsupdate.log file at this time also so you can see a fresh log.

Click START, Choose Run
In the Run box, type "services.msc." (without the quotes)
Click OK
Right -click the Automatic Updates service
Click Start.
Starting the service will take a moment.

Or

net start wuauserv

wuauclt /detectnow
----------------------------------------------------------------------------------------
If you image your machines in anyway(Ghost, RIS using riprep):
create a batch file to do this or execute each step on the client manually:
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f
net start wuauserv
wuauclt.exe /resetauthorization /detectnow
----------------------------------------------------------------------------------------
0
 

Author Comment

by:jb61264
ID: 22777839
In [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] the following are set:

(Default) - (value not set)
ElevateNonAdmins - 0x0000000 (0)
WUServer - http://bpdf9
WUStatusServer - http://bpdf9

In [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] the following are set:

(Default)  -  (value note set)
AUOptions  -  0x0000000 (4)
NoAutoRebootWithLoggedOnUsers  -  0x000000 (1)
NoAutoUpdate  -  0x0000000 (0)
ScheduledInstallDay  -  0x0000000 (0)
ScheduledInstallTime  -  0x0000000 (10)
UseWUServer  -  0x00000000 (1)

These were the settings on one of the clients I checked and have been "testing with

Here is the windowsupdate log file for the last three days (looks like the clients are having trouble connecting?):

2008-10-20      02:01:01:268      1448      28c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-20      02:01:01:268      1448      28c      Misc        = Process: C:\Program Files\Windows Defender\MpCmdRun.exe
2008-10-20      02:01:01:268      1448      28c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-20      02:01:01:268      1448      28c      COMAPI      -------------
2008-10-20      02:01:01:268      1448      28c      COMAPI      -- START --  COMAPI: Search [ClientId = Windows Defender]
2008-10-20      02:01:01:268      1448      28c      COMAPI      ---------
2008-10-20      02:01:01:283      1448      28c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-20      02:01:01:283      1448      28c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-20      02:01:01:283      1448      28c      COMAPI        - WARNING: Exit code = 0x80070422
2008-10-20      02:01:01:283      1448      28c      COMAPI      ---------
2008-10-20      02:01:01:283      1448      28c      COMAPI      --  END  --  COMAPI: Search [ClientId = <NULL>]
2008-10-20      02:01:01:283      1448      28c      COMAPI      -------------
2008-10-20      02:01:01:283      1448      28c      COMAPI      FATAL: Unable to initiate asynchronous search, hr=80070422
2008-10-20      02:01:01:299      1448      28c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-20      02:01:01:299      1448      28c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-21      02:01:01:262       392      67c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      02:01:01:278       392      67c      Misc        = Process: C:\Program Files\Windows Defender\MpCmdRun.exe
2008-10-21      02:01:01:278       392      67c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-21      02:01:01:262       392      67c      COMAPI      -------------
2008-10-21      02:01:01:278       392      67c      COMAPI      -- START --  COMAPI: Search [ClientId = Windows Defender]
2008-10-21      02:01:01:278       392      67c      COMAPI      ---------
2008-10-21      02:01:01:278       392      67c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-21      02:01:01:278       392      67c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-21      02:01:01:278       392      67c      COMAPI        - WARNING: Exit code = 0x80070422
2008-10-21      02:01:01:278       392      67c      COMAPI      ---------
2008-10-21      02:01:01:278       392      67c      COMAPI      --  END  --  COMAPI: Search [ClientId = <NULL>]
2008-10-21      02:01:01:278       392      67c      COMAPI      -------------
2008-10-21      02:01:01:278       392      67c      COMAPI      FATAL: Unable to initiate asynchronous search, hr=80070422
2008-10-21      02:01:01:278       392      67c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-21      02:01:01:278       392      67c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-21      15:55:23:743      3480      f9c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      15:55:23:758      3480      f9c      Misc        = Process: C:\Program Files\Internet Explorer\iexplore.exe
2008-10-21      15:55:23:758      3480      f9c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-21      15:55:23:743      3480      f9c      Misc      wuauserv is disabled
2008-10-21      16:24:49:322       536      bb0      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      16:24:49:322       536      bb0      Misc        = Process: \??\C:\WINDOWS\system32\winlogon.exe
2008-10-21      16:24:49:322       536      bb0      Misc        = Module: C:\WINDOWS\system32\wuaueng.dll
2008-10-21      16:24:49:322       536      bb0      Shutdwn      FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF
2008-10-21      22:01:30:406      3380      e00      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-21      22:01:30:421      3380      e00      Misc        = Process: C:\Program Files\Internet Explorer\iexplore.exe
2008-10-21      22:01:30:421      3380      e00      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-21      22:01:30:406      3380      e00      Misc      wuauserv is disabled
2008-10-22      02:11:01:370      1872      92c      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-22      02:11:01:386      1872      92c      Misc        = Process: C:\Program Files\Windows Defender\MpCmdRun.exe
2008-10-22      02:11:01:386      1872      92c      Misc        = Module: C:\WINDOWS\system32\wuapi.dll
2008-10-22      02:11:01:370      1872      92c      COMAPI      -------------
2008-10-22      02:11:01:386      1872      92c      COMAPI      -- START --  COMAPI: Search [ClientId = Windows Defender]
2008-10-22      02:11:01:386      1872      92c      COMAPI      ---------
2008-10-22      02:11:01:386      1872      92c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-22      02:11:01:386      1872      92c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-22      02:11:01:386      1872      92c      COMAPI        - WARNING: Exit code = 0x80070422
2008-10-22      02:11:01:386      1872      92c      COMAPI      ---------
2008-10-22      02:11:01:386      1872      92c      COMAPI      --  END  --  COMAPI: Search [ClientId = <NULL>]
2008-10-22      02:11:01:386      1872      92c      COMAPI      -------------
2008-10-22      02:11:01:386      1872      92c      COMAPI      FATAL: Unable to initiate asynchronous search, hr=80070422
2008-10-22      02:11:01:401      1872      92c      COMAPI      FATAL: Unable to connect to the service (hr=80070422)
2008-10-22      02:11:01:401      1872      92c      COMAPI      WARNING: Unable to establish connection to the service. (hr=80070422)
2008-10-22      09:45:45:701       536      4cc      Misc      ===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-22      09:45:45:717       536      4cc      Misc        = Process: \??\C:\WINDOWS\system32\winlogon.exe
2008-10-22      09:45:45:717       536      4cc      Misc        = Module: C:\WINDOWS\system32\wuaueng.dll
2008-10-22      09:45:45:701       536      4cc      Shutdwn      FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Expert Comment

