Propósito:
En ocasiones o los PC tardan en entrar en el Wsus o el Wsus en ver los PCs, con lo que he crea un script, para ejecutar en los PCs, para refrescar esta conexión e intentar que se vean sin problemas.
Crea un log en C:\Windows\Temp\wsus_task.
Es una herramienta en la que estoy muy contento, pero cuando le pasa algo no es fácil saber que le esta pasando.
Pasos:
El Script:
# ==============================
# WSUS FULL RESET - ENTERPRISE PRO
# ==============================
$log = "C:\Windows\Temp\wsus_task.
# --- LOG ---
function Write-Log {
param([string]$msg, [string]$level = "INFO")
$timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
Add-Content -Path $log -Value "$timestamp [$level] - $msg"
}
# --- EJECUCIÓN COMANDOS (CLAVE) ---
function Run-Command {
param(
[string]$name,
[scriptblock]$command
)
Write-Log "$name - START"
try {
$output = & $command 2>&1
if ($output) {
foreach ($line in $output) {
Write-Log "$name OUTPUT: $line"
}
}
Write-Log "$name - OK"
}
catch {
Write-Log "$name - ERROR: $($_.Exception.Message)" "ERROR"
}
}
Write-Log "===== INICIO SCRIPT WSUS (FULL RESET PRO) ====="
# --- INFO ---
Write-Log "Equipo: $env:COMPUTERNAME"
# --- RED ---
Run-Command "Flush DNS" { ipconfig /flushdns }
Run-Command "Registro DNS" { ipconfig /registerdns }
Run-Command "Ping WSUS" { ping SRVSUSN }
Run-Command "Test WSUS 8531" {
$test = Test-NetConnection NombreServidorWsus -Port 8531 -WarningAction SilentlyContinue
"TcpTestSucceeded=$($test.
}
# --- TIEMPO ---
Run-Command "Sincronizar hora" { w32tm /resync }
# --- SERVICIOS STOP ---
Run-Command "Stop wuauserv" { Stop-Service wuauserv -Force }
Run-Command "Stop bits" { Stop-Service bits -Force }
# --- LIMPIEZA ---
# GON a medio plazo quitar
Run-Command "Delete SoftwareDistribution" {
if (Test-Path "C:\Windows\
Remove-Item "C:\Windows\
} else {
"No existe SoftwareDistribution"
}
}
#GON a medio plazo quitar
Run-Command "Delete catroot2" {
if (Test-Path "C:\Windows\System32\catroot2"
Remove-Item "C:\Windows\System32\catroot2" -Recurse -Force
} else {
"No existe catroot2"
}
}
# --- RESET WSUS ---
Run-Command "Reset identidad WSUS" {
$wuReg = "HKLM:\SOFTWARE\Microsoft\
Remove-ItemProperty -Path $wuReg -Name "AccountDomainSid" -ErrorAction SilentlyContinue
Remove-ItemProperty -Path $wuReg -Name "PingID" -ErrorAction SilentlyContinue
#GON a medio plazo quitar SusClientId
Remove-ItemProperty -Path $wuReg -Name "SusClientId" -ErrorAction SilentlyContinue
Remove-ItemProperty -Path $wuReg -Name "SusClientIdValidation" -ErrorAction SilentlyContinue
}
# --- START SERVICIOS ---
Run-Command "Start wuauserv" { Start-Service wuauserv }
Run-Command "Start bits" { Start-Service bits }
Start-Sleep -Seconds 10
# --- GPO ---
Run-Command "GPO Update" { gpupdate /force }
Start-Sleep -Seconds 10
# --- VALIDACIÓN WSUS ---
Run-Command "Leer config WSUS" {
$wsus = Get-ItemProperty "HKLM:\SOFTWARE\Policies\
"WUServer=$($wsus.WUServer)"
"WUStatusServer=$($wsus.
}
# --- DETECCIÓN ---
Run-Command "DetectNow COM" {
(New-Object -ComObject Microsoft.Update.AutoUpdate).
}
Start-Sleep -Seconds 10
# --- RESET AUTH ---
Run-Command "Reset Authorization" {
wuauclt /resetauthorization /detectnow
}
# --- REPORT ---
Run-Command "Report WSUS" {
wuauclt /reportnow
}
Start-Sleep -Seconds 15
# --- MODERNO ---
Run-Command "UsoClient Scan" {
UsoClient StartScan
}
# --- DESCARGA ---
Run-Command "UsoClient Download" {
UsoClient StartDownload
}
Start-Sleep -Seconds 30
# --- INSTALACIÓN ---
Run-Command "UsoClient Install" {
UsoClient StartInstall
}
Start-Sleep -Seconds 20
# --- RESTART SERVICIO ---
Run-Command "Restart wuauserv" {
Restart-Service wuauserv -Force
}
Start-Sleep -Seconds 15
# --- VALIDACIÓN FINAL ---
Run-Command "Validar SusClientId" {
$wuReg = "HKLM:\SOFTWARE\Microsoft\
$sus = Get-ItemProperty $wuReg -ErrorAction SilentlyContinue
"SusClientId=$($sus.
}
# --- DEBUG LOG ---
Run-Command "Generar WindowsUpdate.log" {
Get-WindowsUpdateLog | Out-File "C:\Windows\Temp\
}
Write-Log "===== FIN SCRIPT ====="
by GoN | Published: Jun 2026 | Last Updated:
No hay comentarios:
Publicar un comentario