Propósito:
En ocasiones o los PC tardan en entrar en el Wsus o el Wsus en ver los PCs, con lo que he crea un script, para ejecutar en los PCs, para refrescar esta conexión e intentar que se vean sin problemas.
Crea un log en C:\Windows\Temp\wsus_task.
Es una herramienta en la que estoy muy contento, pero cuando le pasa algo no es fácil saber que le esta pasando.
Pasos:
El Script:
Con
|
# ==============================
# WSUS FULL RESET - ENTERPRISE PRO
# ==============================
$log = "C:\Windows\Temp\wsus_task.
if (Test-Path $log) {
if ((Get-Item $log).Length -gt 5MB) {
Clear-Content $log
}
}
# --- LOG ---
function Write-Log {
param([string]$msg, [string]$level = "INFO")
$timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
Add-Content -Path $log -Value "$timestamp [$level] - $msg"
}
# --- EJECUCIÓN COMANDOS ---
function Run-Command {
param(
[string]$name,
[scriptblock]$command
)
Write-Log "$name - START"
try {
$output = & $command 2>&1
if ($output) {
foreach ($line in $output) {
Write-Log "$name OUTPUT: $line"
}
}
Write-Log "$name - OK"
}
catch {
Write-Log "$name - ERROR: $($_.Exception.Message)" "ERROR"
}
}
Write-Log "===== INICIO SCRIPT WSUS v2 ====="
# --- INFO ---
Write-Log "Equipo: $env:COMPUTERNAME"
# ==============================
# RED
# ==============================
Run-Command "Flush DNS" {
ipconfig /flushdns
}
Run-Command "Registro DNS" {
ipconfig /registerdns
}
Run-Command "Ping WSUS" {
ping miservidorsus.com
}
Run-Command "Test WSUS 8531" {
$test = Test-NetConnection miservidorsus.com `
-Port 8531 `
-WarningAction SilentlyContinue
"TcpTestSucceeded=$($test.
"RemoteAddress=$($test.
}
# --- NUEVO : VALIDACION HTTPS/TLS WSUS ---
Run-Command "Validacion HTTPS WSUS" {
try {
$response = Invoke-WebRequest `
-Uri "https://miservidorsus:8531" `
-UseBasicParsing `
-TimeoutSec 15
"StatusCode=$($response.
"HTTPS CONNECTIVITY OK"
}
catch {
"HTTPS ERROR: $($_.Exception.Message)"
}
}
# ==============================
# TIEMPO
# ==============================
Run-Command "Sincronizar hora" {
w32tm /resync
}
# ==============================
# STOP SERVICIOS UPDATE
# ==============================
Run-Command "Stop servicios update" {
Stop-Service wuauserv -Force -ErrorAction SilentlyContinue
Stop-Service bits -Force -ErrorAction SilentlyContinue
Stop-Service cryptsvc -Force -ErrorAction SilentlyContinue
Stop-Service usosvc -Force -ErrorAction SilentlyContinue
}
# ==============================
# RESET WSUS
# ==============================
Run-Command "Reset identidad WSUS" {
$wuReg = "HKLM:\SOFTWARE\Microsoft\
Remove-ItemProperty `
-Path $wuReg `
-Name "AccountDomainSid" `
-ErrorAction SilentlyContinue
Remove-ItemProperty `
-Path $wuReg `
-Name "PingID" `
-ErrorAction SilentlyContinue
# GON a medio plazo quitar SusClientId
# Remove-ItemProperty `
# -Path $wuReg `
# -Name "SusClientId" `
# -ErrorAction SilentlyContinue
Remove-ItemProperty `
-Path $wuReg `
-Name "SusClientIdValidation" `
-ErrorAction SilentlyContinue
}
# ==============================
# START SERVICIOS UPDATE
# ==============================
Run-Command "Start servicios update" {
Start-Service cryptsvc -ErrorAction SilentlyContinue
Start-Service bits -ErrorAction SilentlyContinue
Start-Service wuauserv -ErrorAction SilentlyContinue
Start-Service usosvc -ErrorAction SilentlyContinue
}
Run-Command "Estado servicios" {
Get-Service `
wuauserv,
bits,
cryptsvc,
usosvc |
Select-Object Name, Status
}
Start-Sleep -Seconds 10
# ==============================
# GPO
# ==============================
Run-Command "GPO Update" {
gpupdate /force
}
Start-Sleep -Seconds 10
# ==============================
# VALIDACION WSUS
# ==============================
Run-Command "Leer config WSUS" {
$wsus = Get-ItemProperty `
"HKLM:\SOFTWARE\Policies\
"WUServer=$($wsus.WUServer)"
"WUStatusServer=$($wsus.
