May 2006 - Posts
So, before you apply Microsoft Security Bulletin MS06-019 on Exchange Servers - Be careful. Take a look at the known issues.
912918 (http://support.microsoft.com/kb/912918/) Users cannot send e-mail messages from a mobile device or from a shared mailbox in Exchange 2000 Server and in Exchange Server 2003.
First, Find accounts that have the Full Mailbox Access permission without the Send As permission using the script from http://support.microsoft.com/kb/912918/ and grant the Send As permission either manually using DSA.msc or using the script -SetAll switch.
And then, you are ready to apply MS06-019.
SYMPTOMS
So, Today I saw error 0x80080008 in "%Windir%\WindowsUpdate.log".
DnldMgr FATAL: DM:CBitsJob::SetCallbackHandler: SetNotifyInterface failed with 0x80080008.
and eventually Download Manager failed. Looking at "%Windir%\WindowsUpdate.log" I saw the following statement - AU AU Restart required.... Also, I could see downloads in "%Windir%\SoftwareDistribution\Download" folder.
Looking at the Event Log, I realized the computer was rebooted and Automatic Updates Service was set to MANUAL and obviously stopped.
I immediately restarted the service and forced update detection and the error is gone.
DnldMgr Download manager restoring 2 downloads
Agent * Succeeded to load 2 persisted download calls
DnldMgr Retrieved 2 persisted download jobs
DnldMgr * Restored download job.
The computer succesfully updated.
The VBScript code below from Scripting Guru Torgeir Bakken (MVP) checks if the new AU client is needed on the computer, and runs WindowsUpdateAgent20-x86.exe if required in silent mode. Thanks Torgeir.
NOTES:
- Adjust path in the sExePath variable.
- If the users are local administrators, you can run the script as part of a logon script.
- Alternatively, if the computers are in an Active Directory domain, you can do it in a computer startup script (with a GPO) that runs as part of the boot up process (before the user logs in). It runs under the system context and has admin rights.
The script uses the IWindowsUpdateAgentInfo::GetInfo method instead of checking the version of the file wuaueng.dll. Also, if the interface does not exist because the AU client is to old, the script will install the client. The script below uses both methods to check for an already up to date version.
'--------------------8<----------------------
Option Explicit
Dim strExePath, bolUpdateNeeded, objAgentInfo
Dim intMajorVersion, objShell
' prefix with an UNC path if necessary
strExePath = "WindowsUpdateAgent20-x86.exe"
bolUpdateNeeded = True ' init value, do not touch
On Error Resume Next
Set objAgentInfo = CreateObject("Microsoft.Update.AgentInfo")
If Err.Number = 0 Then
' object exists, now check if ApiMajorVersion is 3 or higher
intMajorVersion = 0 ' init value
intMajorVersion = objAgentInfo.GetInfo("ApiMajorVersion")
If intMajorVersion >= 3 Then
bolUpdateNeeded = False
End If
End If
On Error Goto 0
If bolUpdateNeeded Then
Set objShell = CreateObject("WScript.Shell")
' install the AU client
objShell.Run strExePath & " /quiet /norestart", 1, True
End If
'--------------------8<----------------------
MORE INFORMATION
Determining the Current Version of WUA
http://msdn.microsoft.com/library/en-us/wua_sdk/wua/determining_the_current_version_of_wua.asp?frame=true
Re-installing Windows Update Agent (WUA)
http://msmvps.com/blogs/athif/archive/2006/04/05/Re_Installing_WUA.aspx
Automatic Update Client Versions History
http://msmvps.com/blogs/athif/archive/2005/06/15/Automatic_Update_Client_Versions_History.aspx
For x86-based computers (WindowsUpdateAgent20-x86.exe)
http://go.microsoft.com/fwlink/?LinkId=43264
For x64-based computers (WindowsUpdateAgent20-x64.exe):
http://go.microsoft.com/fwlink/?LinkId=43265
So, if you are looking for a report of some/specific or all WSUS Clients, then you might want to check out Rob Dunn's script 'WSUS_Client_Report.vbs'.
This is really great. For instance, If I want to view a report of all WSUS Client computers in my Active Directory domain, then I can just enter any common letter such as "A" or "." or "com" or "Domain-Name" in the input box and hit OK. Voila! You will see a report of all WSUS Client computers.
This is very sweet. Thanks Rob!
NOTES:
- You must be in the WSUS administrator's group to see the report, and if you are running this against a remote SQL box, you must be an admin to get to the database. You will need to change the connection string if you only have access to the SUSDB instance on the SQL server.
- Edit strWSUSDBServer = "Your-WSUS-Server" / "Your-WSUS-Server:8530"
- Edit strWSUSServer = "Your-WSUS-Server" / "Your-WSUS-Server:8530"
' -------------------START SCRIPT------------------
'Input name of computer and link directly to that computers' WSUS report.
'
'You must be in the WSUS admins group on the server you are querying against
'You must have access to the database to perform queries
'
'An html page will be generated with a list of computers that matched the
' search criteria you specified.
Const ForWriting = 2
Dim strComputerID, t, strComputerIDArray
'Your WSUS server. If you are running remote SQL, enter your SQL server name
' here instead.
strWSUSDBServer = "sadadsms-mn"
'Your WSUS server - i.e. where you run the administration from. If you are
' not running remote SQL, then this variable should be the same as the variable
' above.
strWSUSServer = "sadadsms-mn:8530"
'Set some font settings for our HTML page.
fface = "arial"
fcolor = "black"
fsize = "2"
Set myconn = CreateObject("adodb.connection")
strComputer = InputBox("Enter the search criteria for the computer name you wish to " _
& "retreive statitistics for:","Enter computer name search text")
'If nothing was entered, then quit.
If strComputer = "" Then wscript.quit
'set up the connection string. This is using Windows NT authentication
' noted by Integrated Security=SSPI.
connection = "Provider=SQLOLEDB;" & _
"Data Source=" & strWSUSDBServer & ";" & _
"Initial Catalog=SUSDB;" & _
"Integrated Security=SSPI"
'Open the connection to the database.
myconn.open (connection)
'Set some objects.
