Solved

WSUS and symetrically named workgroup machines

Posted on 2011-03-02
10
592 Views
Last Modified: 2012-05-11
Hello Experts -

I've hit a couple brick walls with WSUS.  My enviornment consists of several off domain workgroups, and thoes workgroups share uniquely named servers within them.

For a number of reasons; thoes workgroup server names cannot be changed.  The problem I'm up against now is getting WSUS to reconize them all as unique machines.  It will only keep one instance of the commonly named workgorup server listed in the console.

If I wuauclt /resetauthorization /detectnow on a particular machine, it will indeed populate in WSUS, but overrighting the other same-name server (they all have unique IP).

Any help here?

0
Comment
Question by:rita_corp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
10 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 35020677
Run the script found here on them

http://msmvps.com/blogs/athif/pages/66376.aspx

============================================

@echo off
Echo Save the batch file "AU_Clean_SID.cmd". This batch file will do the following:
Echo 1.    Stops the wuauserv service
Echo 2.    Deletes the AccountDomainSid registry key (if it exists)
Echo 3.    Deletes the PingID registry key (if it exists)
Echo 4.    Deletes the SusClientId registry key (if it exists)
Echo 5.    Restarts the wuauserv service
Echo 6.    Resets the Authorization Cookie
Echo 7.    More information on http://msmvps.com/Athif
Pause
@echo on
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
wuauclt /resetauthorization /detectnow
Pause

============================================

0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 35020700
If that doesnt work you will have to rename
0
 

Author Comment

by:rita_corp
ID: 35020716
I've run this multiple times; with the following result:

Machine A is only showing in the WSUS console:

Run above script on Machine B

Machine B is only showing in WSUS console

Change name of Machine A to something Unique and run script

Machine A and B both show in console.

In production, I cannot change the machine names

Thanks, let me know if I can provide more info!
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 47

Expert Comment

by:Donald Stewart
ID: 35020759
You're gonna have to explain the reasoning for duplicate machine names
0
 

Author Comment

by:rita_corp
ID: 35021017
Trust me I know it's hard to offer that as a given; but thoes machines live in off-domain workgroups and are host to a number of thin client apps that make static reference to a particular name.  Changing the name would essentially be chaning the blood type of our Business Centers.  All things considered, Windows Updates/WSUS has been the only caveat in the operation.  I was hoping there was an EPO way, but haven't found one yet.  EPO generates a guid based of an unique identifier generate by the Mcafee Agent... I was hoping the WU agent did something simiar; I understand it's tied ot SID, but have ensured unqiue SID (sysprep loads etc) across all target workstation servers.

TRUELY hoping for a way to make this work but would absolutley settle for a way to customize windows update Agent on the Client computers so that it only pull/ download/and installs critical updates (from microsoft, not WSUS) that are x amount of days OLD.  (to give us time to let them hit a lab site and see if they sit well).  Is that possible?

Thanks for all your help
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 35021056
You should take a look at WUInstall

http://wuinstall.com/
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 35021084
Do the workstations have the latest windows update agent ? That could also be the problem
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 35021100
Here's another option you could use as well


Windows Update Agent force script, email results version 2.6

http://community.spiceworks.com/scripts/show/82-windows-update-agent-force-script-email-results-version-2-6
0
 

Author Comment

by:rita_corp
ID: 35023170
WUinstall looks promising; anything in this vein

http://support.microsoft.com/kb/262841?

re:  command line driven windows updates?
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 35023925
With Wuinstall you dont need the individual command line options. I believe it uses the same thing as Qchain


http://support.microsoft.com/kb/296861
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you are trying to access the server, have you ever encountered "The terminal server has exceeded the maximum number of allowed connection" error?  or "The user is attempting to log on to a Terminal Server in Remote Administration mode, but the …
Back in July, I blogged about how Microsoft's new server pricing model, combined with the end of the Small Business Server package, would result in significant cost increases for many small businesses (see SBS End of Life: Microsoft Punishes Small B…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question