Monthly Archives: January 2019

Resetting Windows Update on Domain Computers

Windows Update & WSUS have been a thorn in my side for many many years. When it works its great but when it doesn’t it can be very frustrating to figure out what went wrong. Over the years I’ve had to rebuilt WSUS twice, once when it just stopped pushing updates and another time where it imploded itself and corrupted the database. Recently we had a number of computers, around 10%, stop reporting back to WSUS for status. They also reported no updates available when checking for updates using WSUS. We tried all the troubleshooters, DISM cleanups, etc, but nothing seemed to work. I thought maybe it was WSUS again but that wouldn’t make sense with so many successfully getting updated. Even tried the Microsoft recommendations on resetting Windows Update but in our case BITS didn’t want to stop. And related to this we were getting Task Host errors on shutdown for those machines with the reason being “AutomaticUpdateHost” which would make sense if BITS was stuck.

After some testing we found that the Microsoft recommendations did work when in safe mode. Problem was doing this as easily with the least amount of downtime and hands on touching. To that end I created a series of three batch files. The first one, run as a administrator, will set the boot options to safeboot with networking and reboot:

bcdedit /set {default} safeboot network
shutdown -r -t 5

The second is most of the Microsoft recommendations along with others I’ve found on the internet:

@echo off
echo Stopping Windows Update and BTIS services…
net stop bits /y
net stop wuauserv /y
net stop appidsvc /y
net stop cryptsvc /y
echo Killing any windows updates in process
taskkill /im wuauclt.exe /f
echo Deleting some files…
del /s /q /f "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr.dat" del /s /q /f "%ALLUSERSPROFILE%\Microsoft\Network\Downloader\qmgr.dat"
del /s /q /f "%SYSTEMROOT%\WindowsUpdate.log"
rd /s /q "C:\WINDOWS\SoftwareDistribution"
rd /s /q "%SYSTEMROOT%\system32\Catroot2"
del %USERPROFILE%\AppData\Local\Temp* /s /q
for /d %%x in (%USERPROFILE%\AppData\Local\Temp*) do @rd /s /q "%%x"
del %systemroot%\Temp* /s /q
for /d %%y in (%systemroot%\Temp*) do @rd /s /q "%%y"
echo Reset the BITS service and the Windows Update service to the default security descriptor.
sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
echo Deleting registry keys….
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIDValidation /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionstartTime /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
echo Re-registering Windows Update components…
regsvr32.exe /s c:\windows\system32\atl.dll
regsvr32.exe /s c:\windows\system32\urlmon.dll
regsvr32.exe /s c:\windows\system32\mshtml.dll
regsvr32.exe /s c:\windows\system32\shdocvw.dll
regsvr32.exe /s c:\windows\system32\browseui.dll
regsvr32.exe /s c:\windows\system32\jscript.dll
regsvr32.exe /s c:\windows\system32\vbscript.dll
regsvr32.exe /s c:\windows\system32\scrrun.dll
regsvr32.exe /s c:\windows\system32\msxml.dll
regsvr32.exe /s c:\windows\system32\msxml3.dll
regsvr32.exe /s c:\windows\system32\msxml6.dll
regsvr32.exe /s c:\windows\system32\actxprxy.dll
regsvr32.exe /s c:\windows\system32\softpub.dll
regsvr32.exe /s c:\windows\system32\wintrust.dll
regsvr32.exe /s c:\windows\system32\dssenh.dll
regsvr32.exe /s c:\windows\system32\rsaenh.dll
regsvr32.exe /s c:\windows\system32\gpkcsp.dll
regsvr32.exe /s c:\windows\system32\sccbase.dll
regsvr32.exe /s c:\windows\system32\slbcsp.dll
regsvr32.exe /s c:\windows\system32\cryptdlg.dll
regsvr32.exe /s c:\windows\system32\oleaut32.dll
regsvr32.exe /s c:\windows\system32\ole32.dll
regsvr32.exe /s c:\windows\system32\shell32.dll
regsvr32.exe /s c:\windows\system32\initpki.dll
regsvr32.exe /s c:\windows\system32\wuapi.dll
regsvr32.exe /s c:\windows\system32\wuaueng.dll
regsvr32.exe /s c:\windows\system32\wuaueng1.dll
regsvr32.exe /s c:\windows\system32\wucltui.dll
regsvr32.exe /s c:\windows\system32\wups.dll
regsvr32.exe /s c:\windows\system32\wups2.dll
regsvr32.exe /s c:\windows\system32\wuweb.dll
regsvr32.exe /s c:\windows\system32\qmgr.dll
regsvr32.exe /s c:\windows\system32\qmgrprxy.dll
regsvr32.exe /s c:\windows\system32\wucltux.dll
regsvr32.exe /s c:\windows\system32\muweb.dll
regsvr32.exe /s c:\windows\system32\wuwebv.dll
echo Resetting Winsock…
netsh winsock reset
echo Resetting WinHTTP proxy…
netsh winhttp reset proxy
echo Resetting the services as automatic…
sc.exe config wuauserv start= auto
sc.exe config bits start= delayed-auto
sc.exe config cryptsvc start= auto
sc.exe config TrustedInstaller start= demand
sc.exe config DcomLaunch start= auto
echo Restarting services…
net start bits
net start wuauserv
net start appidsvc
net start cryptsvc
net start DcomLaunch
echo Telling Windows to detect updates…
wuauclt.exe /resetauthorization
wuauclt.exe /detectnow
wuauclt.exe /reportnow
PowerShell.exe (New-Object -ComObject Microsoft.Update.AutoUpdate).DetectNow()