by:lawson2305
ID: 22778684
Ok so this is your wsus server http://bpdf9

Here is what I would look more into:
wuauserv is disabled

open services.msc
Go to "Automatic Updates"
make sure it is set to Automatic and STARTED.

Looks like the update service is not running.
0
 

Author Comment

by:jb61264
ID: 22779191
It is set to Automatic and Started on the server...please note that the log file I posted above was from a client and not the WSUS server.

Here's my most recent log entries after trying your first suggestions:


2008-10-22	11:14:12	3108	c28	Misc	===========  Logging initialized (build: 5.8.0.2694, tz: -0500)  ===========
2008-10-22	11:14:12	3108	c28	Misc	  = Process: c:\fa99c73048124fc438f1fc\wusetup.exe
2008-10-22	11:14:12	3108	c28	Setup	Windows Update Client standalone setup : resource dll path is c:\fa99c73048124fc438f1fc\en\wusetupr.dll
2008-10-22	11:14:12	3108	c28	Setup	***********  Setup: Checking whether self-update is required  ***********
2008-10-22	11:14:12	3108	c28	Setup	  * Inf file: c:\fa99c73048124fc438f1fc\wusetup.inf
2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\cdm.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update required for C:\WINDOWS\system32\iuengine.dll: target version = 5.4.3790.2180, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuapi.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuauclt.exe: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update required for C:\WINDOWS\system32\wuauclt1.exe: target version = 5.4.3790.2180, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuaucpl.cpl: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuaueng.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:12	3108	c28	Setup	Update required for C:\WINDOWS\system32\wuaueng1.dll: target version = 5.4.3790.2180, required version = 5.8.0.2694
2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wucltui.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wups.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wups2.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:13	3108	c28	Setup	Update NOT required for C:\WINDOWS\system32\wuweb.dll: target version = 7.0.6000.381, required version = 5.8.0.2694
2008-10-22	11:14:13	3108	c28	Setup	  * IsUpdateRequired = Yes
2008-10-22	11:14:13	3108	c28	Setup	Windows Update Client standalone setup : eula file path is c:\fa99c73048124fc438f1fc\en\eula.rtf
2008-10-22	11:14:19	3108	c30	Setup	*************
2008-10-22	11:14:19	3108	c30	Setup	** START **  Setup: Installing client binaries
2008-10-22	11:14:19	3108	c30	Setup	*********
2008-10-22	11:14:19	3108	c30	Setup	  * Download directory: c:\fa99c73048124fc438f1fc\
2008-10-22	11:14:19	3108	c30	Setup	  * Stop and start service: Yes
2008-10-22	11:14:19	3108	c30	Setup	Starting file operations for section iuengine_Standalone
2008-10-22	11:14:19	3108	c30	Setup	Successfully copied source file c:\fa99c73048124fc438f1fc\iuengine.dll to C:\WINDOWS\system32\iuengine.dll.wusetup.1148125.new
2008-10-22	11:14:19	3108	c30	Setup	Setup successfullly moved C:\WINDOWS\system32\iuengine.dll.wusetup.1148125.new to C:\WINDOWS\system32\iuengine.dll
