Mark Minasi's Reader Forum
Mark Minasi's Reader Forum
Home | Profile | Register | Active Topics | Active Polls | Members | Search | FAQ | Minasi Forum RSS Feed
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 OTHER HALP! Linux, Hardware, and Anything Else
 SUS / WSUS, HFNetChk
 Initiate Windows update from WSUS server manually		  New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

aval
Honorable But Hopeless Addict

USA
2089 Posts
Status: offline
Posted - 09/01/2008 :  6:52:09 PM  Show Profile  Reply with Quote
Let's say for some reason I want certain computers (perhaps those not regularly connected to the network) to get updates from the WSUS server at a time of my choice (and manually).

Initiation of update would be at clients - updating from WSUS server rather than MS site (yes, I know how to do that!).

Is there a command and thus script I could run?

I've seen some references to the /autodetect switch but don't have any more details at present. Will keep looking on my end.

TIA!
Edited by - aval on 09/01/2008 6:54:48 PM

arek73
Moderator

Poland
4592 Posts
Status: offline
Posted - 09/01/2008 :  11:03:15 PM  Show Profile  Visit arek73's Homepage  Click to see arek73's MSN Messenger address  Reply with Quote
On the client, just run: wuauclt /detectnow. This will bypass the scheduled detection cycle and trigger it immediately. You will still need to click on the icon to install the updates though.
----
Arek
Go to Top of Page

aval
Honorable But Hopeless Addict

USA
2089 Posts
Status: offline
Posted - 09/02/2008 :  3:49:11 PM  Show Profile  Reply with Quote
Thanks for the clarification.

I see that autodetect is not the name of the switch itself.

Now I simply, very simply, typed that at the command line:

C:\wuauclt /detectnow

Task Manager shows its running but nothing happens 5 minutes later.

And how does it recognize my WSUS server?

Is there something I need to do to help it out?
Go to Top of Page

arek73
Moderator

Poland
4592 Posts
Status: offline
Posted - 09/02/2008 :  5:00:04 PM  Show Profile  Visit arek73's Homepage  Click to see arek73's MSN Messenger address  Reply with Quote
Can you post you client's AU registry settings?
----
Arek
Go to Top of Page

aval
Honorable But Hopeless Addict

USA
2089 Posts
Status: offline
Posted - 09/04/2008 :  2:11:01 PM  Show Profile  Reply with Quote
Sorry to be so late getting back... Thanks once again.

Do you mean this key:

HKLM | Software | Microsoft | Windows | Current Version | Windows Update | Auto Update ???

This is for AutoUpdate:

quote:
Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update
Class Name: <NO CLASS>
Last Write Time: 9/4/2008 - 1:52 PM
Value 0
Name: SetupWizardLaunchTime
Type: REG_SZ
Data: 2008-07-08 17:36:12

Value 1
Name: BalloonTime
Type: REG_SZ
Data: 2008-09-04 17:52:33

Value 2
Name: BalloonType
Type: REG_DWORD
Data: 0x2


Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\UAS
Class Name: <NO CLASS>
Last Write Time: 9/4/2008 - 1:48 PM
Value 0
Name: UpdateCount
Type: REG_DWORD
Data: 0


This is for WindowsUpdate:

quote:
Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
Class Name: <NO CLASS>
Last Write Time: 7/8/2008 - 1:36 PM
Value 0
Name: SusClientId
Type: REG_SZ
Data: e49fbe0d-8f52-496f-870c-6c4124d174ab

Value 1
Name: SusClientIdValidation
Type: REG_BINARY
Data:
00000000 04 01 28 01 30 00 38 00 - 30 00 36 00 31 00 37 00 ..(.0.8.0.6.1.7.
00000010 44 00 50 00 30 00 44 00 - 37 00 30 00 44 00 56 00 D.P.0.D.7.0.D.V.
00000020 47 00 4b 00 54 00 44 00 - 4e 00 43 00 06 00 21 86 G.K.T.D.N.C...!.
00000030 54 16 d5 T.Õ


Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update
Class Name: <NO CLASS>
Last Write Time: 9/4/2008 - 1:52 PM
Value 0
Name: SetupWizardLaunchTime
Type: REG_SZ
Data: 2008-07-08 17:36:12

Value 1
Name: BalloonTime
Type: REG_SZ
Data: 2008-09-04 17:52:33

Value 2
Name: BalloonType
Type: REG_DWORD
Data: 0x2


Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\UAS
Class Name: <NO CLASS>
Last Write Time: 9/4/2008 - 1:48 PM
Value 0
Name: UpdateCount
Type: REG_DWORD
Data: 0


Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting
Class Name: <NO CLASS>
Last Write Time: 7/8/2008 - 1:22 PM
Value 0
Name: BatchFlushAge
Type: REG_DWORD
Data: 0x75e5

