WSUS Server limits to 12 clients - windows

I'm having an issue where my WSUS Server (Windows 2012 R2) only reports 12 clients. I've modified the local group policy of each client host to contact the WSUS server, but only 12 show under "All Computers". If I attempt to add a 13th client, the server will bump one of the last 12 (I cannot tell if it's the previously added client, FIFO, or random).
Did I miss something in setup of the server or is it an issue with WSUS? I followed the basic/default setup for the installation of WSUS and nothing else is running on the server.
I've tried finding anything on the issue but this seems like I'm the only one so I'm sure its a misconfiguration on my part.
Thank you for advice and help...
David

So the problem was not associated with a 12 client limit - either with server or WSUS application. I was able to apply the suggestion above and the problem resolved.

There SusClientId are duplicated.
You will need to run on every client the following script:
net stop wuauserv
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIDValidation /f
net start wuauserv
wuauclt.exe /resetauthorization /detectnow
pause
Reference

Related

how to delete specific user remotely

I need to delete specific user example "UserExample" from around 400 windows PCs remotely so I made this batch file but this will delete local PC user not the remote any one can help me to improve that batch
note there is no domain server linked to these pcs
thanks
#echo On
Title %1 - DeleteUser from
:NETUSE
Net use "\\%1\c$" 123456 /user:admin
if %errorlevel% NEQ 0 goto :NETUSE
net user UserExample /delete
pause
EXIT
I would assume you could use WMIC to connect to all the units listed in a text file and delete the user from them.
Something along the lines of this, perhaps:
WMIC /Output:UserDelete.log /Node:#PCList.txt /User:Administrator /Password:Pa55w0rd UserAccount Where "Name='UserExample' And LocalAccount='TRUE'" Delete
I do find it hard to believe that a single user has created accounts on 400 PC's though

Discrepancy REG QUERY local vs remote computer batch script

I'm writing a batch script to update a software package (uninstall old
version/ install new one). This needs to be done over the network as
there are 500 PCs to update. One of the first steps before uninstalling is checking wether that software is installed or not. In order to check that
I query the registry:
reg query "HKLM\SOFTWARE\A.E.T Europe B.V."
This query gives adecuate results when running in local (for testing purposes), but when I run it remotely (they way it will be
ran) returns wrong results.
reg query "\\I301\HKLM\SOFTWARE\A.E.T Europe B.V."
returns 0 if i run that line locally. But if I log into I301 and run the
query locally returns 1, being the truth that A.E.T Europe B.V. shows up under the Wow6432Node branch in the windows registry.
Why is that???
Thanks in advance!
If there is on 64-bit Windows just the key
HKLM\SOFTWARE\Wow6432Node\A.E.T Europe B.V.
but no key
HKLM\SOFTWARE\A.E.T Europe B.V.
the reason for the different result is caused most likely by which version of reg.exe is executed from batch file or command line.
The key is not found if 64-bit %SystemRoot%\System32\reg.exe is executed on processing the batch file or running the command by 64-bit %SystemRoot%\System32\cmd.exe on using the line
reg query "\\I301\HKLM\SOFTWARE\A.E.T Europe B.V."
But the key is found if 32-bit %SystemRoot%\SysWOW64\reg.exe is executed on processing the batch file or running the command by 32-bit %SystemRoot%\SysWOW64\cmd.exe on using the line
reg query "HKLM\SOFTWARE\A.E.T Europe B.V."
because for the 32-bit applications the registry access to HKLM\SOFTWARE is redirected to HKLM\SOFTWARE\Wow6432Node by registry redirector.
Check both possible key locations:
#echo off
%SystemRoot%\System32\ping.exe -n 1 I301 >nul
if errorlevel 1 (
echo Computer with name I301 is not available in network.
goto :EOF
)
%SystemRoot%\System32\reg.exe query "\\I301\HKLM\SOFTWARE\A.E.T Europe B.V." >nul 2>&1
if not errorlevel 1 goto Installed
%SystemRoot%\System32\reg.exe query "\\I301\HKLM\SOFTWARE\Wow6432Node\A.E.T Europe B.V." >nul 2>&1
if not errorlevel 1 goto Installed
echo A.E.T Europe B.V. is not installed.
goto :EOF
:Installed
echo A.E.T Europe B.V. is installed already.
See also the Microsoft documentation pages:
File System Redirector
WOW64 Implementation Details
Registry Keys Affected by WOW64
Good answer by Mofi. On 64 bit systems you might also consider using
/reg:32 & /reg:64
See REG QUERY /?
You can sometimes get into trouble if you are launching CMD.exe from another app. If that app is a 32 bit app it will launch the 32 bit version of CMD.exe
Thanks Mofi and RGuggisberg,
Found out about everything Mofi said (and RGuggisberg complemented) later on the day. Since I couldn't make it work I tried checking for the Uninstall entry in the registry, thinking it would be there and only there. After getting again similar results I did a bit more googling and found out about Windows having two trees in the registry: one for 32 bits applications and another for 64 bits. The hint was given by:
http://ss64.com/nt/reg.html
At the end it shows up the two options that RGuggisber mentions /reg:32 & /reg:64. Looked them up and found about the existence of both registries.
https://msdn.microsoft.com/es-es/library/windows/desktop/ms724072%28v=vs.85%29.aspx
Tried same query (for uninstalled) BUT using /reg:64 and found the key I was looking for. Tried with /reg:32 and indeed could not find it. The machine I was running the script from runs Windows 7 32-bits. The remote machine Windows 8.1 64 bits.