2008-10-22	11:14:19	3108	c30	Setup	File operations for section iuengine_Standalone completed successfully
2008-10-22	11:14:19	3108	c30	Setup	Starting file operations for section wuauclt1_Standalone
2008-10-22	11:14:19	3108	c30	Setup	Successfully copied source file c:\fa99c73048124fc438f1fc\en\wuauclt1.exe to C:\WINDOWS\system32\wuauclt1.exe.wusetup.1148421.new
2008-10-22	11:14:20	3108	c30	Setup	Setup successfullly moved C:\WINDOWS\system32\wuauclt1.exe.wusetup.1148421.new to C:\WINDOWS\system32\wuauclt1.exe
2008-10-22	11:14:20	3108	c30	Setup	File operations for section wuauclt1_Standalone completed successfully
2008-10-22	11:14:20	3108	c30	Setup	Starting file operations for section wuaueng1_Standalone
2008-10-22	11:14:21	3108	c30	Setup	Successfully copied source file c:\fa99c73048124fc438f1fc\en\wuaueng1.dll to C:\WINDOWS\system32\wuaueng1.dll.wusetup.1149609.new
2008-10-22	11:14:21	3108	c30	Setup	Setup successfullly moved C:\WINDOWS\system32\wuaueng1.dll.wusetup.1149609.new to C:\WINDOWS\system32\wuaueng1.dll
2008-10-22	11:14:21	3108	c30	Setup	File operations for section wuaueng1_Standalone completed successfully
2008-10-22	11:14:21	3108	c30	Setup	Starting registry operations for section iuengine_Standalone
2008-10-22	11:14:21	3108	c30	Setup	Completed registration operations for section iuengine_Standalone: status 0
2008-10-22	11:14:21	3108	c30	Setup	Starting registry operations for section wuauclt1_Standalone
2008-10-22	11:14:21	3108	c30	Setup	Completed registration operations for section wuauclt1_Standalone: status 0
2008-10-22	11:14:21	3108	c30	Setup	Starting registry operations for section wuaueng1_Standalone
2008-10-22	11:14:21	3108	c30	Setup	Completed registration operations for section wuaueng1_Standalone: status 0
2008-10-22	11:14:21	3108	c30	Setup	Processing registry operations completed. Deleting backup files.
2008-10-22	11:14:21	3108	c30	Setup	Successfully deleted backup file C:\WINDOWS\system32\iuengine.dll.wusetup.1148125.bak
2008-10-22	11:14:21	3108	c30	Setup	Successfully deleted backup file C:\WINDOWS\system32\wuauclt1.exe.wusetup.1148421.bak
2008-10-22	11:14:21	3108	c30	Setup	Successfully deleted backup file C:\WINDOWS\system32\wuaueng1.dll.wusetup.1149609.bak
2008-10-22	11:14:21	3108	c30	Setup	FATAL: Warning: Failed to restart wuauserv service: 0x80070422
2008-10-22	11:14:21	3108	c30	Setup	  * WARNING: Exit code = 0x80070422
2008-10-22	11:14:21	3108	c30	Setup	*********
2008-10-22	11:14:21	3108	c30	Setup	**  END  **  Setup: Installing client binaries
2008-10-22	11:14:21	3108	c30	Setup	*************
2008-10-22	11:14:21	3108	c30	Setup	FATAL: InstallUpdatedBinaries failed with error 0x80070422
2008-10-22	11:14:24	3108	c28	Setup	wusetup has finished.  Exit code is 0. Reboot is NOT needed
2008-10-22	11:17:09:336	 532	e58	Misc	===========  Logging initialized (build: 7.0.6000.381, tz: -0500)  ===========
2008-10-22	11:17:09:336	 532	e58	Misc	  = Process: \??\C:\WINDOWS\system32\winlogon.exe
2008-10-22	11:17:09:336	 532	e58	Misc	  = Module: C:\WINDOWS\system32\wuaueng.dll
2008-10-22	11:17:09:336	 532	e58	Shutdwn	FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF

Open in new window

0
 
LVL 4

Accepted Solution

by:
lawson2305 earned 500 total points
ID: 22779391
wuauserv is disabled

This is not supposed to be done on the SERVER but on the Client where you pulled this log from.  When completing the step you described above it started the service for you.  This is why you see entries in the log now.

Make sure BITS is running:

AT CLIENT:
 To resolve this problem, make sure that BITS and the Automatic Updates service are started..

1. Click Start, click Run, type services.msc, and then click OK.
2. In the list of services, right-click Automatic Updates, and then click Properties.
3. In the Startup type list, click Automatic, and then click Apply.
4. If Service status is set to Stopped, click Start, and then click OK.
5. Right-click Background Intelligent Transfer Service, and then click Properties.
6. In the Startup type list, click Manual, and then click Apply.
7. If Service status is set to Stopped, click Start, and then click OK.
0
 

Author Comment

by:jb61264
ID: 22779475
I wonder if there is a GPO for BITS and Automatic Updates? Automatic Updates is disabled and BITS is set to "Manual"...I see this on a number of the machines I just looked at as well
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22779683
did you have a different update solution before?

Check out this:
configuring Automatic Updates via GPO.
http://support.microsoft.com/kb/328010
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22786729
GPO - Computer Configuration \ Windows Settings \ Security Settings \ System Services \ Automatic Updates
Set to Automatic

You may need to adjust permissions after doing this:
For Windows XP Automatic Update Service to function the security should be set to Administrators - Full Control, Authenticated Users - Read & Stop, Start, and pause, and SYSTEM - Full Control.
-----------------------------------------------
Since it is default that this is Automatically started I would first take a test machine and change to Automatic and do a gpupdate /force restart and then see if the service is back to disabled.  Or use "resultant set of policy" snapin to test your policies.

Then if no policy is setting this (maybe one existed in the past) then add the above to your WSUS GPO and you will be all set.
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22795558
jb61264

Is there anything else we can do to help you here?  Did you figure out your issues?

Did you use a different update solution before?

Please let me know the status of your wsus deployment issues.
0
 

Author Comment

by:jb61264
ID: 22796848
Sorry I couldn't reply yesterday....was out of the office.

I'm still having issues with WSUS but I don't think it is related to my setup on the server or GPO's...one thing I have noticed over the last year of being at my present job was that whenever we did manual updates we had to run a script first called "SetServiceObjectSecurity.cmd"...are you familiar with this?

It seems like I cannot get my machine or any other PC on our network to update unless I run this script and then go in and manually start the Windows Update service and the BITS service.

I apologize for not remembering to mention this as its been a long time since I tried to update something manually and when I was messing around with mine yesterday, I remembered having to run this script which I've posted below.

Why would I have to run this batch file? Is there something I can set on our system so I don't have to run it?


