monkeydust.net

the ramblings of a crazed IT administrator

How to fix two computers showing as one in WSUS

by · Published · Updated

Windows Software Update ServicesSo this week I’ve been tinkering with our WSUS server, normally it just sits in the corner minding its own business apart from once a month or so I go in and approve the next batch of updates for our desktops. For our server we, until now have always handled updated manually however that increasingly started to bug me so now its time to fix it, or at least make it slightly more efficient!

My aim is to have it so that once a month I can approve all the updates for our desktops and then let them install as normal based on when the PC’s are turned on and off. For the servers what I’m aiming for is to be able to approve the updates in WSUS and then have them only download to each server, thus allowing me to determine when to install them and reboot each server, it still requires some time from me over a weekend but should be much easier to manage (we normally block the MS Malicious Software Check tool and having to decline the tool each month on each server is boring), plus my hope is that this will reduce the frequency of Windows Update trying to ignore me and not offer to install updates after downloading them, or just not even popping up to offer the updates in the first place.

Anyway, now that I have prattled on about what I’ve been doing, here’s the problem I hit, I’ve got this setup one a couple of our virtual servers that run the non-critical stuff on our network (so if my changes blow them up or cause any problems the effect is minimal), the problem was that two of these servers weren’t showing up correctly in WSUS, one minute it would show one server, the next it would show the other. It was almost like WSUS was seeing them as the one server despite them having different names and IP addresses.

Of course this seemed likely to be caused by the fact that the servers in question were both virtual servers and had been created from a single master image so my first stop (and pretty much only one at this point), was that their SID’s were the same however a quick check with the excellent PsGetSid which is part of the Sysinternals Suite. This bummed out pretty fast, nothing, both computers had unique SID’s, time to hit Google!

However Google didn’t show much, and even MS’s own Technet page for WSUS was pretty useless. I was finally saved by an obscure forum post from 2005 which both described my problem completely aswell as fixing it!

The solution is hidden in the registry as Windows Update keeps its own unique ID to track each PC, cloning the master image had caused each virtual server to keep this unique ID that only showed up as a problem when I added them to the WSUS server.

On each affected machine check the registry for the following key:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\AccountDomainSid

Assuming that it is showing as identical on all machines then simply delete it on each machine – don’t worry, Windows Update will generate a new one in a minute!

Now we need to restart the update service and re-register with the WSUS server:

net stop wuauserv
net start wuauserv
wuauclt /resetauthorization /detectnow

It can then take a few minutes to show up in WSUS but you should eventually see all the affected machines appear correctly.

Tags:

Nick

Im a Sys-Admin for a growing UK company working down on the sunny South Coast of England, I love all things techie, especially Exchange and Virtualisation stuff. When not tinkering I can normally be found playing online games such as Planetside 2, Dayz and Battlefield 4.