WSUS clients overwriting each other
Rob | May 27, 2009Okay, so as you know we have deployed WSUS 3.0 SP1 in our environment to manage the Server patching. Once we made the group policy change to point all clients at the newly deployed WSUS server we found that when some clients were being added to the console, it was deleting an existing server entry.
After some investigation, we found an article by Stephen Farrar (http://sf.net.nz/node/143) which explains that the Syspep process we had followed to provision our virtual servers did not strip out the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\WindowsUpdate\SusClientId
This caused the machines with matching ‘SusClientId’ values to overwrite the existing servers. To rectify the issue, one of the Server Technicians in my team developed a script to remove the value and then force the client to re-register with WSUS, this was then deployed via SMS to each virtual server.
The script in question was
Option ExplicitDim strRegKey, WshShell, strServiceName
Set WshShell = WScript.CreateObject(“WScript.Shell”)‘Delete Automatic Update Client IDstrRegKey = “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\” _
& “CurrentVersion\WindowsUpdate\SusClientId”
WshShell.RegDelete strRegKeystrServiceName = “wuauserv”
WshShell.Run “Net Stop ” & strServiceName, 0, True
WshShell.Run “Net Start ” & strServiceName, 0, True‘Restart Automatic Update Windows Service
‘Force the Client to report to the WSUS Server
WshShell.Run “wuauclt.exe /detectnow /resetauthorization”
The Server Tech that developed the script has his own blog which you can find at http://serverchronicle.blogspot.com he has a multitiude of other useful solutions over there.