Then finally once that runs through is the third batch file to set the computer back to a normal boot:

bcdedit /deletevalue {default} safeboot
shutdown -r -t 5

I put all three into a folder and placed it on the desktops of the troubled computers then ran each in sequence. First the computer rebooted in safe mode, then Windows Update gets reset along with deleting all temp files, then the computer reboots normally.

So far every computer this was run on has reported in. Not sure what causes this in the first place but at least we have a quick solution now.

Note: The script was written to be run in regular mode so its stopping services that are normally already stopped in safe mode but was just reused for this purpose on the machines where BITS kept getting stuck.

Update to Batch Converting Visio Files

After some trail and error from my previous post we went through batch converting 300+ Visio vsd files over to vsdx. Overall the files size was reduced by 70%, dropping from over 6 Gb to around 2Gb, and allowing the files to open/save to the network a lot quicker. The only caveat I found was Visio 64-bit is the best way to do this and is most stable, especially with files over 25Mb. Above about 33 – 35Mb and the 32-bit version would randomly crash. With that said I added in some basic error detection to skip corrupt Visio files, some user variables to keep personal info or remove along with deleting the original file or not, and the ability to do sub directories. Here is the modified code:

Public FilesAttempted As Integer
Public FilesConverted As Integer
Public FilesDeleted As Integer
Public FilesSkipped As String

Sub ConvertToVsdx()
FilesAttempted = 0
FilesConverted = 0
FilesDeleted = 0
FilesSkipped = ""
Dim FileSystem As Object
Set FileSystem = CreateObject("Scripting.FileSystemObject")
Dim HostFolder As String
Dim DeleteOriginal As Boolean
Dim RemovePersonal As Boolean

''' HostFolder is directory to start it. Change to your base directory.
HostFolder = "T:\"
''' DeleteOriginal will delete the original file as long as the VSDX was created. Either True or False
DeleteOriginal = True
''' RemovePersonal will remove personal information from the file. Reduces the size a little but you might want to keep the original info
RemovePersonal = False

DoFolder FileSystem.GetFolder(HostFolder), DeleteOriginal
MsgBox "Conversion complete! " & vbCrLf & vbCrLf & "Files attempted: " & FilesAttempted & vbCrLf & "Files converted: " & FilesConverted & vbCrLf & "Files deleted: " & _
FilesDeleted & vbCrLf & "Files with issues: " & vbCrLf & FilesSkipped, vbOKOnly + vbInformation, "Conversion Complete"
End Sub