========================================================================
@echo off
Echo This batch file will Set Service Object Security for WUAUSERV & BITS.
Echo Please wait...
@echo on
sc sdset bits "D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)" >>C:\SetServiceObjectSecurity.log
sc sdset wuauserv "D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)" >>C:\SetServiceObjectSecurity.log
@echo off
Echo Open C:\SetServiceObjectSecurity.log for SUCCESS entry.
Echo Open the Services applet from control panel to see if the services are started.
Echo For any errors; report on http://groups.msn.com/NTarabia
@echo off
Pause
========================================================================

Open in new window

0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22827117
jb61264,
I'm not a programmer so I can't say what this is completely doing but it appears that it is changing the permissions on these two services.  I have listed above how you can fix this with the Automatic Updates service via GPO.  Is anything running in the login script or startup of the workstations that changes this in the first place?

If you build a brand new desktop from CD does this happen?    If so then it is something in login script or GPO.  If not then could be something on your desktops running this at startup or in your build process not using a install cd like Ghost, RIS or Altiris.
0
 

Author Comment

by:jb61264
ID: 22830981
lawson2305...thanks so much for sticking with me through all of this...I'm not a programmer either but I know there is a login script that was put into place by the previous person here....I've attached to this post. Not sure if it is doing anything that would make it so I have to run that "SetServiceObjectSecurity" script to allow me to autoupdate. I'm not using any sort of preinstallation environment when I build a new desktop so I think you're right that it has to be in the login script or the GPO...is there a way to export a GPO for someone to look at?...would you know where to look in the GPO to find out if something is creating this?
Option Explicit
 
Dim objNetwork
Dim computerName, user
Dim cn, rs
Dim strComputer, objWMIService
Dim colNicConfigs, objNicConfig, objNic, strIPAddress, ipAddress 
Dim myOS, objOS, objGroup, objUser, strAdmin, colSoftware, objSoftware 
Dim sSQL, s2SQL, s3SQL, s4SQL
Dim test, charSwap, test2, test3, charSwap2, test4
Dim VideoSet, SoundSet, MemorySet, DiskSet, BIOSSet
Dim Video, videoSQL, Sound, soundSQL, Memory, memSQL, Disk, DType, driveSQL, BIOS, BDate, bioSQL
 
 
Set objNetwork = CreateObject("Wscript.Network")
computerName = objNetwork.ComputerName
user = objNetwork.UserName
 
 
set cn = CreateObject("ADODB.Connection")
set rs = CreateObject("ADODB.Recordset")
 
cn.Open "Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=INVENTORY;Data Source=bpdf2"
 
 
if cn.State <> 1 then
  MsgBox "Database Connection Failed"
  WScript.Quit
end if
 
strComputer = "."
 
Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 
'''''''''''''''''''''''''''''''''Network''''''''''''''''''''''''''''''''''''''''
Set colNicConfigs = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")
 
 
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'''''''''''''''''''''''''''''Service Pack'''''''''''''''''''''''''''''''''''''''
Set myOS = objWMIService.ExecQuery _
    ("Select * from Win32_OperatingSystem")
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''admin rights'''''''''''''''''''''''''''''''''''''''
Set objGroup = GetObject("WinNT://" & computername & "/Administrators")
strAdmin = ""
For Each objUser in objGroup.Members
	If objUser.Name = user Then
		strAdmin = "YES"
	Elseif strAdmin = "YES" Then
		strAdmin = "YES"
	else
		strAdmin = "NO"
	End If
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'''''''''''''''''''''''''''''''''Video''''''''''''''''''''''''''''''''''''''''''
Set VideoSet = GetObject("winmgmts:").InstancesOf("Win32_videoController")
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''Sound''''''''''''''''''''''''''''''''''''''''''
Set SoundSet = GetObject("winmgmts:").InstancesOf("Win32_SoundDevice")
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''Memory'''''''''''''''''''''''''''''''''''''''''
Set MemorySet = GetObject("winmgmts:").InstancesOf("Win32_LogicalMemoryConfiguration")
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''Drive''''''''''''''''''''''''''''''''''''''''''
Set DiskSet = GetObject("winmgmts:").InstancesOf("Win32_LogicalDisk")
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
''''''''''''''''''''''''''''''''Bios'''''''''''''''''''''''''''''''''''''''''
Set BIOSSet = GetObject("winmgmts:").InstancesOf("Win32_BIOS")
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
On Error Resume Next
set rs.ActiveConnection = cn
For Each objNicConfig In colNicConfigs 
  Set objNic = objWMIService.Get _
   ("Win32_NetworkAdapter.DeviceID=" & objNicConfig.Index)
IF Err Then
  For Each strIPAddress In objNicConfig.IPAddress
    ipAddress = strIPAddress
 
