Monthly Archive for November, 2009

Machines being replaced by each other in a Windows SUS enviroment

Published
by
Conor
3 months, 2 weeks ago
in Microsoft and WSUS
. Comments

This bit me in the ass today so to save you pain in the future here is how you go about fixing it.

When looking at the SUS console you may see machines appearing and disappearing at random or what looks like they are even replacing each other (ie you force wuauclt on one box, see it appear, do the same on another box and while box 2 appears, box 1 disappears).

This could also be a very big problem as if clients share the same SUSClientID they will join groups they are not meant to be in and may download patches/releases not intended for them.

In order to generate a “unique” SUSClientID you need to do the following:

net stop wuauserv

Open up regedit and find the following:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

Delete the following entries:

* PingID
* AccountDomainSid
* SusClientId
* SusClientIDValidation

net start wuauserv

wuauclt.exe /resetauthorization /detectnow

Generate a CSR using OpenSSL

Published
by
Conor
3 months, 3 weeks ago
in Certificates and openssl
. Comments

I do this the odd time in work so I don’t have to remember the command but it gets really annoying trying to remember it when I do have to generate one.

openssl genrsa -out domainname.key 2048 (or whatever length you choose)

openssl req -new -key domainname.key -out domainname.csr

This will generate the private key without a password, now you have a nice shiny CSR to send someone.