Set WshShell = WScript.CreateObject("WScript.Shell")
Set WshSysEnv = WshShell.Environment("PROCESS")
Set ws = wscript.CreateObject("Scripting.FileSystemObject")
Set result = CreateObject("adodb.recordset")
'Define our temporary report index file.
tempfile = WshSysEnv("TEMP") & "\" & "WSUS_Computer_Report.htm"
'Open the file for writing.
Set t = ws.OpenTextFile (tempfile, ForWriting, True)
'Generate the HTML
Call setupHTM("begin")
'Create a SQL string that would bring back the results where the fulldomainname field has any instance
' of the strcomputer text in it.
SQL = "SELECT computerID,FullDomainName from tbComputerTarget WHERE FullDomainName LIKE '%" & strComputer & "%'"
'Run the query.
Call GetComputerInfo
'Close the HTML
Call SetupHTM("end")
'If no search results were found, produce a msgbox and exit.
If strComputerID = "" Then
msgbox "No computers with %" & strComputer & "% in the computer name field does not appear in the WSUS database specified on " _
& "the server " & strWSUSServer & "."
wscript.quit
Else
'otherwise, open up the html page.
Set oShell = CreateObject("WScript.Shell")
oShell.Run tempfile,1,false
End If
Sub GetComputerInfo
set result = myconn.execute(SQL)
if not result.EOF then
While not result.EOF
'Put the field results for ComputerID into the strComputerID variable
strComputerID = result("ComputerID")
'Put the field results for FullDomainName into the strComputer variable
strComputer = result("FullDomainName")
'Write the hyperlink into a table row in the html file.
t.writeline("<tr><td><font face='" & fface & "' color='" _
& fcolor & "' size='" & fsize & "'><a href='http://" & strWSUSServer _
& "/WsusAdmin/Reporting/ComputerDetailsReport.aspx?computerId=" & strComputerID & "'>" _
& strComputer & "</a></font></td></tr>")
'Move to the next record.
result.movenext()
Wend
Else
End If
End Sub
Function SetupHTM(strVar)
'If this is the beginning of the file, set up the head, title, and table for the page.
If LCase(strVar) = "begin" Then
t.writeline ("<html><head><title> WSUS Search Results </title></head><body>")
t.writeline ("<font face='" & fface & "' color='" & fcolor & "'><strong>" _
& " Click on a computername to view the WSUS client report.</strong></font><table>")
ElseIf LCase(strVar) = "end" Then
'if this is the end of the file, close out the table and html code. Then close the
' file entirely.
t.writeline ("</table></html>")
t.close
End If
End Function
' --------------------END SCRIPT-------------------
MORE INFORMATION
Shortcut to particular WSUS client report
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=206&posts=1&start=1
I don't see SQL Updates in WSUSAdmin?
You are not alone. Microsoft has not yet released any SQL updates to WSUS 2.0. As of today (5/17/2006) there is no SQL update content on WSUS 2.0. However, there are some updates for WMSDE but they are not classified as SQL Server updates.
SYMPTOMS
You see the following errors in "%Windir%\WindowsUpdate.log".
FATAL: Failed to get session from datastore, error = 0x80004002
FATAL: Failed to Unserialize from data store, error = 0x80004002
WARNING: Exit code = 0x80004002
WARNING: InitAUComponents Failed, will restart AU in 30 mins, error = 0x80004002
DnldMgr FATAL: DM:CAgentDownloadManager::CheckAllCallDownloadStates: GetSession failed with 0x80004002.
WORKAROUND
Try the following steps; Some of these steps might work. Rename/Delete "%Windir%\WindowsUpdate.log" before you start to see the latest detection.
1. If you have a proxy server -
-
Stop Automatic Update Service - "Net stop wuauserv".
-
Run the following command: "proxycfg.exe -u".
-
Start Automatic Update Service - "Net start wuauserv".
-
Force update detection and see if that works.
2. Re-create the Datastore -
-
Stop Automatic Update Service - "Net stop wuauserv".
-
Rename/delete "%Windir%\SoftwareDistribution" folder.
-
Start Automatic Update Service - "Net start wuauserv".
-
Force update detection and see if that works.
3. Try to force install WUA.
NOTE:
MORE INFORMATION
Error 0x80072efd
http://msmvps.com/blogs/athif/archive/2006/05/08/Error_80072efd.aspx
Force Update Detection
http://msmvps.com/blogs/athif/archive/2006/05/15/95060.aspx
So, how do you force the update detection? In this blog entry, let's take a look at some of the techniques.
- Rob Dunn [WSUS MVP] has created this simple script to force remote computer to perform wuauclt.exe /detectnow using object methods. That's cool Rob - Thanks again.
' ---------------START CODE---------------
strComputer = inputbox("Enter a computer name to run WUA detectnow","Invoke detectnow")
if strComputer = "" then wscript.quit
on error goto 0
Set autoUpdateClient = CreateObject("Microsoft.Update.AutoUpdate",strComputer)
AutoUpdateClient.detectnow()
wscript.echo "All done."
' ----------------END CODE-----------------
- For all GUI fans, take a look at WSUS - DETECTNOW 2.0 from WSUS.de. With this GUI Tool, you can trigger detection for approved updates and can reset SusClientId too.
MORE INFORMATION
Force remote computer to perform wuauclt.exe /detectnow (WSUS) - using object methods
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=242
Execute a Windows Update Detect Cycle on a Remote Computer
http://www.microsoft.com/technet/scriptcenter/csc/scripts/software/update/cscsw026.mspx
WSUS - DETECTNOW 2.0
http://downloads.wsus.de/wsus_detect_now/WSUS_detect_now_2.0_eng.exe
http://downloads.wsus.de/wsus_detect_now/WSUS_detect_now_2.0_ger.exe
Quick AU Client Detection & Installation with Windows Server Updates Services, WSUS
http://msmvps.com/blogs/athif/archive/2005/06/29/56200.aspx
WSUS: Script to Force the Update Detection from Automatic Update Client (WUA) for updates on WSUS Server
http://msmvps.com/blogs/athif/articles/66375.aspx
Windows Update Agent force script, email results version 2.15 by -- Rob Dunn[WSUS MVP]
http://msmvps.com/blogs/athif/archive/2006/05/09/94089.aspx
WSUS.de is yet another WSUS Community Web-Site. This site is hosted in German language and I have used Google Translation (a free service) to translate in English. So here we go WSUS.de in English.