Sub DoFolder(Folder, DeleteOriginal)
On Error GoTo ErrHandler:
Dim SubFolder
For Each SubFolder In Folder.SubFolders
DoFolder SubFolder, DeleteOriginal
Next
Dim File
For Each File In Folder.Files
' For each file name sure its a vsd and not a temp file
If ((Right(File, 3) = "vsd") And (Right(File, 4) <> "~vsd")) Then
FilesAttempted = FilesAttempted + 1
' Open the file
Application.Documents.Open File
' Remote personal info if set
If RemovePersonal = True Then
Application.ActiveDocument.RemovePersonalInformation = True
End If
  ' Loop through each master then check across pages to see if it is used
  Index = Application.ActiveDocument.Masters.Count
  While Index > 0
  bMasterUsed = False
  Set oMaster = Application.ActiveDocument.Masters.Item(Index)
  For Each oPage In Application.ActiveDocument.Pages
  For Each oShape In oPage.Shapes
  If oMaster.Name = oShape.Name Then
  bMasterUsed = True
  End If
  Next
  Next
  ' if Not used delete it from the document stencil
  If bMasterUsed = False Then
  oMaster.Delete
  End If
  Index = Index - 1
  Wend

  ' Save as a vsdx and increase our counter
  Application.ActiveDocument.SaveAs File & "x"
  Application.ActiveDocument.Close
  FilesConverted = FilesConverted + 1

  ' Delete the original if set and the new vsdx exists
  If ((DeleteOriginal = "True") And (FileExists(File & "x"))) Then
  SetAttr File, vbNormal
  Kill File
  FilesDeleted = FilesDeleted + 1
  End If
NextFile:
End If
Next
Done:
Exit Sub

ErrHandler:
Debug.Print "Error encountered. Error number: " & Err.Number & " - Error description: " & Err.Description
If File <> "" Then
FilesSkipped = FilesSkipped & File & vbCrLf
GoTo NextFile:
End If
End Sub

Function FileExists(ByVal FileToTest As String) As Boolean
FileExists = (Dir(FileToTest) <> "")
End Function

If you use this please let me know how it goes or any tweaks that need to be made.

Check Uptime of Domain Computers

Recently we pushed some updates through GPO which ran at a users login to the domain. Weeks went by and I kept getting calls about people with old software that didn’t update. After some quick investigating these users were simply not rebooting or shutting down their computers and some were going on two months. On one hand that’s pretty good for Windows 10 machines but on the other they were missing important updates. After looking around I found that PsInfo.exe, part of the PSTools suite, would let me poll a computer for uptime but I wanted to poll all the computers and see how widespread this problem was.

First I started with a list of all computers taken from Active Directory using this PowerShell command to export them to a text file. Technically this command exports to a csv but I’m only taking one column so I skipped a step:

Get-ADComputer -Filter * -Properties Name | Select-Object Name | Export-CSV "C:\temp\ComputerNames.txt" -NoTypeInformation

Opening the file you should have a header of Name with all your workstations. I deleted the header and did a global find and replace to remove the quotes so I had a file with just the workstation names. Next I made a batch file with this single line:

For /f "tokens=*" %%i in (ComputerNames.txt) do psinfo uptime -nobanner \\%%i >> uptime.txt

I placed the batch file (CheckUptime.bat for me) in the same directory as PsInfo.exe and my ComputerNames.txt file. Run the batch file and it will step through each computer name in the file and check the uptime giving you something like this:

System information for \WSComputer2:
Uptime: 0 days 5 hours 24 minutes 57 seconds
System information for \WSComputer6:
Uptime: 2 days 17 hours 45 minutes 18 seconds
System information for \WSComputer23:
Uptime: 0 days 0 hours 42 minutes 41 seconds

I’m sure there is also a way to scrap the file and clean this up but it works for my needs.