}
# --- NUEVO : HISTORIAL DETECCION ---
Run-Command "Last Detection Result" {
$path = "HKLM:\SOFTWARE\Microsoft\
if (Test-Path $path) {
Get-ItemProperty $path |
Select-Object LastSuccessTime, LastError
}
else {
"Detection history not found"
}
}
# --- NUEVO : HISTORIAL INSTALACION ---
Run-Command "Last Install Result" {
$path = "HKLM:\SOFTWARE\Microsoft\
if (Test-Path $path) {
Get-ItemProperty $path |
Select-Object LastSuccessTime, LastError
}
else {
"Install history not found"
}
}
# ==============================
# DETECCION
# ==============================
Run-Command "DetectNow COM" {
(New-Object -ComObject Microsoft.Update.AutoUpdate).
}
Start-Sleep -Seconds 10
# ==============================
# RESET AUTH
# ==============================
Run-Command "Reset Authorization" {
wuauclt /resetauthorization /detectnow
}
# ==============================
# REPORT WSUS
# ==============================
Run-Command "Report WSUS" {
wuauclt /reportnow
}
# --- NUEVO : EVENTOS WINDOWS UPDATE ---
Run-Command "Windows Update Events" {
Get-WinEvent `
-LogName "Microsoft-Windows-
-MaxEvents 30 `
-ErrorAction SilentlyContinue |
Select-Object `
TimeCreated,
Id,
LevelDisplayName,
Message
}
Start-Sleep -Seconds 15
# ==============================
# USOCLIENT
# ==============================
Run-Command "UsoClient Scan" {
UsoClient StartScan
}
Run-Command "Interactive Scan" {
UsoClient StartInteractiveScan
}
# ==============================
# DESCARGA
# ==============================
Run-Command "UsoClient Download" {
UsoClient StartDownload
}
Start-Sleep -Seconds 30
# ==============================
# INSTALACION
# ==============================
Run-Command "UsoClient Install" {
UsoClient StartInstall
}
Start-Sleep -Seconds 20
# ==============================
# RESTART WUAUSERV
# ==============================
Run-Command "Restart wuauserv" {
Restart-Service wuauserv -Force
}
Start-Sleep -Seconds 15
# ==============================
# VALIDACION SUSCLIENTID
# ==============================
Run-Command "Validar SusClientId" {
$wuReg = "HKLM:\SOFTWARE\Microsoft\
$sus = Get-ItemProperty `
$wuReg `
-ErrorAction SilentlyContinue
"SusClientId=$($sus.
}
# --- NUEVO : DIAGNOSTICO IDENTIDAD WSUS ---
Run-Command "WSUS Identity Check" {
$wuReg = "HKLM:\SOFTWARE\Microsoft\
$data = Get-ItemProperty `
$wuReg `
-ErrorAction SilentlyContinue
"SusClientId=$($data.
"SusClientIdValidation=$($
"PingID=$($data.PingID)"
}
# --- NUEVO : UPDATE ORCHESTRATOR ---
Run-Command "Update Orchestrator Status" {
Get-Service usosvc `
-ErrorAction SilentlyContinue |
Select-Object Name, Status, StartType
}
# ==============================
# GENERACION LOG WINDOWS UPDATE
# ==============================
Run-Command "Generar WindowsUpdate.log" {
Get-WindowsUpdateLog |
Out-File "C:\Windows\Temp\
}
# ==============================
# RESUMEN FINAL
# ==============================
Run-Command "WSUS Health Summary" {
"========== SERVICES =========="
Get-Service `
wuauserv,
bits,
cryptsvc,
usosvc |
Select-Object Name, Status
""
"========== WSUS CONFIG =========="
$wsus = Get-ItemProperty `
"HKLM:\SOFTWARE\Policies\
-ErrorAction SilentlyContinue
"WUServer=$($wsus.WUServer)"
"WUStatusServer=$($wsus.
""
"========== CLIENT ID =========="
$client = Get-ItemProperty `
"HKLM:\SOFTWARE\Microsoft\
-ErrorAction SilentlyContinue
"SusClientId=$($client.
}
Write-Log "===== FIN SCRIPT =====" |
|
Stop-Service wuauserv
Stop-Service bits
Remove-ItemProperty `
-Path "HKLM:\SOFTWARE\Microsoft\
-Name SusClientId `
-ErrorAction SilentlyContinue
Remove-ItemProperty `
-Path "HKLM:\SOFTWARE\Microsoft\
-Name SusClientIdValidation `
-ErrorAction SilentlyContinue
Remove-ItemProperty `
-Path "HKLM:\SOFTWARE\Microsoft\
-Name PingID `
-ErrorAction SilentlyContinue
Remove-ItemProperty `
-Path "HKLM:\SOFTWARE\Microsoft\
-Name AccountDomainSid `
-ErrorAction SilentlyContinue
Rename-Item `
C:\Windows\
SoftwareDistribution.old
Start-Service bits
Start-Service wuauserv
wuauclt /resetauthorization /detectnow
|
%20-%20Word.jpg)