My first pick is Check WSUS (version 1.05.04.1). This .vbs script will Check WSUS Client / Windows Update Agent (WUA) Settings for any computer in the network. When you run this script, it will prompt you to enter Computer Name or IP Address of the machine that you want to check.
A copy of the script is as follows;
'---------------------START-----------------------
' Einstellungen für die automatischen Updates
'
http://www.wsus.de/' Version 1.05.04.1
' Translated quick and dirty into English Marco Biagini
' mbiagini@ehsd.cccounty.us'--------------------------------------------
On Error Resume Next
Set objWshNet = CreateObject("Wscript.Network")
const HKCU = &H80000001
const HKLM = &H80000002
strDefComputer = lcase(objWshNet.ComputerName)
Set oArgs = WScript.Arguments
If oArgs.Count = 0 Then
strComputer = InputBox("Please enter the name or IP address of the Computer that you want to check WSUS settings", "Automatic Updates", strDefComputer)
Else
strComputer = oArgs(0)
End If
If strComputer = "" Then
WScript.Quit
End if
strComputer = lcase(strComputer)
if left(strComputer,2)="\\" then
strComputer=right(strComputer,(len(strComputer)-2))
end if
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
If Err.Number <> 0 Then
msgbox "Unable to connect to:" & VBCRLF & VBCRLF & " " & strComputer & VBCRLF, vbCritical, "Communication Error"
WScript.Quit
End If
Resultmsg = "**** Results of WUA Settings ****" & VBCRLF & VBCRLF
strMsg = "No Auto Update: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "NoAutoUpdate"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetNoAutoUpdate(dwValue) & VBCRLF & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Automatic Updates are not configured" & VBCRLF & VBCRLF
End If
strMsg = "Use WU Server: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "UseWUServer"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetUseWUServer(dwValue) & VBCRLF
If dwValue = "1" Then
strMsg = " - WSUS Server: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate"
strValueName = "WUServer"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetStringValue HKLM,strKeyPath,strValueName,strValue
Resultmsg = Resultmsg & strMsg & strValue & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Automatic Updates are not configured" & VBCRLF
End If
strMsg = " - WU Status Server: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate"
strValueName = "WUStatusServer"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetStringValue HKLM,strKeyPath,strValueName,strValue
Resultmsg = Resultmsg & strMsg & strValue & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Automatic Updates are not configured" & VBCRLF
End If
Else
Resultmsg = Resultmsg & VBCRLF
End If
Else
Resultmsg = Resultmsg & strMsg & "Automatic Updates are not configured" & VBCRLF
Resultmsg = Resultmsg & " - Client configured to receive Updates from windowsupdate.microsoft.com" & VBCRLF
End If
strMsg = " - TargetGroup: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate"
strValueName = "TargetGroup"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetStringValue HKLM,strKeyPath,strValueName,strValue
Resultmsg = Resultmsg & strMsg & strValue & VBCRLF & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value not configured" & VBCRLF & VBCRLF
End If
strMsg = "AU Options: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "AUOptions"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetAUOptions(dwValue) & VBCRLF
If dwValue = "4" Then
strMsg = " - Scheduled Install Day: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "ScheduledInstallDay"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & getday(dwValue) & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value not configured" & VBCRLF
End If
strMsg = " - Planned Installation Time: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "ScheduledInstallTime"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & dwValue &":00 - 24 hours 4:00 is 4 AM, 16:00 is 4 PM" & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value not configured" & VBCRLF
End If
Else
Resultmsg = Resultmsg & VBCRLF
End If
Else
Resultmsg = Resultmsg & strMsg & "Value is not configured" & VBCRLF
strMsg = " - Benutzerdefinierte Einstellung: "
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update"
strValueName = "AUOptions"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetAUOptions(dwValue) & VBCRLF
If dwValue = "4" Then
strMsg = " - ScheduledInstallDay: "
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update"
strValueName = "ScheduledInstallDay"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & getday(dwValue) & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Automatic Updates are not configured" & VBCRLF
End If
strMsg = " - ScheduledInstallTime: "
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update"
strValueName = "ScheduledInstallTime"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & dwValue &":00" & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Automatic Updates are not configured" & VBCRLF
End If
Else
Resultmsg = Resultmsg & VBCRLF
End If
Else
Resultmsg = Resultmsg & strMsg & "Not configured" & VBCRLF
End If
End If
strMsg = " - NoAUShutdownOption: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "NoAUShutdownOption"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetNoAUShutdownOption(dwValue) & VBCRLF & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value not configured" & VBCRLF & VBCRLF
End If
strMsg = "AutoInstallMinorUpdates: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "AutoInstallMinorUpdates"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetAutoInstallMinorUpdates(dwValue) & VBCRLF & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value is not configured" & VBCRLF & VBCRLF
End If
strMsg = "DetectionFrequency: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "DetectionFrequency"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg &"Every " & dwValue &" Hours to search for updates"& VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value is not configured"& VBCRLF
End If