	sSQL = "INSERT INTO network(computername,IP,MAC,device,date)"
	sSQL = sSQL & "VALUES('" &  computerName & "','" & ipAddress & "','" & objNicConfig.MACAddress & "','" & objNicConfig.Description & "','" & Now & "')"
  	rs.Open sSQL, cn, 3
  Next
End If
  For Each strIPAddress In objNicConfig.IPAddress
    ipAddress = strIPAddress
 
	sSQL = "INSERT INTO network(computername,IP,MAC,device,date)"
	sSQL = sSQL & "VALUES('" &  computerName & "','" & ipAddress & "','" & objNic.MACAddress & "','" & objNic.Description & "','" & Now & "')"
  	rs.Open sSQL, cn, 3
  Next
Next
 
'msgBox sSQL
	
For Each objOS In myOS
	s2SQL = "INSERT INTO servicepack(computername,OS,latest,date)"
	s2SQL = s2SQL & "VALUES('" &  computerName & "','" & objOS.Name & "','" & objOS.ServicePackMajorVersion & "','" & Now & "')"
'msgBox s2SQL
rs.Open s2SQL, cn, 3
 
Next
	s3SQL = "INSERT INTO rights(computername,username,date,localadmin)"
	s3SQL = s3SQL & "VALUES('" &  computerName & "','" & user & "','" & Now & "','" & strAdmin & "')"
rs.Open s3SQL, cn, 3
'msgBox s3SQL
 
'''''''''''''''''''''''''''''''''software'''''''''''''''''''''''''''''''''''''''
Set colSoftware = objWMIService.ExecQuery _
    ("Select * from Win32_Product")
    
For Each objSoftware in colSoftware
 
test = objSoftware.Name
charSwap = "'"
test2 = Replace(test, charSwap, "")  
 
	s4SQL = "INSERT INTO software(computername,product,version,date)"
	s4SQL = s4SQL & "VALUES('" &  computerName & "','" & test2 & "','" & objSoftware.Version & "','" & Now & "')"
rs.Open s4SQL, cn, 3
'msgBox s4SQL
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''Video SQL insert'''''''''''''''''''''''''''''''
For each Video in VideoSet
	videoSQL = "INSERT INTO videocard(computername,value,date)"
	videoSQL = videoSQL & "VALUES('" &  computerName & "','" & Video.Description & " (" & Video.VideoModeDescription & ")" & "','" & Now & "')"
	'WScript.Echo "Card:" & Video.Description & VBlf & _
	'"Current: " & Video.VideoModeDescription
 
rs.Open videoSQL, cn, 3
 
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''Sound SQL insert'''''''''''''''''''''''''''''''
For each Sound in SoundSet
 
test3 = Sound.ProductName
charSwap2 = "'"
test4 = Replace(test3, charSwap2, "") 
 
		 soundSQL = "INSERT INTO soundcard(computername,value,date)"
		 soundSQL = soundSQL & "VALUES('" &  computerName & "','" & test4 & "(" & Sound.Manufacturer & ")" & "','" & Now & "')"
		 'WScript.Echo "Card:" & Sound.ProductName & VBlf & _
		 '"Manufacturer: " & Sound.Manufacturer
 
'msgBox soundSQL
rs.Open soundSQL, cn, 3
 
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''Memory SQL insert''''''''''''''''''''''''''''''
For each Memory in MemorySet
	memSQL = "INSERT INTO memorycard(computername,value,date)"
	memSQL = memSQL & "VALUES('" &  computerName & "','Total:" & Memory.TotalPhysicalMemory/1024 & " (Virtual:" & Memory.TotalvirtualMemory/1024 & ", Page:" & Memory.TotalPageFileSpace/1024 & ")" & "','" & Now & "')"
	'WScript.Echo "Total:" & _
	'Memory.TotalPhysicalMemory/1024 & VBlf & _
	'"Virtual: " & Memory.TotalvirtualMemory/1024 & VBlf & _
	'"Page: " & Memory.TotalPageFileSpace/1024
 
