Cloned WSUS Clients Don’t Appear In The Console

It’s possible that cloned machines (even sysprepped ones) won’t appear in the WSUS console.  Here’s some trouble shooting steps.

 

  • If using the FQDN of the WSUS server then ensure the client can resolve the computer name to an IP address.  Check DNS (NSLOOKUP), ping and/or the hosts file.
  • Ensure that you can telnet from the client to the WSUS server on port 8530, e.g. telnet 10.0.0.10 8530.  That will check connectivity.  This assumes you’re using the default port of 8530 for WSUS connectivity.  Use netstat –an to verify this.
  • Ensure that the application log on the WSUS server is clean.
  • Check the WindowsUpdate log in C:Windows on the client.  Make sure it is connecting to <WSUS Server>:8530.
  • Run wuauclt /detectnow on the client and check the WindowsUpdate log again.
  • If the client does not appear then the SUSCliendID may not be valid.  You can reset this by running this .BAT script on the affected client:

@echo off
Echo Save the batch file "AU_Clean_SID.cmd". This batch file will do the following:
Echo 1.    Stop the wuauserv service
Echo 2.    Delete the AccountDomainSid registry key (if it exists)
Echo 3.    Delete the PingID registry key (if it exists)
Echo 4.    Delete the SusClientId registry key (if it exists)
Echo 5.    Restart the wuauserv service
Echo 6.    Resets the Authorization Cookie

Pause
@echo on
net stop wuauserv
REG DELETE "HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate" /v PingID /f
REG DELETE "HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate" /v SusClientId /f
net start wuauserv
wuauclt /resetauthorization /detectnow
Pause

Refresh the console view by clicking on <REFRESH> (don’t press <F5>) and it should appear.

3 thoughts on “Cloned WSUS Clients Don’t Appear In The Console”

  1. Thanks Aidan. We did have the same issue on our macbook computers since they were all imaged. Based on info from other forums & yours, it seems to be working now. However the issue now is that all the computers in the WSUS group on the console shows the "Installed/Not Applicable Percentage" as always 97% or 99% . I have tried approving, declining & many other things. Maybe I am doing something wrong here or is this how the percentage would show all the time and would not reach 100% ? Any help is appreciated.

    Reply

  2. I’ve a bunch of servers that never show 100%. When I look at individual reports on the affected computers I saw the missing update was an antispam update for Exchange. The machines didn’t have Exchange but they did have IIS & SMTP. I seemed to me there was a "bug" in the scan VS requirement for the update.

    Check out the missing updates for the computers and that might lead you to your cause.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.