strMsg = "RebootRelaunchTimeout: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "RebootRelaunchTimeout"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & dwValue &" Minutes to wait until system restart"& VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value is not configured" & VBCRLF
End If
strMsg = "RebootWarningTimeout: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "RebootWarningTimeout"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & dwValue &" Minutes wait until system restart"& VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value not configured" & VBCRLF
End If
strMsg = "NoAutoRebootWithLoggedOnUsers: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "NoAutoRebootWithLoggedOnUsers"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
Resultmsg = Resultmsg & strMsg & GetNoAutoReboot(dwValue) & VBCRLF
Else
Resultmsg = Resultmsg & strMsg & "Value not configured" & VBCRLF
Resultmsg = Resultmsg & " - Default: User will be presented with a 5 minutes countdown" & VBCRLF
End If
strMsg = "RescheduleWaitTime: "
strKeyPath = "Software\Policies\Microsoft\Windows\WindowsUpdate\AU"
strValueName = "RescheduleWaitTime"
If RegValueExists(strKeyPath, strValueName) Then
oReg.GetDWORDValue HKLM,strKeyPath,strValueName,dwValue
If dwValue = "0" Then Resultmsg = Resultmsg & strMsg & "Value not configured: " & dwValue & VBCRLF & VBCRLF End If
If dwValue = "1" Then Resultmsg = Resultmsg & strMsg & dwValue &" Minute" & VBCRLF & VBCRLF End If
If dwValue > "1" and dwValue < "61" Then Resultmsg = Resultmsg & strMsg & dwValue &" Minutes" & VBCRLF & VBCRLF End If
If dwValue > "60" Then Resultmsg = Resultmsg & strMsg & "Invalid Value" & dwValue & VBCRLF & VBCRLF End If
Else
Resultmsg = Resultmsg & strMsg & "Not Configured" & VBCRLF & VBCRLF
End If
Resultmsg = Resultmsg & "http://www.wsus.de" & VBCRLF & "Die Infoseite zu Windows Server Updates Services"
MsgBox Resultmsg,,strComputer
set oReg = nothing
Function GetNoAutoUpdate(Index)
Select Case Index
Case 0 GetNoAutoUpdate = "0 - Auto Update applied by GPO"
Case 1 GetNoAutoUpdate = "1 - No Auto Update is applied by GPO"
Case Else GetNoAutoUpdate = "Invalid Entry"
End select
End Function
Function GetUseWUServer(Index)
Select Case Index
Case 0 GetUseWUServer = "0 - Client is configured to receive updates from windowsupdate.microsoft.com"
Case 1 GetUseWUServer = "1 - Client is configured to receive updates from your WSUS Server"
Case Else GetUseWUServer = "Invalid Entry"
End select
End Function
Function GetDay(Index)
Select Case Index
Case "0" GetDay = "Every Day"
Case "1" GetDay = "Every Sunday"
Case "2" GetDay = "Every Monday"
Case "3" GetDay = "Every Tuesday"
Case "4" GetDay = "Every Wednesday"
Case "5" GetDay = "Every Thursday"
Case "6" GetDay = "Every Friday"
Case "7" GetDay = "Every Saturday"
Case Else GetDay = "Invalid Entry"
End select
End Function
Function GetAUOptions(Index)
Select Case Index
Case "0" GetAUOptions = "0"
Case "1" GetAUOptions = "1 - Deaktiviert in den Benutzereinstellungen"
Case "2" GetAUOptions = "2 - Notify before download and Install."
Case "3" GetAUOptions = "3 - Autom. Download, notify before installation."
Case "4" GetAUOptions = "4 - Autom. Download, install according to GPO settings."
Case "5" GetAUOptions = "5 - Allow Local Administator installation and manual configuration."
case Else GetAUOptions = "Invalid Entry"
End select
End Function
Function GetNoAUShutdownOption(Index)
Select Case Index
Case 0 GetNoAUShutdownOption = "0 - 'Updates are being installed and system will be restarted' user ill be notified"
Case 1 GetNoAUShutdownOption = "1 - 'Updates are being installed and system will be restarted' user will NOT be notified"
Case Else GetNoAUShutdownOption = "Invalid Entry"
End select
End Function
Function GetAutoInstallMinorUpdates(Index)
Select Case Index
Case 0 GetAutoInstallMinorUpdates = "0 - Automatic updates are not immediately installed"
Case 1 GetAutoInstallMinorUpdates = "1 - Automatic updates are immediately installed"
Case Else GetAutoInstallMinorUpdates = "Invalid Entry"
End select
End Function
Function GetNoAutoReboot(Index)
Select Case Index
Case "0" GetNoAutoReboot = "0 - User Countdown of 5 Minutes"
Case "1" GetNoAutoReboot = "1 - User will be notified before a system restart"
case Else GetNoAutoReboot = "Invalid Entry"
End select
End Function
Function RegValueExists(sRegKey, sRegValue)
sRegKey = Trim(sRegKey)
sRegValue = LCase(Trim(sRegValue))
' init value
RegValueExists = False
If oReg.EnumValues(HKLM, sRegKey, aValueNames, aValueTypes) = 0 Then
If Not IsNull(aValueNames) Then
For i = 0 To UBound(aValueNames)
If LCase(aValueNames(i)) = sRegValue Then
RegValueExists = True
End If
Next
End If
End If
End Function
Function RegKeyExists(sRegKey)
sRegKey = Trim(sRegKey)
If oReg.EnumValues(HKLM, sRegKey, aValueNames, aValueTypes) = 0 Then
RegKeyExists = True
Else
RegKeyExists = False
End If
End Function
'---------------------END-----------------------
MORE INFORMATION
Translated version of http--www.wsus.de-
http://translate.google.com/translate?hl=en&sl=de&u=http://www.wsus.de/&prev=/search%3Fq%3Dwsus.de%26hl%3Den%26lr%3D%26safe%3Dactive
View Original Web Page in german language
http://www.wsus.de/
Check WSUS (version 1.05.04.1)
http://downloads.wsus.de/check_wsus/Check_WSUS_eng.zip
http://downloads.wsus.de/check_wsus/Check_WSUS_ger.zip
How can I Approve multiple updates from WSUSAdmin?
You can select more than one update at a time and can simply select the newest one, scroll down, hit shift and selet the oldest one. You should then have them all selected and can approve them all at once.
Is there any tool that I can use ?
WSUSster is an update approval tool for Microsoft Windows Update Services (WSUS). Take a look at the screenshot on http://www.wsus.nl/images/wsuster_large.png
According to the authors of this tool, "A WSUS Server has a very bad interface for approving updates. That's why we decided to write our own approval tool which we called 'Wsuster'. We used the tool to migrate from SUS to WSUS. At this moment we use the tool also for approving the new security updates that are released every month. And it works like a charm. Just with a few mouse clicks, new updates are approved and old ones are removed!"
With the Wsuster approval tool you can:
- Search specific type of updates.