Value 1
Name: SamplingValue2
Type: REG_DWORD
Data: 0x12d


Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache
Class Name: <NO CLASS>
Last Write Time: 7/8/2008 - 1:22 PM

Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services
Class Name: <NO CLASS>
Last Write Time: 7/8/2008 - 1:36 PM

Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending
Class Name: <NO CLASS>
Last Write Time: 7/8/2008 - 1:21 PM
Value 0
Name: ValidatedPreWsus3RegistrationRequests
Type: REG_DWORD
Data: 0x1


Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup
Class Name: <NO CLASS>
Last Write Time: 7/8/2008 - 1:21 PM
Value 0
Name: SelfUpdateStatus
Type: REG_DWORD
Data: 0

Value 1
Name: SelfupdateUnmanaged
Type: REG_DWORD
Data: 0



I suppose I'm expecting too much: I'll need to enter the name and location or the WSUS server in there... somewhere? I thought for a second that the detect function might find a WSUS server by itself but thinking about it some more, that doesn't make sense (?).
Go to Top of Page

arek73
Moderator

Poland
4592 Posts
Status: offline
Posted - 09/04/2008 :  7:00:24 PM  Show Profile  Visit arek73's Homepage  Click to see arek73's MSN Messenger address  Reply with Quote
Thanks for posting. Sorry, I should be more specific: HKLM\Software\Policies\Microsoft\Windows\Windows Update

Can you post it again?
----
Arek
Go to Top of Page

aval
Honorable But Hopeless Addict

USA
2089 Posts
Status: offline
Posted - 09/08/2008 :  09:09:57 AM  Show Profile  Reply with Quote
There's no Windows Update sub-key on this laptop at all. Just:

+ Current Version
+ IPSec
- Network Connections
+ Safer
- System

And I confirm that we're at:

HKLM\Software\Policies\Microsoft\Windows\
Go to Top of Page

arek73
Moderator

Poland
4592 Posts
Status: offline
Posted - 09/08/2008 :  09:58:07 AM  Show Profile  Visit arek73's Homepage  Click to see arek73's MSN Messenger address  Reply with Quote
Here's how mine looks like:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"ElevateNonAdmins"=dword:00000001
"TargetGroupEnabled"=dword:00000001
"TargetGroup"="Laptops"
"WUServer"="http://wsus-clients:8530"
"WUStatusServer"="http://wsus-clients:8530"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000e
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"DetectionFrequencyEnabled"=dword:00000001
"DetectionFrequency"=dword:00000016
"AutoInstallMinorUpdates"=dword:00000001
"RebootRelaunchTimeoutEnabled"=dword:00000001
"RebootRelaunchTimeout"=dword:00000078
"UseWUServer"=dword:00000001

Few comments:

1) we use port 8530 instead of default 80, so that's why you see it WUServer and WUStatusServer lines
2) AUOptions set to 4 means "download and install updated automatically based on the schedule. That works in tandem with ScheduledInstallDay and ScheduledInstalledTime flags.

Hope this helps.
----
Arek
Go to Top of Page

aval
Honorable But Hopeless Addict

USA
2089 Posts
Status: offline
Posted - 10/12/2008 :  1:19:01 PM  Show Profile  Reply with Quote
OK, I'm late responding to this by a good month...

Anyway, it looks like I have to configure something in GP for these keys to exist, is that correct?

And if I do that, I have to configure it to do something: install updates, or just download and notify, etc..

My problem is that most lab computers (unlike staff computers for example) use a product that erases on reboot all changes made to the original client configuration (unless later changes were made when the machine was in an "unfrozen" state.

So, even if I configured GP to download the appropriate updates, it would keep doing this until I unfreeze the machines and make the installation of the updates permanent.

I was wondering if there is a way that I could unfreeze the machines, and then, rather than run Microsoft Update with MS as the source of the updates, make that process happen with my WSUS server as the update source?

There's gotta be a script or something...???
Go to Top of Page

Tray
Major Contributor

USA
756 Posts
Status: offline
Posted - 10/13/2008 :  09:09:09 AM  Show Profile  Reply with Quote
Aval:

check out the script over at vbshf.com. It should have more than enough for what you are looking for.

Link: http://www.vbshf.com/vbshf/forum/forums/forum-view.asp?fid=43

--Tray
Go to Top of Page

Tray
Major Contributor

USA
756 Posts
Status: offline
Posted - 10/13/2008 :  09:22:07 AM  Show Profile  Reply with Quote
Aval:

One more thing. The script (or any script I have seen so far), seems to fail when running when a patch has been assigned a deadline that passes. The funny thing is that while the script fails, the WSUS engine itself senses that the patch needs to be installed and will install it. Just one more thing to be aware of.

--Tray
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Mark Minasi's Reader Forum © 2002-2009 Mark Minasi Go To Top Of Page
This page was generated in 0.11 seconds. Snitz Forums 2000