WSUS: Force Registration of Clients That Are Not Showing Up

I setup a WSUS server in a test lab and the results of client machines registering themselves with the WSUS server were flaky; especially if they weren’t on the same domain as the WSUS server. One of my cloned machines was having trouble until I changed the SID with NewSID from Microsoft. The others didn’t appear to have any duplicate SID problems but having them appear in the WSUS administration webpage was still a challenge.

Looking around the web, I found a variety of suggestions to fix the problem; most of them involved changing the registry. Here’s a compiled list of those changes:

net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUState /f
net start wuauserv

That looked very promising, but it didn’t solve my problem. I was so frustrated until I found this command: wuauclt /resetauthorization /detectnow. Running that on the clients that failed to show up in WSUS worked every single time and it even worked on computers that weren’t on the same domain as the WSUS server. Awesome.

Chrissy is a PowerShell MVP who has worked in IT for nearly 20 years, and currently serves as a Sr. Database Engineer in Belgium. Always an avid scripter, she attended the Monad session at Microsoft’s Professional Developers Conference in Los Angeles back in 2005 and has worked and played with PowerShell ever since. Chrissy is currently pursuing an MS in Systems Engineering at Regis University and helps maintain RealCajunRecipes.com in her spare time. She holds a number of certifications, including those relating to SQL Server, SuSE Linux, SharePoint and network security. She recently became co-lead of the SQL PASS PowerShell Virtual Chapter. You can follow her on Twitter at @cl.

Posted in Windows
12 comments on “WSUS: Force Registration of Clients That Are Not Showing Up
  1. Tim says:

    I have an issue similar to this however all of my client computers are in the same domain. I’ve got approximately 15 boxes that are not showing up on the Admin page for WSUS however when you go into the local logs for each client you can see that they are obtaining updates and applying them on a regular basis.

    It dawned on me after reading your post that these machines all may have some sort of corrupt/duplicate SID as they were all imaged from a program that we have since stopped using due to so many HAL issues.

    Regardless of our “issues” with the imaging software, it has bothered me for over a month that some clients have not shown up yet on our WSUS. It looks like the NewSID may fix this and I just wanted to say thanks for pointing out this little program available from Microsoft.

    I’ll post again if this fixes our issue.

    Cheers

    Tim

  2. Tim says:

    Cajun,

    Well newSID worked like a charm. The boxes I’ve been able to run the program on have all shown up on our admin page now.

    Again thanks for posting about this fine little program, if I hadn’t stumbled across your blog I’d probably still be scratching my head over the problem.

    Plus now I can make recommendations in the future to my colleagues about what to do if we run across this again.

  3. Chrissy says:

    iTunes Users,
    I'm sorry but I cannot help you. I don't use iTunes and I do not have a solution on how vbscript will help you install iTunes. Please go to Apple's forums or keep searching Google for an answers.

  4. Mike says:

    This web site has the answer for fixing your susclientid. The problem may be your susclientid from using the same image.

  5. RTO Trainer says:

    Beautiful and brilliant.

    You saved me! Thank you, thank you!

  6. Eirik says:

    You also saved me, thanks a lot.

  7. Francesca says:

    You’re awesome! That fixed it on my clients too!!! Thank you thank you!

  8. Lennon Rich says:

    Thanks a lot :D This has been bugging us for a while!

  9. Jason Martin says:

    This worked for me too, I will be pushing this in the login script across my network. Thank you!

  10. Yohan Courbe says:

    Thanks for this ! FYI it works well on Windows Server 2012. I just had to add the statement

    Windows Registry Editor Version 5.00

    at the very top of the registry file otherwise you can’t import it.

    I also had to run the following PS command to force registration on the WSUS.

    wuauclt /resetauthorization /detectnow

    Kind regards

  11. Kevin Orellana says:

    I have the same problem, try this information and work, thank you very much for the contribution

Leave a Reply

Your email address will not be published. Required fields are marked *

*