- Approve a lot of patches in one time.
- Simulate you approval actions.
- Approve updates for just one target group.
- Disable your superseded updates.
- and much more......
To use the tool you must install it on your WSUS Server.
The current version of the Wsuster Tool v 1.0 is available on Wsuster.zip (238 KB)
If you have any comments or feedback then, you can contact the authors here.
MORE INFORMATION
WSUSter Approval Tool
http://www.wsus.nl/site/index.php?option=com_content&task=view&id=23&Itemid=38
This web page solution by Robert Collewijn will display (search/extract update) information about the update files and there location within the content directory structure. This enables to search for updates on WSUS Server and can be downloaded locally.
The updates are stored in a content folder on the WSUS server with unrecognizable 40 character file name (C6C8B597D4268C65AFFC94C34F46C9147B109329.exe). This web page will display filename and download link & location associated with that unrecognizable 40 character file name. All you have to do is use the search option at top right to with the KB number. Give it a try!
STEP-BY-STEP
Download HotfixInfo.zip (inclusive the sub folders) into the following folder [C:\Program Files\Update Services\HotfixInfo]. Robert recommends this directory because the other Windows Server Update Service pages are also in the [C:\Program Files\Update Services] folder.
Open the [index.asp] file and change the following two (bold and italic) lines recording your confirguration.
'*** Define default variables ***
Dim sWSUSContentDir, sWSUSContentSrv
sWSUSContentDir = "F:\WSUS\WSUSContent\"
sWSUSContentSrv = "http:\\WSUS\Content\"
More information on http://wsus.collewijn.info/main.php?page=hotfixinfo_enu.php
Note
If IIS is using anonymous access, then user IUSR_MachineName is used to access the SQL server database. This is a local machine account on the IIS machine. Make sure IUSR_MachineName is granted security access to SUSDB with public and db_owner database roles for SUSDB so that it can. Typically, you need to grant SELECT permission on object 'tbFile', database 'SUSDB', owner 'dbo.
A Hands-On Guide to Hands-Off Updates with WSUS
This is a MUST reading for new WSUS Admins. New information has been added to this article on http://www.microsoft.com/technet/technetmag/issues/2005/11/HandsOn/default.aspx.
Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy (Published: May 4, 2006)
Bobbie Harder [WSUS PM] has recently published an article on Security Guidance in Microsoft Security Newsletter - Volume 3, Issue 5. This is a MUST reading for new WSUS Admins.
http://www.microsoft.com/technet/community/columns/sectip/st0506.mspx
SYMPTOMS
You see the following error on WSUS Replica Server (DSS) whilst trying to synchronize with WSUS Upstream Server (USS):
ApplicationException: Failed to approve some updates --->
System.Data.SqlClient.SqlException: Explicit deployments to updates that are
expired are not allowed.
at Microsoft.UpdateServices.ServerSync.CatalogSync
AgentCore.CatalogSyncThreadProcessReal(Boolean allowRedirect)
CAUSE
- As the error says - Explicit deployments to updates that are expired are not allowed - which means if an update is expired on WSUS Upstream Server (USS) then WSUS Replica Server (DSS) will not be able to synchronize the expired update from the USS and the sync fails.
- An update has been expired on WSUS USS during a recent sync with MU and this expired update is still approved on USS for either detection or install. Thus, the DSS is not aware of expired update and tries to download the expired update as it is still approved for either detection or install and eventually it fails.
- Also, If you do not choose to automatically approve the revised version, the older version will continue to be approved even if it is expired and synchronization will fail on DSS.
- Expired Updates cannot be synchronized to DSS.
WORKAROUND
I am not aware of any way to UN-expire an update from WSUSAdmin Console on USS (Is there any way to cheat SUSDB??.).
So,
- You might want to choose to automatically approve the Revised/Updated versions of updates that you have previously approved from Automatic Approval Options.
- Then, review the synchronization logs and search for the "Expired" updates on the Master WSUS server that are still deployed (for either Install or Detect Only) and "Decline" it.
NOTE: This issue is supposed to be fixed in WSUS SP1.
To find the Revised updates which are expired, take a look at;
- Find New and Changed Windows Updates
- Find New and Changed Updates for Microsoft Products Other Than Windows
- Archived Updates
Once you decline the expired updates, perform a manual synchronization from DSS and this time it should sync successfully!
SYMPTOMS
2006-05-11 00:00:17 804 6a0 DnldMgr Failed job file: URL =
http://YOUR-WSUS-SERVER/Content/BE/89EC21DAC2F85E57261E8BB512611791D115F6BE.EXE,
local path =
C:\WINNT\SoftwareDistribution\Download\S-1-5-18\69f35ef3f4d9c83474c7aec2474f2798\Windows2000-KB908531-v2-x86-ENU.EXE
2006-05-11 00:00:17 804 6a0 DnldMgr Error 0x80244019 occurred while downloading update; notifying dependent calls.
# WARNING: Download failed, error =
0x80244019
2006-05-11 00:00:20 804 7bc DnldMgr WARNING: BITS job
{D06ABA6C-A950-40DE-818B-3904C9DB52CC} failed, updateId =
{962462BC-081F-4642-B30E-DB31D53F4B7B}.106, hr = 0x80190194, BG_ERROR_CONTEXT
= 5
# WARNING: Download failed, error =
0x80244019
2006-05-11 00:00:22 804 79c Report REPORT EVENT:
{CA06C2DC-56BA-4A00-B18D-E56C83175D92} 2006-05-11
00:00:17+0500 1 161 101 {2A39150D-E00B-4986-A5B0-5EFF45063DAB} 103 80244019 AutomaticUpdates Failure Content Download Error: Download failed.
DESCRIPTION
Error 0x80244019 translates to SUS_E_PT_HTTP_STATUS_NOT_FOUND - Http status 404 - object not found.
CAUSE
If you have URLScan installed on WSUS Server, then it might block *.exe downloads for WUA. Check URLScan logs under C:\WINNT\system32\inetsrv\urlscan.
WORKAROUND
If URLScan Tool is installed and set to block all *.exe files, then, the client computers (WUA) will not be able to download any of the patches or updates.
