Solved

Use WSUS on none domain computers

Posted on 2013-05-21
24
304 Views
Last Modified: 2013-05-29
Hi all, Is it possible to set a WSUS server up on a workgroup and not a domain?
I have the server with WDS and WSUS and that is a domain controller but what i am after is imaging a load of computers but not joining the domain as we hire these out so domain membership is not needed.
We want a fast option to perform updates once a new image is installed and if we say do 50 builds we don't want to have 50 computers logging onto the internet to do the same updates.
i know we could refresh the build with the new updates but as they come out nearly every day this is a right pain.
Any help appreciated :-)
0
Comment
Question by:Shifnal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 8
  • 3
  • +1
24 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 39183951
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39184001
We use WSUS to deplay updates to a training domain that is seperate from the domain that our WSUS server is a member of, it works fine, we use a registry update via the login script to configure the Automic Updates service on the workstations to point at this WSUS server.

If you are pre-configuring the image with this information then ensure you clear the WSUS client id prior to creating your image.

We use this batch file on our image before sysprep.

@echo off
Echo This batch file will do the following:
Echo 1.    Stops the wuauserv service
Echo 2.    Deletes the AccountDomainSid registry key (if it exists)
Echo 3.    Deletes the PingID registry key (if it exists)
Echo 4.    Deletes the SusClientId registry key (if it exists)
echo.
Pause
@echo on
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
Pause

Open in new window

0
 

Author Comment

by:Shifnal
ID: 39184018
will try both options and update when done.
Many thanks
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:Shifnal
ID: 39184191
fist responce fails with an error you can only import binary registry files from within the registry editor
0
 

Author Comment

by:Shifnal
ID: 39184205
Second response fails as well say files not there.
Can i not just change something on the local policy to point to the WSUS server?
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39184609
The code on that website is missing the correct first line that makes regedit understand the file.  My manual wsus registry update file looks like this:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="http://WSUS01:8530"
"WUStatusServer"="http://WSUS01:8530"

Open in new window

0
 

Author Comment

by:Shifnal
ID: 39185103
Same as before, comes up with an error saying i can only import binary files from within regedit, i try and it still fails.
Just to confirm, these computers are not part of a domain and never have been
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39185552
Ah sorry I see what you are doing.

Don't use the import feature in regedit, instead use

regedit "c:\<path_to_file>\filename.reg"

Open in new window


on the command line to import the settings from a .reg file into the registry.
0
 

Author Comment

by:Shifnal
ID: 39186658
still get the same message
"Cannot import c:\wsus.reg: The specified file is not a registry script.
Yo can only import Binary registry files from within the registry editor"

I am running command prompt as an administrator with the same results
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 39187186
Might have a better solution...WSusOffline - http://download.wsusoffline.net/

Not related to WSUS as such, its a standalone app that downloads the updates from Microsoft and you then run 'UpdateClient.exe' on the client machine to install the updates on each machine you need them on...

It keeps record of all the updates you download - so in a way it acts like a WSUS
It can download all updates for XP/2003/2008/7/etc...x86 and x64
.Net, Service packs...the works

Just an other alternative, I use it for updating machines we reinstall from time to time, saves the downloads you mentioned...
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39187565
What are you using to create the .reg file?  it needs to be notepad or a text editor like notepad++

I've just tried copy inthe code into a blank notepad document, I saved it as wsus.reg to the root of my C: drive, then went into a command prompt and type regedit c:\wsus.reg.

It asked me to confirm that I wanted to import the values into the registry which i did and it came up with a message confirming it had successfully added the values into the registry.
0
 

Author Comment

by:Shifnal
ID: 39187844
did exactly the same, used notepad and saved it as wsus.reg ????
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39188028
Can you advise what operating system you are trying this on.
0
 

Author Comment

by:Shifnal
ID: 39188058
Windows 7 pro 64 bit
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39190411
I posted this yesterday, I must have posted it to the wrong thread as it obviously isn't here, oops!

http://crmdev.wordpress.com/2010/10/04/the-specified-file-is-not-a-registry-script-how-encoding-can-ruin-your-morning/
0
 

Author Comment

by:Shifnal
ID: 39190430
still get the same error no mater what code i save it under :-(
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39190473
Here is the one from my machine that worked ok, by all means view it to check it only contains legitimate code but DO NOT edit it.

Try importing this into to your registry using
regedit "c:\<path to file>\wsus.reg"

Open in new window

0
 

Author Comment

by:Shifnal
ID: 39202231
none of the above worked for me :-(
0
 

Author Comment

by:Shifnal
ID: 39203972
I've requested that this question be deleted for the following reason:

no answer worked so changed sollotion
0
 
LVL 24

Accepted Solution

by:
smckeown777 earned 500 total points
ID: 39202306
What about my solution? Its exactly what you want...

Download the updates...once
Then run the updates on each of the 50 machines you have?
0
 

Author Closing Comment

by:Shifnal
ID: 39203973
it's a work around although not all updates worked it gives 80%
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39203990
You have an issue with importing .reg files Shifnal, you need to investigate this issue as it could lead to potentially lots of other problems.

Have you tried disabling your security software and retried a .reg import?
0
 

Author Comment

by:Shifnal
ID: 39203993
Thanks for the post but the original question was about WSUS and not having problems with importing .reg files.
I will sort the WSUS out and then have a look into if i have issues importing .reg files and if i have problems may post another question onto here then.
many thanks to all experts who have helped in this :-)
0
 
LVL 24

Expert Comment

by:smckeown777
ID: 39204508
Not sure which updates didn't work...but there's a bit of playing around with the settings to get exactly everything you need...but its a bandwidth saver for us either way...cheers
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have put this article together as i needed to get all the information that might be available already into one general document that could be referenced once without searching the Internet for the different pieces. I have had a few issues where…
The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question