'msgBox memSQL
rs.Open memSQL, cn, 3
 
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
 
'''''''''''''''''''''''''''''''''Drive SQL insert'''''''''''''''''''''''''''''''
For each Disk in DiskSet
	Select Case Disk.DriveType
		Case 0
			DType = "Unknown"
		Case 1
			DType = "No Root Directory"
		Case 2
			DType = "Removable Disk"
		Case 3
			DType = "Local Disk"
		Case 4
			DType = "Network Drive"
		Case 5
			DType = "Compact Disc"
		Case 6
			DType = "RAM Disk"
	End Select
if DType = "Local Disk" then
	driveSQL = "INSERT INTO drivecard(computername,value,date)"
	driveSQL = driveSQL & "VALUES('" &  computerName & "','Drive:" & Disk.DeviceID & " (Name: " & Disk.Description & ", File System: " & Disk.FileSystem & ", Size: " & Disk.Size & ", Free Space: " & Disk.FreeSpace & ", Compressed: " & Disk.Compressed & ")" & "','" & Now & "')"
 
	'WScript.Echo "Drive:" & Disk.DeviceID & VBlf & _
	'"Name: " & Disk.Description & VBlf & _
	'"Type: " & DType & VBlf & _
	'"File System: " & Disk.FileSystem & VBlf & _
	'"Size: " & Disk.Size & VBLF & _
	'"Free Space: " & Disk.FreeSpace & VBlf & _
	'"Compressed: " & Disk.Compressed	
'msgBox driveSQL
rs.Open driveSQL, cn, 3
 
end if
 
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
'''''''''''''''''''''''''''''''''BIOS SQL insert''''''''''''''''''''''''''''''''
For each BIOS in BIOSSet
	BDate = Left(BIOS.ReleaseDate,8)
	BDate = Mid(BDate,5,2) & "/" & Mid(BDate,7,2) & "/" & _
	Mid(BDate,1,4)	
	
	bioSQL = "INSERT INTO bioscard(computername,value,date)"
	bioSQL = bioSQL & "VALUES('" &  computerName & "','Name: " & BIOS.Name & " (Manufacturer: " & BIOS.Manufacturer & ", Date: " & BDate & ")" & "','" & Now & "')"
 
	'WScript.Echo "Name: " & BIOS.Name & VBlf & _
	'"Manufacturer: " & BIOS.Manufacturer & VBlf & _
	'"Date: " & BDate
 
'msgBox bioSQL
rs.Open bioSQL, cn, 3
	
Next
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
cn.Close
set rs = Nothing
set cn = Nothing
 
'WScript.Quit
 
 
 
 
Dim Network, Group, Drive, Share, SHELL 'test, 
'On Error Resume Next
Set SHELL = CreateObject("WScript.Shell")
Set Network = CreateObject("WScript.Network")
 
'SHELL.Run("\\bpdf2\logon\delete.bat")
 
SHELL.Run("net time \\wsecdc /SET /YES")
 
Wscript.Sleep 2000
 
Drive = "F:"
Share = "\\bpdf2\FDL"
Network.MapNetworkDrive Drive, Share
 
Drive = "G:"
Share = "\\bpdf2\GROUP"
Network.MapNetworkDrive Drive, Share
 
'MapDrive
 
Drive = "I:"
Share = "\\bpdf2\Forms"
Network.MapNetworkDrive Drive, Share
 
'MapDrive
 
Drive = "K:"
Share = "\\bpdf6\QC"
Network.MapNetworkDrive Drive, Share
 
 
Drive = "L:"
Share = "\\bpdf2\SoftMaxPro"
Network.MapNetworkDrive Drive, Share
 
Drive = "M:"
Share = "\\bpdf2\MBL"
Network.MapNetworkDrive Drive, Share
 
'MapDrive 
 
Drive = "O:"
Share = "\\bpdf2\Applications"
Network.MapNetworkDrive Drive, Share
 
Drive = "P:"
Share = "\\bpdf2\pdl"
Network.MapNetworkDrive Drive, Share
 
Drive = "R:"
Share = "\\bpdf2\AML"
Network.MapNetworkDrive Drive, Share
 
Drive = "S:"
Share = "\\bpdf2\pcl"
Network.MapNetworkDrive Drive, Share
 
'MapDrive 
 
Drive = "T:"
Share = "\\bpdf2\Templates"
Network.MapNetworkDrive Drive, Share
 
 
'Drive = "U:"
'Share = "\\bpdf-software\software"
'Network.MapNetworkDrive Drive, Share
 