how to edit AutoConfigUrl registry for proxy pac using script

We are creating a SSL VPN setup and our SSL VPN Gatway does not push pac files to the end users machines. But it do supoort running scripts when user connects and disconnet the ssl vpn.
I have created two batch files placed in system one will get execute at the time of connecting to SSL VPN and other at the time of disconnect to the VPN
Connecting to VPN reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigURL /t REG_SZ /d "http://www-abc.com:3132/accelerated_pac_base.pac " /f
Disconnecting to VPN reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigURL /t REG_SZ /d "" /f
The same is getting updated in the registry but not in the internet explorer connection settings.
Above, you mentioned that we have to modify the value under [HKEY_USERS\, to rectify brower restart issue.
Is is possible to create a two files ( Loin/Logout ) which could be provided to around 100 users to place in their system in the given path. and that patch would be called from our SSL vpn access gateway and resolve browser restart issue
Thanks
Manpreet Bhuee

Changing Windows 7 Wallpaper Remotely

I am trying to remotely change the wallpaper on about 50 computers that are running Win 7 in a WORKGROUP environment.
I have local admin rights to all of them plus they are running an agent (Faronics) that lets me push .bat .exe .msi .vbs and .ps1 to them remotely.
Just wondering if there was any application that lets me do that remotely or if not, what is the easiest way to get my image to these machines and set it as default wallpaper?
The wallpaper that Windows uses is in the registry under the HKCU\Control Panel\Desktop\Wallpaper key
you just can change it with the REG command.
See REG /? and then try...
reg query "HKCU\Control Panel\Desktop" /v Wallpaper
and
reg add "HKCU\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d D:\my.bmp /f
Replacing the file in the following path C:\Users\[user name]\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg is hit or miss depending upon the other desktop background settings shown on the GUI and file type.
I have been able to successfully replace the file with another .jpg file renamed TranscodedWallpaper.jpg and put in its place but the Desktop doesn't just update by itself.
You have to force it with the Rundll32.exe user32.dll,UpdatePerUserSystemParameters command.
This is also hit or miss. I have had it work several times correctly while physically on the computer but cannot get the computer to do the same remotely.
Still working on a 100% working remote solution to fully answer the question.
You can use intelliadmin network administrator to change the desktop pictures remotely on all computers at once

How to write batch file to retsart services with varying names

I'm trying to write a batch file that will restart a service from a program my company uses called Bomgar that allows our help desk technicians to remote into an employees computer. I know how to write a batch file that restarts services, the problem is that each service has a unique number ID on it (example; bomgar-ps-10000000-10000000) that is completely different machine to machine. Is there a way to restart services whose name falls within a "range"? Say any service whose name contains "bomgar-ps" as an example.
Really not sure how to handle this. The problem we're having is that this service is failing to start up occasionally and when an employee calls with a problem, they aren't tech savvy so a lot of time is wasted trying to guide them into services.msc and manually restarting the service.
This should work also.
#echo off
set "servicename="
for /f "tokens=*" %%a in ('net start ^| find /i "bomgar-ps") do set "servicename=%%a"
if defined servicename net stop "%servicename%"
ping -n 3 localhost >nul
net start "%servicename%"
echo servicename "%servicename%" has attempted to restart
If you are merely guiding someone over the phone to restart the service then this will print the name to the console, in a fairly simple manner (add /i to the find command if bomgar can be mixed case"
net start|find "bomgar"
Try this, I used it to search for the print spooler name and restart it. You should be able to replace spool with boomgar-ps, you may even be able to remove the SERVICE_NAME: part.
#ECHO OFF
>%TEMP%\~sc.log (sc queryex type= service state= all)
for /F "tokens=1,* delims=: " %%I in ('type %TEMP%\~sc.log^|find "SERVICE_NAME: Spool"') do set scname=%%J
ECHO RESTARTING %scname%
sc stop %scname%
sc start %scname%

Resources