search

criteo-cookbooks / wsus-client

Chef Cookbook to install and configure client for Windows Server Update Services (WSUS)
Apache License 2.0
15 stars 19 forks source link

question about wsus client cookbook #24

Closed robertocortiz closed 7 years ago

robertocortiz commented 8 years ago

we currently manage our wsus updates with a batch script that I want to replace using this cookbook instead but I noticed that two registry keys are modified on this cookbook and we remove the keys on the code below. We build our machines either from vmware templates or aws amis so the wsus client settings seem to be on the images. should I just be able to: remove the following keys > rebuild the image > apply this cookbook?

net stop wuauserv 
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f 
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f 
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f  
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIDValidation /f 
net start wuauserv 
wuauclt.exe /resetauthorization /detectnow 
pause
kamaradclimber commented 7 years ago

@Annih do you have an answer for that?

Annih commented 7 years ago

Hello @robertocortiz

Just to get more context, According to your needs, you don't seem to join a domain and I assume that you are using official Microsft Update services, and now your own WSUS server, do you?

Anyway, you can try to apply only the 5 first lines to clean the environment without generating new IDs and authorization, the cookbook should perform the rest. Another solution is to write a small cookbook wrapper to perform these operations only once before applying the wsus-client cookbook.

I hope this help, sorry for the late answer.

robertocortiz commented 7 years ago

thanks that makes sense, yes we have our own wsus set of servers per domain.