I have a Win2K SP4 (with IE 6 sp1) PC that won't keep the current version of the WSUS client running after it starts. This prevents it from ever registering with WSUS. I am in a NW 6.5 and ZenWorks 3.2 enviroment. I have successfully pushed Group Policies with ZEN to other work stations and have manully edited the registry based on the MS deployment guide. (MS support Articles: 555454 covers GPO replacement, 555453 clear out when client will contact WSUS next and 555452 cloned systems having problems.)
I have manually re-installed BITS and the WU Agent per MS instructions. (Articles 555337 and 555331) I also have tried several manuall registry changes. (See above articles.)
I also have re-installed the old WU Agent and used the Windows Updates site to install the current version of the WU Agent. After the install I get the an error stating that it can't be installed. When I look up the error message on MS (don't have it now will post it later), I can only find an article on an anti-virus program that I have never heard of that causes this problem.
Further searching brought me to article 555336 which sounds like my problem.
The only problem is that I don't have the sc program installed on any of my Win2K machines. Does anyone have any ideas?
I have manually re-installed BITS and the WU Agent per MS instructions. (Articles 555337 and 555331) I also have tried several manuall registry changes. (See above articles.)
I also have re-installed the old WU Agent and used the Windows Updates site to install the current version of the WU Agent. After the install I get the an error stating that it can't be installed. When I look up the error message on MS (don't have it now will post it later), I can only find an article on an anti-virus program that I have never heard of that causes this problem.
Further searching brought me to article 555336 which sounds like my problem.
KB 555336 said:SUMMARY
The Automatic Updates Service starts and then stops automatically or you may see Error 0x8DDD0018 that automatic updates is not enabled.
SYMPTOMS
You see Automatic Update Services stops automatically even though the services is set to automatic start up.
CAUSE
This reason for such behavior is, If you change the properties of the Automatic Updates service (via Group Policy - Computer Configuration, Windows Settings, Security Settings, System Services) to set it as Disabled or edited the Access Control, ACL on Automatic Update Client (WUAUSERV) service.
RESOLUTION
Since, the ACL (permissions) on the Automatic Update Service (WUAUSERV) is changed, we have to reset the security settings on the Automatic Updates Service (WUAUSERV) & BITS Service to the default settings;
To reset the ACL on the BITS & WUAUSERV services to default, run the following command (in one line) as Domain Administrator or Local System account on the machine. (Only these accounts can modify the ACL on these services on your machine)
1.
sc sdset bits
"DA;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)"
2.
sc sdset wuauserv
"D
Note: Both the commands needs to be on one line from a command prompt (disable word wrap). See the batch file which can automate the process.
To automatically run the commands, save the following code in the Notepad & use this simple SetServiceObjectSecurity.cmd batch file & double click to run
=========================================================================================
@echo off
Echo This batch file will Set Service Object Security for WUAUSERV & BITS.
Echo Please wait...
@echo on
sc sdset bits "D
sc sdset wuauserv "D
@echo off
Echo Open C:\SetServiceObjectSecurity.log for SUCCESS entry.
Echo Open the Services applet from control panel to see if the services are started.
Echo For any errors; report on @echo off
Pause
=========================================================================================
MORE INFORMATION
Procedure to manually Re-Install Automatic Update Client
The only problem is that I don't have the sc program installed on any of my Win2K machines. Does anyone have any ideas?
