I’ve put together a VBScript that will read a registry value from every machine in a domain & output the results to a file. I chose a .csv file so that the results could be sorted in Excel.
I created this script to give me a list of the Trend update servers our machines are connecting to, but the script can easily be modified to check any registry value. You can also modify the output file name & location easily. The domain name is part of an LDAP query, so I couldn’t make that a variable. You’ll have to find where “DC=domain,DC=com” is in the script & modify with your domain info.
When you launch the script, it will tell you where the output file will go. When the script has finished, it will generate a message box telling you that it is finished & where the file is (again). The output file will give you a list of machines and the Trend server that they are updating from. If Trend is not installed, the resulting field will be blank. If a machine is unreachable, the resulting field will be an error message.
It takes a while for it to run, since it will wait & time out on every machine that is not reachable.
--------------------------------------------------------------------------
'This script will display a registry value for all computers on your domain
Const ADS_SCOPE_SUBTREE = 2
Const OPEN_FILE_FOR_WRITING = 2
Const ForReading = 1
Const HKEY_LOCAL_MACHINE = &H80000002 'HKLM hive
Const CompKey = "SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName"
Const CompValue = "ComputerName"
strRegKey = "SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc."
strRegValue = "UpdateFrom"
strDirectory = "C:\"
strFileName = "TrendUpdateServers.csv"
strWritePath = strDirectory & strFileName
On Error Resume Next
Wscript.Echo "The output will be written to " & strWritePath
Set objFSO1 = CreateObject("Scripting.FileSystemObject")
If objFSO1.FileExists(strWritePath) Then
Set objFolder = objFSO1.GetFile(strWritePath)
Else
Set objFile = objFSO1.CreateTextFile(strWritePath)
objFile = ""
End If
Set fso = CreateObject("Scripting.FileSystemObject")
Set textFile = fso.OpenTextFile(strWritePath, OPEN_FILE_FOR_WRITING)
' Header Row
textFile.WriteLine ("Machine Name, Result")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
"Select Name, Location from 'LDAP://DC=domain,DC=com'"_
& "Where objectClass='computer'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
' Wscript.Echo "Computer Name: " & objRecordSet.Fields("Name").Value
' textFile.WriteLine(objRecordSet.Fields("Name").Value)
strComputer = (objRecordSet.Fields("Name"))
' WScript.Echo strComputer
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")
IF Err <> 0 Then
' WScript.Echo strComputer & " generated the following error: " & Err.Description
textFile.WriteLine (strComputer & ", " & Err.Description)
Err.Clear
Else
oReg.GetStringValue HKEY_LOCAL_MACHINE, CompKey, CompValue, strActiveName
' oReg.GetDWordValue HKEY_LOCAL_MACHINE, strRegKey, strRegValue, intNumber
oReg.GetStringValue HKEY_LOCAL_MACHINE, strRegKey, strRegValue, strTrendServer
' textFile.WriteLine (strActiveName & ", " & intNumber)
textFile.WriteLine (strActiveName & ", " & StrTrendServer)
End If
objRecordSet.MoveNext
Loop
WScript.Echo "Finished! The output has been written to " & strWritePath
Tuesday, April 7, 2009
Thursday, April 2, 2009
4-2-09
We had a number of machines that were not showing up on the WSUS console. All machines are pointed to WSUS using an Active Directory (AD) Group Policy Object (GPO), so there wasn't any difference there to troubleshoot. Looking at the registry on the client machines, the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate settings were correct for our WSUS server and the Automatic Updates & BITS services were enabled and running. Running wuauclt.exe /resetauthorization /detectnow from a command prompt didn't fix the problem computers. The c:\Windows\WindowsUpdate.log file showed that the clients were contacting our WSUS server & even doing updates. The WSUS Client Diagnostics Tool (from here: http://technet.microsoft.com/en-us/wsus/bb466192.aspx ) showed no issues connecting to our server.
I found this solution on the internet:
5. Imaged clients with a duplicate client ID will only appear once in the WSUS Admin Console. Each AU client must have a unique id which is created for each individual install. When imaging systems it is recommended always to use SysPrep. The WSUS admin console will only display one client for each unique ID. If you have multiple clients created from one image which are sharing the same ID, only one will appear in the WSUS admin console. All clients will check in and download updates, but only one will appear and display status in the WSUS admin console. In cases where clients are not checking in, and they were created from images without running SysPrep, the following steps will reset the existing duplicative client IDs.
a. Run regedit and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
b. Delete the PingID, SUSClientID and the AccountDomainSID values
(on our machines, AccountDomainSID didn't exist, but SUSClientIdValidation did. I deleted PingID, SUSClientID, and SUSClientIDValidation)
c. Stop and start the Wuauserv Service
d. From the command prompt run: wuauclt /resetauthorization /detectnow
or-
From the command line, once you are sure the AU client is properly configured and not disabled, you could run a batch file (which might look something like this sample) and get the same results:
rem Fixes problem with client machines not showing up on the server due to imaging method
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
cls
@echo Triggering detection after resetting WSUS client identity
net stop wuauserv
net start wuauserv
wuauclt /resetauthorization /detectnow
source:
http://www.wsuswiki.com/ClientFAQ
I found this solution on the internet:
5. Imaged clients with a duplicate client ID will only appear once in the WSUS Admin Console. Each AU client must have a unique id which is created for each individual install. When imaging systems it is recommended always to use SysPrep. The WSUS admin console will only display one client for each unique ID. If you have multiple clients created from one image which are sharing the same ID, only one will appear in the WSUS admin console. All clients will check in and download updates, but only one will appear and display status in the WSUS admin console. In cases where clients are not checking in, and they were created from images without running SysPrep, the following steps will reset the existing duplicative client IDs.
a. Run regedit and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
b. Delete the PingID, SUSClientID and the AccountDomainSID values
(on our machines, AccountDomainSID didn't exist, but SUSClientIdValidation did. I deleted PingID, SUSClientID, and SUSClientIDValidation)
c. Stop and start the Wuauserv Service
d. From the command prompt run: wuauclt /resetauthorization /detectnow
or-
From the command line, once you are sure the AU client is properly configured and not disabled, you could run a batch file (which might look something like this sample) and get the same results:
rem Fixes problem with client machines not showing up on the server due to imaging method
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
cls
@echo Triggering detection after resetting WSUS client identity
net stop wuauserv
net start wuauserv
wuauclt /resetauthorization /detectnow
source:
http://www.wsuswiki.com/ClientFAQ
Subscribe to:
Posts (Atom)