In order to correct this problem, you need to edit urlscan.ini to allow *.exe requests, and then restart Internet Information Services (IIS) or restart the WSUS server itself.
Edit the following in the urlscan.ini:
[Allow Extensions]
.exe
And remove ".exe" from
[Deny Extensions]
--
[Allow Verbs]
GET
HEAD
POST
OPTIONS
MORE INFORMATION
Basic Troubleshooting Steps using SUS with AU
http://www.faqshop.com/sus/default.htm?http://www.faqshop.com/sus/general/basic%20trobshootting%20sus.htm
This script by Alexey Biznya will Extract and sort by Categories latest or all updates from \WSUSContent folder. The script will find \WSUSContent folder and SQL Server name from the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Update Services\Server\Setup.
[WSUS stores updates in \WSUSContent folder using SHA1 hash for file names and this script will query WSUS SQL/MSDE database and then exports those updates and categories.]
Requirements
- Windows 2000+
- ActivePerl 5.8.7 build 815 or higher from www.ActiveState.com
- osql.exe Utility (included in MSDE)
Tunable params
my $root = "C:\\WSUS\\FtpRoot"; Make sure \WSUSContent folder and the folder where it will extract the files should be on the same volume. For instance, I have WSUSContent folder in 'D:\WSUS\WSUSContent and the folder to extract updates in 'D:\WSUS\FtpRoot'
- my $update_langs = " 0,1033,1049 "; use 1033 for English.
- my $descr_lang = "ru"; use en for English.
- my $content_dir = ""; The script will search in registry so you don’t have to input the values here.
- my $server_name = " ; The script will search in registry so you don’t have to input the values here.
Syntax: WSUSExtract.pl
# ======== start of script ========
#!/usr/bin/perl -w
#
# Name: WSUSExtractor.pl
#
# Purpose: Extract and sort by categories latest or all updates from WSUS .
#
# Syntax: WSUSExtract.pl
#
# Version: 1.0
#
# Requirements: Windows 2000+
# ActivePerl 5.8.7 buld 815 or higher from www.ActiveState.com
# osql.exe Utility (included in MSDE)
# WSUS on MSDE
#
# Author: Alexey Biznya
#
use strict;
use locale;
use IO::File;
use File::Path;
use Win32::Registry;
$|=1;
my $ppid;
my $fpid=open_pid_file("WSUSExtractor.pid");
print $fpid $$;
close($fpid);
# warn("Starting script (pid=$$)\n");
###########################################################################################
# Tunable params
###########################################################################################
my $root = "C:\\WSUS\\FtpRoot"; # your dir for files (volume must be the same at WSUS content folder for NTFS hardlinks)
my $is_latest = 1; # Is all updates extract or latest only
my $update_langs = " 0,1033,1049 "; # comma separated languageIDs of extracting updates (0-all,1033-en,1049-ru,..%lang)
my $descr_lang = "ru"; # short language of titles and descriptions of updates (en,ar ..)
my $db_name = "SUSDB";
my $content_dir = ""; # WSUS content folder
my $server_name = ""; # WSUS SqlServerName
my $tmpfile = "query.sql";
###########################################################################################
my @rec = ();
my $col;
my $query;
my $cmd;
###########################################################################################
# Huge SQL query temporary save to file
###########################################################################################
my $latest_str = "";
if ($is_latest) { $latest_str = " AND tbRevision.IsLatestRevision = 1 ";
print "\nStart extracting latest updates\n"; }
else { print "\nStart extracting all updates\n"; }
open (SQL, ">$tmpfile");
print SQL qq {
SELECT C2.CategoryID, C3.CategoryID, RC4.CategoryID, tbRevisionLanguage.LanguageID,
tbFile.FileName, tbFile.FileDigest
FROM tbCategory AS C1
INNER JOIN tbCategory AS C2 ON C1.CategoryID = C2.ParentCategoryID
INNER JOIN tbCategory AS C3 ON C2.CategoryID = C3.ParentCategoryID
INNER JOIN tbCategory AS C4 ON (C4.ParentCategoryID IS NULL AND C4.CategoryID != 7 )
INNER JOIN tbRevisionInCategory AS RC3 ON ( C3.CategoryID = RC3.CategoryID )
INNER JOIN tbRevisionInCategory AS RC4 ON ( RC4.RevisionID = RC3.RevisionID AND RC4.CategoryID = C4.CategoryID )
INNER JOIN tbBundleDependency ON RC4.RevisionID = tbBundleDependency.BundledRevisionID
INNER JOIN tbPreComputedLocalizedProperty ON ( tbPreComputedLocalizedProperty.RevisionID = tbBundleDependency.RevisionID )
INNER JOIN tbRevision ON ( tbRevision.RevisionID = RC4.RevisionID $latest_str )
INNER JOIN tbFileForRevision ON ( tbFileForRevision.RevisionID = RC4.RevisionID )
INNER JOIN tbRevisionLanguage ON ( tbRevisionLanguage.RevisionID = tbFileForRevision.RevisionID )
INNER JOIN tbFile ON ( tbFile.FileDigest = tbFileForRevision.FileDigest )
WHERE ( tbRevisionLanguage.Expanded = 0 AND tbRevisionLanguage.LanguageID IN ( $update_langs )
AND tbPreComputedLocalizedProperty.ShortLanguage like '$descr_lang' )
ORDER BY tbFile.Modified };
close(SQL);
###########################################################################################
# Find WSUS content folder and SQL server address
###########################################################################################
my $reg;
$::HKEY_LOCAL_MACHINE->Open("SOFTWARE\\Microsoft\\Update Services\\Server\\Setup", $reg)
or die "Can't open registry: $^E";
$reg->QueryValueEx("ContentDir", $col, $content_dir) or die "Cannot find WSUS content folder in registry: $^E";
$content_dir = $content_dir."\\WsusContent";
# print "Here's a dir: $content_dir\n";
$reg->QueryValueEx("SqlServerName", $col, $server_name) or die "Cannot find WSUS content folder in registry: $^E";
$server_name =~ s/%computername%/$ENV{computername}/;