'MapDrive 
 
'Sub MapDrive()
 
'Network.RemoveNetworkDrive Drive
'Network.MapNetworkDrive Drive, Share
	'IF Err.Number = 0 Then		
		'Shell.Popup "Maped user " & Drive & " to " & Share
	'Else
  	'	Shell.Popup "Error mapping drive " & Drive & " to " & Share
	'End IF
'End Sub
 
 
Group = "UNL-AD\bpdf-bsn"
Drive = "J:"
Share = "\\bpdf2\bsn"
 
MapGroupDrive 
 
Group = "UNL-AD\bpdf-managers"
Drive = "N:"
Share = "\\bpdf2\admin"
 
MapGroupDrive 
 
Group = "UNL-AD\BPDF-QA"
Drive = "Q:"
Share = "\\bpdf6\qa"
 
MapGroupDrive 
 
Group = "UNL-AD\BPDF-admins"
Drive = "U:"
Share = "\\bpdf-software\software"
MapGroupDrive 
 
 
Group = "UNL-AD\BPDF-admins"
Drive = "V:"
Share = "\\bpdf-software\IT"
 
MapGroupDrive 
 
'Option Explicit
 
 
 
WScript.Quit
 
 
Sub MapGroupDrive ()
 
test = SHELL.Run("\\bpdf2\logon\IFMEMBER.EXE " & Group,0,True)
 
	if (test = 1) Then
		'Wscript.Echo " In Group: " & Group 	
		'Wscript.Echo Drive
		'Network.RemoveNetworkDrive Drive
		Network.MapNetworkDrive Drive, Share
			IF Err.Number = 0 Then		
				'Wscript.Echo "Maped " & Drive & " to " & Share
			Else
				'Shell.Popup "Error mapping group drive " & Drive & " to " & Share & " Error Number: " & Err.Number
			End IF
	End IF
End Sub

Open in new window

0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22842452
I don't believe it is anything in the login script doing this but I'm not 100% sure.

As far as GPO setting this you will need to look here:
GPO - Computer Configuration \ Windows Settings \ Security Settings \ System Services \

Now what you should do is use "resultant set of policy" snap in to see what is being GPO defined.
Info
http://technet.microsoft.com/en-us/library/cc758010.aspx
use
http://support.microsoft.com/kb/323276

Again though this would be much easier if you gave some background information as I have requested:
1.  If you build a brand new desktop from CD does this happen?    If so then it is something in login script or GPO.  If not then could be something on your desktops running this at startup or in your build process not using a install cd like Ghost, RIS or Altiris.
I need to know how you deploy your workstations.
2. Did you use a different update solution before?

Please answer the above questions and do this test.
Create a user account and do not give it your login script to RUN.  Build a new desktop from a XP CD without modifications, use original media.  Add the workstation to the domain and keep it in the Computers Objects folder.  Do these services get set to disabled after logging in now?  If so it has to be a GPO located at the root of your domain.  If not then add in the login script to this user account.  Does it now disable the services?  If so you know it is something in your login script.  If not then move the computer object one level into your OU and restart to see if anything is changed.  If so you know it is a gpo added to that OU.  If not got the next level and so on until you get where all your computer objects are located.

You are going to need to do some simple troubleshooting to find out where this is causing the issue (disabling your services).
0
 
LVL 4

Expert Comment

by:lawson2305
ID: 22903963
jb61264
Any update?
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your system is showing symptoms of browser hijacks or 'google search redirects' check out my other article (http://rdsrc.us/u3GP7A) first and run the tool TDSSKiller (http://rdsrc.us/GDBBs4) to get rid of the infection. Once done, and if the …
Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question