Solved

How to verify if the sus updates are updating or not the clients in the network.

Posted on 2009-03-31
12
239 Views
Last Modified: 2012-05-06
Hello experts
How to verify if the sus updates are updating or not the clients in the network.
pls and thanks
0
Comment
Question by:ashjuv
  • 7
  • 5
12 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24031531
from here
http://www.winserverkb.com/Uwe/Forum.aspx/wsus/1463/How-verify-clients-connect-to-WSUS-after-setup-Group-Policy

The place to determine whether your clients are responding properly, or not,
is the %windir%\WindowsUpdate.log.

However, if the client has not yet appeared in the WSUS console, then the
most likely cause is that the clients have not successfully selfupdated.
This condition will occur if any of the following conditions exists:
    (1) The operating system is Windows XP RTM or earlier and the computer
has /never/ been updated from Windows Update.
    (2) The operating system is Windows XP SP1 or later, or the system has
been previously updated from Windows Update, and
            (a) the Group Policy has not been properly configured or applied
            (b) the permissions to the virtual server or virtual directory
of the WSUS server are incorrect
            (c) the permissions to the relevant folders of the filesystem of
the WSUS server are incorrect
            (d) the Automatic Updates service on the client is not Started
and/or configured to use the Local System account for Log On.

To verify that the group policy has been properly applied,
    inspect the registry values at
           HKLM\Software\Policies\Windows\WindowsUpdate
    and HKLM\Software\Policies\Windows\WindowsUpdate\AU
or run RSOP.MSC on the client to inspect the effective policies applied.

To verify the IIS and NTFS permissions on the WSUS server,
check http://wsusinfo.onsitechsolutions.com/articles/016.htm
and compare to your own server's configuration.

To verify other aspects of your client-side configuration, download and run
the Client Diagnostics tool from:
http://download.microsoft.com/download/9/7/6/976d1084-d2fd-45a1-8c27-a467c768d8e
f/WSUS%20Client%20Diagnostic%20Tool.EXE
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24031553
0
 

Author Comment

by:ashjuv
ID: 24032092
HI

yes the wsus console does not show any clients listed. Can i not just add all the computers to the console and like push the updates onto them.
 
Do i check the windows update log file on every workstation or the wsus server//
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24032374
Did you make the appropriate settings in group policy ?

Configuring the WSUS Client by Group Policy
0
 

Author Comment

by:ashjuv
ID: 24032821
thanks for your help, but this is getting way more confusing

the whole wsus update stuff was setup by someone else on this clients network.

Hi

thanks for your help, this is what i did as per your posts, but now I am totally lost .

Checked the windows update log on the server and it seems the updates are running every day. Cuz i see entries in for today date itself.

I ran client diag tool on a worsktation and it came with "passs" for all wsus related actions.

I checked the group policies that have been applied to a client workstation and it looks like it has a bunch of group policies in place that related to windows update.

also checked the registry values on the workstation and tehy look good as well..

So now , how do i proceed??
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 24033035
WSUS: Force Registration of Clients That Are Not Showing Up


modified version below (save as fixwsus.cmd)

%Windir%\system32\net.exe stop bits 

%Windir%\system32\net.exe stop wuauserv

 

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f

 
 
 

if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll  

if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll 

if exist %Windir%\system32\softpub.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll  

if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll 

if exist %Windir%\system32\wuaueng.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll  

if exist %Windir%\system32\wuaueng1.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll  

if exist %Windir%\system32\wucltui.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll  

if exist %Windir%\system32\wups.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll  

if exist %Windir%\system32\wups2.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll  

if exist %Windir%\system32\wuweb.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll  

if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll

if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll

if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll

if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll

if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll

if exist %windir%\system32\msxml.dll  %windir%\system32\regsvr32.exe /s msxml.dll

if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll

if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll

if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll

if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll

if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll

if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
 
 

rd /s /q %windir%\softwareDistribution

sleep 5

%Windir%\system32\net.exe start bits 

%Windir%\system32\net.exe start wuauserv 
 
 

sc sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
 

sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 

wuauclt /detectnow /resetauthorization
 
 

exit /B 0 

Open in new window

0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24033144
0
 

Author Comment

by:ashjuv
ID: 24035723
Hi

thanks, you are truly resourcefull. Reading all your posts it kind of makes sense now, but I havent' tried the script part. Do I run it on the server or the client. Could you please let me know.

thanks a buch
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24035731
client
0
 

Author Comment

by:ashjuv
ID: 24035782
I have one last question, if the clients that are showing up in wsus are 98 percent etc, then that means they will be eventually be updated or they got stuck at that update level..

Could you please answer it. Please and thanks
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24035821
it means that  either there are pending updates, failed updates or even updates that havent been approved. You can double click on them to get a report.
0
 

Author Comment

by:ashjuv
ID: 24036222
thanks, if the clients dont show as 100 percent sooner then I am going to come back and ask another question,

thanks for all your help
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now