# print "Here's a server name: $server_name\n";
###########################################################################################
# Put to hash Microsoft WSUS languages
###########################################################################################
my %lang = ();
$query= "SELECT LanguageID, ShortLanguage FROM tbLanguage";
$cmd = "osql.exe -w 500 -h-1 -s# -n -E -d $db_name -S $server_name -Q \"$query\" 2>nul |";
open (DAT, $cmd);
while(<DAT>) {
chomp;
# print $_."\n";
if ( @rec = split(/#/) )
{ foreach $col (@rec) { if( $col =~ /^\s*(.+?)\s*$/ ) {$col = $1;} } }
else { last; }
$lang{$rec[0]} = $rec[1];
# print $rec[0]."\t".$rec[1]."\n";
}
close(DAT);
###########################################################################################
# Put to hash Microsoft WSUS categories
###########################################################################################
my %ctg = ();
$query= "SELECT CategoryID, Title FROM tbPrecomputedCategoryLocalizedProperty WHERE ( ShortLanguage like 'en') ";
$cmd = "osql.exe -w 500 -h-1 -s# -n -E -d $db_name -S $server_name -Q \"$query\" 2>nul |";
open (DAT, $cmd);
while(<DAT>) {
chomp;
if ( @rec = split(/#/) )
{ foreach $col (@rec) { if( $col =~ /^\s*(.+?)\s*$/ ) {$col = $1;} } }
else { last; }
$rec[1] =~ s/\s+|\//_/g;
$rec[1] =~ s/\W//g;
$ctg{$rec[0]} = $rec[1];
}
close(DAT);
###########################################################################################
# Processing Microsoft WSUS database and save files
###########################################################################################
my $srcfile;
my $dstfile;
my $path;
my $counter = 0;
$cmd = "osql.exe -w 5000 -h-1 -s# -n -E -d $db_name -S $server_name -i $tmpfile 2>nul |";
print "\nProcessing..\n";
open (DAT, $cmd);
while(<DAT>) {
chomp;
# print $_."\n";
if ( @rec = split(/#/) )
{ foreach $col (@rec) { if( $col =~ /^\s*(.+?)\s*$/ ) {$col = $1;} } }
else { last; }
if ($rec[4] =~ m/.(\w+)$/ ) { $srcfile = $1; }
if ($rec[5] =~ m/^0x(\w{38})(\w{2})$/){ $srcfile = "$content_dir\\$2\\$1$2.$srcfile"; }
$path = $root."\\".$ctg{$rec[0]}."\\".$ctg{$rec[1]}."\\".$ctg{$rec[2]}."\\".$lang{$rec[3]};
if (! -e $path) { mkpath($path, 0, 0777) or die "Can't create dir: $^E\n";}
$dstfile = $path."\\".$rec[4];
if (hardlink($srcfile, $dstfile, 1)) { $counter += 1; }
}
close(DAT);
print "\nTotal matching updates in database: $counter\n";
unlink($tmpfile) or die "Cannot unlink tmpfile: $^E";
warn "\nSuccess\n";
###########################################################################
###########################################################################################
# POSIX NTFS hard link to file
###########################################################################################
sub hardlink {
my $exist_file=shift;
my $new_file=shift;
my $is_rewrite = shift;
if(-e $new_file && $is_rewrite)
{ unlink ($new_file) or return 0; }
link ( $exist_file, $new_file ) or return 0;
return 1;
}
###########################################################################################
# pid processing
###########################################################################################
sub open_pid_file {
my $file=shift;
if(-e $file) {
my $fh=IO::File->new($file) or die "Can't open PID file $file: $^E";
$ppid=<$fh>;
die "Invalid PID file" unless $ppid=~ /^(\d+)$/;
die "Process already running with PID $ppid" if(kill 0 => $ppid);
warn "Removing PID file for defunct process ($ppid).\n";
die "Can't unlink PID file $file" unless -w $file && unlink $file;
}
$ppid=$$;
return IO::File->new($file,O_WRONLY|O_CREAT|O_EXCL,0644)
or die "Can't create $file: $^E\n";
}
###########################################################################################
END {
unlink "WSUSExtractor.pid" or die "Can't unlink PID file: $^E";
# warn("Stoping script (pid=$$)\n");
}
__END__
# ======== end of script ========
This script by Alexander Suhovey will extract/copy particular updates from WSUS content folder. WSUS stores updates in \WSUSContent folder using SHA1 hash for file names and this script will attempt to decrypt SHA1 hash for file names by querying WSUS SQL/MSDE database and then exports those updates as well.
Command line switches to run the script
SYNTAX: WSUSExtract.cmd <-f:search_string> [-l:lang] [-t:target]
- -f:search_string - Part of update KB to search for.
- -l:lang - Update language. If omitted, all languages will be processed.
- -t:target - Target folder to copy updates to. If omitted, script assumes 'View Only' mode.
Examples
The command below will Copy downloaded English updates corresponding 896358 KB article to 'c:\temp' folder
WSUSExtract.cmd -f:896358 -l:enu -t:c:\temp
The command below will output/display/View all downloaded updates corresponding to 896358 KB article:
WSUSExtract.cmd -f:896358
Copy the code below in a text file and name it as 'WSUSExtract.cmd'.
::======== start of script ========
:: Batch script to 'extract' particular updates from WSUS content folder.
::
:: The problem with content folder is that WSUS stores updates using SHA1 hash for
:: file names so it is difficult to determine what file belongs to what
:: update. The script determines a human-readable name of update file byquerying
:: WSUS SQL/MSDE database.
::
:: ====================================================================
:: SYNTAX: WSUSExtract.cmd <-f:search_string> [-l:lang] [-t:target]
::
:: -f:search_string - Part of update KB to search for.
::
:: -l:lang - Update language. If omitted, all languages will be processed.
::
:: -t:target - Target folder to copy updates to. If omitted, script assumes 'View Only' mode.
