Using the REG Command for a Quick Display of Client Setup

PC Repair Tools

Advanced Registry Cleaner PC Diagnosis and Repair

Get Instant Access

The quickest way to identify WSUS client settings is to create a simple script file that can be used to query the registry keys you are interested in, and pipe them to the console for quick review. This can be used for troubleshooting purposes or for random audits of your WSUS clients, to make sure that you are not having GPO inheritance, blocking, or conflict problems. To remotely query your WSUS computer's registry, you need the reg.exe command-line utility, which is part of the Windows Server 2003 and Windows XP source codeof. It is also part of the Windows 2000 Resource Kit Supplement 1 for Windows 2000 machines. The version included in Windows Server 2003 and XP can be used on Windows 2000 machines. The following code quickly enumerates the values of the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate registry key and its AU subkey and values. From a command prompt window, type the following (note that WSUSClient is the Network Basic Input/Output System (NetBIOS) name of your WSUS client host).

Reg.exe query

\\WSUSClient\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate /s

The /s switch at the end of the command signifies that you want to retrieve all of the subkeys. The results of this query are as follows:

C:\>reg query \\WSUSClient\

HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate /s

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate WUServer REG_SZ http://WSUS WUStatusServer REG_SZ http://WSUS

ElevateNonAdmins REG_DWORD 0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\

UseWUServer REG_DWORD 0x1

NoAutoRebootWithLoggedOnUsers REG_DWORD 0x1

Continued

AutoInstallMinorUpdates REG_DWORD 0x1

DetectionFrequencyEnabled REG_DWORD 0x1

DetectionFrequency REG_DWORD 0x6

RescheduleWaitTimeEnabled REG_DWORD 0x1

RescheduleWaitTime REG_DWORD 0xf

NoAutoUpdate REG_DWORD 0x0

AUOptions REG_DWORD 0x4

ScheduledInstallDay REG_DWORD 0x6

ScheduledInstallTime REG_DWORD 0x3

To simplify the command, program the keys that you want to randomly query as permanent environment variables on your workstation, so you do not have to retype them every time. For example, from the command line type the following:

Set WU=HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\

WindowsUpdate

Reg.exe query \\WSUSClient\%WU% /s

Use reg.exe with the /v switch followed byy the value name if you just want to query a particular value. For example, if you want to query for the DetectionFrequency of a particular client, type the following:

Reg.exe query \\WSUSClient\%WU%\AU /v DetectionFrequency

Determining the client WSUS settings is easy once you are familiar with each of the value codes. You must be an administrator of the machines you are querying. If you are running these scripts from an Active Directory workstation against machines in a DMZ, make sure you authenticate with those machines first. You can use the net use command to authenticate to \\machinename\ipc$:

Net use \\machinename\ipc$ /user:username password

If you want to audit all of your machines, use the following script to pipe everything to a text file. All you need to do is populate the machines.txt file with a list of the clients you want to audit and use the internal Windows FOR command.

@ECHO OFF

Set WU=HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate

If exist c:\wsusaudit.log del c:\wsusaudit.log for /F %I in (c:\machines.txt) do @echo WSUS Results for %I >>_

Continued c:\wsusaudit.log & reg.exe query \\%I\%WU%\AU /s >> c:\wsusaudit.log & @echo. >> c:\wsusaudit.log

View the wsusaudit.log on the c:\ root for the results. These examples give you the basis for quick and easy registry query information for your WSUS clients. In addition, for any machines that you need to configure using the registry, consider using the reg.exe command with the ADD or DELETE parameters to add, modify, or delete WSUS client registry keys in single or bulk fashion.

The registry seems like a very complex set of codes; however, once you learn its structure, maneuvering about and searching for keys and values becomes second nature. It cannot be stressed enough that the registry must be taken seriously. Misconfigurations and possible key and value deletions can quickly result in a non-working system.

Some Independent Advice_

Remember, using the registry to configure WSUS clients is primarily for non-Active Directory machines. The power of Group Policy in both a management and a security perspective is far superior to using the local registry to make global settings.

Was this article helpful?

0 0

Post a comment