What shits me – or stuff that people should be able to organise but can’t

Swimming pool fittings. Yes its trivial but why can’t manufacturers agree that a 38mm hose should have a 38mm internal diameter and then all the other things such as vacuum, pool cleaner as well as the fittings in the pool basket all fit.

It shits me that I need “adapter rings” to get all this together.

Swimming Pool equipment manufacturers – Get your shit together

I’m sick of needing to buy equipment from one manufacturer only just because

1. You think you are the only one who can make this stuff so therefore yours is best
2. You want me locked into your stuff

3. You can’t get your shit together.

WSUS – Not half bad

Client Machines

Implementing WSUS lately. Took some time but most of it was “one of those things”. After making the appropriate GP changes I couldn’t get the clients to register in the console. Eventually I found a script called “WUAUFix.cmd” that modified the ACLs on the WUService. Installed in the STARTUP script (users are not local administrators) it worked perfectly. I’m not real sure but I think the permissions are stuffed up during GHOST imaging – we have just deployed a new desktop. Once this script ran then “bingo” – reporting now functional.

 <—- Begin Script  WUAUFix.cmd ———>

%Windir%\system32\net.exe stop bits
%Windir%\system32\net.exe stop wuauserv
 
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientValidation /f
reg delete “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update” /v LastWaitTimeout /f
reg delete “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update” /v DetectionStartTime /f
reg delete “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update” /v NextDetectionTime /f
 
if exist %Windir%\system32\atl.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\atl.dll 
if exist %Windir%\system32\jscript.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\jscript.dll
if exist %Windir%\system32\softpub.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\softpub.dll 
if exist %Windir%\system32\wuapi.dll %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuapi.dll
if exist %Windir%\system32\wuaueng.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng.dll 
if exist %Windir%\system32\wuaueng1.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuaueng1.dll 
if exist %Windir%\system32\wucltui.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wucltui.dll 
if exist %Windir%\system32\wups.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups.dll 
if exist %Windir%\system32\wups2.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wups2.dll 
if exist %Windir%\system32\wuweb.dll  %Windir%\system32\regsvr32.exe /s %Windir%\system32\wuweb.dll 
if exist %windir%\system32\iuengine.dll %windir%\system32\regsvr32.exe /s iuengine.dll
if exist %windir%\system32\wuauserv.dll %windir%\system32\regsvr32.exe /s wuauserv.dll
if exist %windir%\system32\cdm.dll %windir%\system32\regsvr32.exe /s cdm.dll
if exist %windir%\system32\msxml2r.dll %windir%\system32\regsvr32.exe /s msxml2r.dll
if exist %windir%\system32\msxml3r.dll %windir%\system32\regsvr32.exe /s msxml3r.dll
if exist %windir%\system32\msxml.dll  %windir%\system32\regsvr32.exe /s msxml.dll
if exist %windir%\system32\msxml3.dll %windir%\system32\regsvr32.exe /s msxml3.dll
if exist %windir%\system32\msxmlr.dll %windir%\system32\regsvr32.exe /s msxmlr.dll
if exist %windir%\system32\msxml2.dll %windir%\system32\regsvr32.exe /s msxml2.dll
if exist %windir%\system32\qmgr.dll %windir%\system32\regsvr32.exe /s qmgr.dll
if exist %windir%\system32\qmgrprxy.dll %windir%\system32\regsvr32.exe /s qmgrprxy.dll
if exist %windir%\system32\iuctl.dll %windir%\system32\regsvr32.exe /s iuctl.dll
 
del C:\Windows\WindowsUpdate.log /S /Q
rd /s /q %windir%\softwareDistribution
ping 127.0.0.1 -n 2 -w 1000 > nul
ping 127.0.0.1 -n %1% -w 1000> nul
 
%Windir%\system32\net.exe start bits
%Windir%\system32\net.exe start wuauserv 
  
sc sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
 
wuauclt.exe /resetauthorization
wuauclt.exe /detectnow
wuauclt.exe /reportnow
 
exit /B 0

<———- End Script

Not sure if all this script is required but “hey” who cares – it works well.

Group Policy

On the subject of GP and WSUS – make sure you have the latest ADM files. There are a couple of WSUS related items that have been added – especially if you want to suppress the “reboot now” prompts after installing updates.

Disconnected Networks

Couple of tips about “disconnected WSUS Networks” aka your test and development net.

– There is no concept of “syncronisation” with a disconnected net. Don’t bother about fiddling with the sync settings – leave it on Manual and don’t goof around with them
– WSUS is a bit like MS Exchange. Things take time to update. Change you settings and then go away and let it do its work.
– If the administrator of the connected net has not approved a patch and they have set “do not download unless approved” then nothing you can do will make the patch appear on the disconnected net. You are at the mercy of the external admin. This also explains the “updates waiting for files” entry in the server status page. You have approved an update the external admin has not. The files will never arrive!

I have found ROBOCOPY to be the best at syncing the disconnected to the connected. The /MIR option is perfect.

Finally Lawrence Garvin on the MS WSUS forum is a GURU at this. He knows this product.

Now I’m ready to push the button and start updating all the client computers at work…. Spooky