::
:: EXAMPLES:
:: Copy downloaded english updates corresponding 896358 KB article to 'c:\temp'folder:
:: WSUSExtract.cmd -f:896358 -l:enu -t:c:\temp
::
:: View all downloaded updates corresponding to 896358 KB article:
:: WSUSExtract.cmd -f:896358
:: ====================================================================
::
::*************************************************************************
:: Name: WSUSExtract.cmd
::
:: Purpose: Finds and copies particular update(s) from WSUS content folder.
::
:: Syntax: WSUSExtract.cmd <-f:search_string> [-l:language] [-t:target_folder]
::
:: Version: 1.1
:: Technology: NT Batch
::
:: Requirements: Windows 2000+
:: REG.EXE (in case of Windows 2000, install Support Tools or download REG.EXE from
:: http://www.dynawell.com/reskit/microsoft/win2000/reg.zip)
:: OSQL.EXE Utility (included in MSDE)
::
:: Authors: Alexander Suhovey
::
:: History: 08/07/2005 - Database server address is now determined from registry
:: 08/05/2005 - First release.
::*************************************************************************
@echo off
setlocal ENABLEEXTENSIONS ENABLEDELAYEDEXPANSION
Echo.
::========= OS Check ============
if not "%OS%" == "Windows_NT" goto BADOS
if "%APPDATA%" == "" goto BADOS
::====== Parse command line =====
If "%1"=="" GOTO USAGE
If "%1"=="/?" GOTO USAGE
If "%1"=="-?" GOTO USAGE
:PARSE
set arg=%1
shift /1
If not defined arg GOTO NEXT
If "%arg:~0,3%"=="-f:" (set fstr=%arg:~3%&GOTO PARSE)
If "%arg:~0,3%"=="-l:" (set lang=%arg:~3%&GOTO PARSE)
If "%arg:~0,3%"=="-t:" (set target=%arg:~3%&GOTO PARSE)
Echo ERROR: Unknown argument: %arg%
GOTO USAGE
:NEXT
If defined target (
set target=%target:"=%\
If not exist "%target%" echo ERROR: Cannot find target folder: "%target%" & goto :eof
) Else (
set viewonly=1
Echo Target folder not defined. Assuming View Only mode.
echo.
)
::== Find WSUS content folder ===
::=== and SQL server address ===
set regkey="HKLM\SOFTWARE\Microsoft\Update Services\Server\Setup"
for /f "tokens=2* delims= " %%i in ('reg query %regkey% /v ContentDir ^| find "ContentDir"') do set source=%%j
If not defined source Echo ERROR: Cannot find WSUS content folder in registry. Check if WSUS is installed. & goto :eof
set source=%source%\WsusContent
for /f "tokens=2* delims= " %%i in ('reg query %regkey% /v SqlServerName ^| find "SqlServerName"') do set server=%%j
If not defined server Echo ERROR: Cannot find WSUS database server in registry. Check if WSUS is installed. & goto :eof
set osqlcommand=osql.exe -w 500 -h-1 -E -d SUSDB -S %server%
::====== Test SQL database ======
::========= connection ==========
for /f "delims=" %%i in ('%osqlcommand% -Q') do (
Echo ERROR: Cannot connect to WSUS SQL server '%server%'
goto :eof
)
::=== Format osql.exe query =====
set query=select FileDigest,FileName from tbFile
If defined fstr set query=%query% where FileName like '%%%fstr%%%'
If defined lang (
If defined fstr (set query=!query! and) Else (set query=!query! where)
set query=!query! FileName like '%%%lang%%%'
)
::======== Main section =========
set num1=0
set num2=0
echo ========================================
for /f "tokens=1,2" %%i in ('%osqlcommand% -Q "%query%" ^| find /v "rows affected"') do (
set /a num1+=1
set dstfile=%%j
set srcfile=%%i
set srcfilepath="%source%\!srcfile:~-2!\!srcfile:~2!.!dstfile:~-3!"
set dstfilepath="%target%%%j"
If exist !srcfilepath! (
set /a num2+=1
If defined viewonly (
echo !dstfile!
) Else (
If exist !dstfilepath! set dstfilepath="%target%%%~nj(Copy !random!)%%~xj"
set /p foo="Copying !dstfile! ... "<nul
copy !srcfilepath! !dstfilepath! >nul 2>&1
If errorlevel 1 (echo FAILED.) Else (echo Done.)
)
)
)
echo ========================================
echo Updates found in content folder : %num2%
echo Total matching updates in database : %num1%
goto :eof
::========= Echo syntax =========
:USAGE
echo.
Echo %~nx0
Echo Finds and copies particular update(s) from WSUS content folder.
Echo Renames updates to human-readable format using information
Echo obtained from local WSUS SQL database.
Echo.
Echo SYNTAX: %~nx0 ^<-f:search_string^> [-l:lang] [-t:target]
Echo.
Echo -f:search_string - Part of update name to search for.
Echo Naming format for OS updates: OS-KBNUMBER-HW-LANG.EXT
Echo OS - Operating system (eg 'WindowsXP')
Echo KBNUMBER - MSKB number (e.g 'KB896358')
Echo HW - Hardware technology ('x86', 'ia64' etc)
Echo LANG - OS language (see -l switch below)
Echo EXT - Extention ('exe', 'cab' etc)
Echo -l:lang - Update language. If omitted, all languages will
Echo be processes. Examples are:
Echo rus - russian
Echo enu - english
Echo fra - french
Echo deu - deutch
Echo -t:target - Target folder to copy updates to.
Echo If omitted, script assumes 'View Only' mode.
Echo Do not use trailing slash.
Echo.
Echo EXAMPLES:
Echo.
Echo Copy downloaded english updates corresponding
Echo to 896358 KB article to 'c:\temp' folder:
Echo.
Echo %~nx0 -f:896358 -l:enu -t:c:\temp
Echo.
Echo View all downloaded updates corresponding to 896358 KB article:
Echo.
Echo %~nx0 -f:896358
Echo.
goto :eof
::===== If Bad OS detected ======
:BADOS
echo.
echo ERROR: This script needs Windows 2000 or better.
goto :eof
::======== End of script ========
So, if you are in a workgroup environment and would like to configure WUA on workstations, then you might want to check WSUSClientManager - an Excel automation tool by Greg Chapman.
Greg recently posted this information on