Finally the help of IT is here

Blog of computer solutions.

How to resolve duplicate ID problem in WSUS clients

Written by Xaus Xavier Nadal on March 21st, 2010


In many cases within a corporate environment where you have a lot of clones assembled from teams we find that there are duplicate ID's of programs such as antivirus agent or even the WSUS client.

In this article I show how to solve a problem that causes that not all computers in the domain to which we have included in the WSUS server to be displayed correctly. This may be because several teams have the same WSUS client ID appears sometimes causing only one team from each 10 because of this duplication of ID.

Gathering information found this article very helpful.

It appears a script created by Torgeir Bakken MVP Scripting and WMI a Norwegian sample as part of this problem.

We have adapted and improved a bit different and the result is this:

On Error Resume Next

Const OpenAsASCII = 0
Const OverwriteIfExist =-1
Const ForAppending = 8

Set oShell = CreateObject ("WScript.Shell")
September oFSO = CreateObject ("Scripting.FileSystemObject")
September oWshNetwork = CreateObject ("WScript.Network")

sFolderPath = "Z"
sLogFilePath = sFolderPath & "\ _ClientIdResetLog.txt"
sRegKey = "HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ WindowsUpdate"
sIDChecked = oShell.RegRead (sRegKey & "\ ClientSusIdChecked")

If sIDChecked <> "yes" Then

For i = 0 To 90
oWshNetwork.MapNetworkDrive “Z:”,”\\<server>\<Windows compartida>",,"<user>""<password>
If Err.Number <> 0 Then
WScript.Sleep 1000
Exit for
End If

SusClientId = “”
sSusClientId = oShell.RegRead(sRegKey & “\SusClientId”)
If sSusClientId <> “” And oFSO.FolderExists(sFolderPath) Then

sFilePath = sFolderPath & “\” & sSusClientId & “.txt”
If oFSO.FileExists(sFilePath) Then

oShell.RegDelete sRegKey & “\AccountDomainSid”
oShell.RegDelete sRegKey & “\PingID”
oShell.RegDelete sRegKey & “\SusClientId”
oShell.Run XCHARX%SystemRoot%\system32\net.exe stop wuauservXCHARX, 0, True
oShell.Run XCHARX%SystemRoot%\system32\net.exe start wuauservXCHARX, 0, True

sCmd = _
XCHARX%SystemRoot%\system32\wuauclt.exe /resetauthorization /detectnowXCHARX
oShell.Run sCmd, 0, True
fSusClientId = oShell.RegRead(sRegKey & “\SusClientId”)
fFilePath = sFolderPath & “\” & fSusClientId & “.txt”

Set f = oFSO.CreateTextFile(fFilePath, OverwriteIfExist, OpenAsASCII)
f.WriteLine oWshNetwork.ComputerName
bUpdLogFinished = False
iLoops = 0

Set fLogFile = oFSO.OpenTextFile(sLogFilePath, ForAppending, True)
If Err.Number <> 0 Then
WScript.Sleep 500
fLogFile.WriteLine Now & “, ” & oWshNetwork.ComputerName
bUpdLogFinished = True
End If
iLoops = iLoops + 1
Loop Until bUpdLogFinished Or iLoops > 10

Set f = oFSO.CreateTextFile(sFilePath, OverwriteIfExist, OpenAsASCII)
f.WriteLine oWshNetwork.ComputerName

End If

oShell.RegWrite sRegKey & “\ClientSusIdChecked”, “yes”
End If
oWshNetwork.RemoveNetworkDrive “Z:”, True
End If

This script is executed before the user start your session with the user SYSTEM (Local user with higher privileges) because otherwise if the user is not a local administrator could not change the registry keys at will. We have modified the script that maps a unit with a domain user who has permissions on the destination folder as the SYSTEM user has access only locally not to a network folder.

I explain roughly
this script does.

1. - Lee ClientSusIdChecked the registry entry for each PC running the script is different from proving that yes. (So ​​we make this script runs only once completely).

2. To - If different from yes then maps a drive with a domain user to save a file with the ID name that WSUS will use later.

3. - Read the log entry SusClientId collecting value and if different from "" and we have mapped the drive correctly then save the file on the mapped route with WSUS.txt ID name if the file does not exist already.

4. - If the file exists then delete the registry keys and generate new ones with a new ID stored in the file _ClientidResetLog.txt the computer you've reset the ID (To keep track of the teams that had the duplicate ID) and generating a new file with the new ID.

5. - Finally desmapea the drive where you store these logs and writes to the log chain ClientSusIdChecked a yes.

With all this we get a repository for WSUS ID of each computer in the domain and in turn is equal to none.

How to use this script?:

Open a notepad and copy and paste the text of the script.

Customized fields that I have set in bold are in <> as it will be the path and user name and password that will be used to record files with the WSUS client ID.

<server>\<Windows compartida>



Save it as AutomatedSusId.vbs en \netlogon\AutomatedSusId.vbs”>\netlogon\AutomatedSusId.vbs”>\netlogon\AutomatedSusId.vbs”>\\<dominio>\netlogon\AutomatedSusId.vbs before user logon.

We go to a domain controller.

Home -> Run -> Write gpmc.msc

For example we could change the policy Default Domain Policy for all domain computers execute this script, but I like to play this policy so I recommend creating a new and apply only to the OU where you have the equipment.


just click on Create and Link a GPO Here in the OU where you have located the equipment.


We put a name and click on OK.

You press the right mouse button on Edit.


En Computer Configuration -> Windows Settings -> Scripts (Startup / Shutdown) we double click on Home.


click on Add.


In the countryside Name of script: write the path where you have stored the script and click on OK y OK again.

Now when teams restart files are generated in the route we have arranged for the storage of the logs and see how we are self without the id is duplicated and also see each ID for each client.

That's all for today. I hope you find it useful.

PS: There are other ways to solve this problem but not as effective as the one I have shown.!2095EAC3772C41DB!1930.entry

Greetings and see you soon MegaCracks.

Related Posts Plugin for WordPress, Blogger ...
Tags: , , , , , ,

Leave a Reply

XHTML: You can use in Original tags: <a href="" title=""> <abbr title = ""> <acronym title = ""> <b> <blockquote cite = ""> <cite> <code> <del datetime = ""> <em> <i> <q cite = ""> <s> <strike> <strong>

GTranslate Your license is inactive or expired, please subscribe again!