http://www.wsus.info/forums/index.php?showtopic=9312
Client-related
Do my clients meet the requirements to run WSUS?
Have you cloned your computers on the network? If yes, did you run Sysprep, Ghostwalker, or NewSID on the computers after they have been deployed with the new image?
Active Directory
Did you apply your GPO to the appropriate OU? Did you apply the GPO to an OU that contains computer objects?
Are you waiting long enough for your GPOs to be applied to your computers?
Is the GPO even applying to your computer?
Do you have 'Block Inheritance' set on your OU which would restrict a group policy from applying to the OU and objects contained therein?
Tools for troubleshooting:
client diagnostic tool
http://download.microsoft.com/download/9/7/6/976d1084-d2fd-45a1-8c27-a467c768d8ef/WSUS%20Client%20Diagnostic%20Tool.EXE
server diagnostic tool
http://download.microsoft.com/download/7/7/4/7745a34e-f563-443b-b4f8-3a289e995255/WSUS%20Server%20Debug%20Tool.EXE
Want to figure out which computers have duplicate SIDS?
Use psGetSID from Sysinternals: http://www.microsoft.com/technet/sysinternals/utilities/psgetsid.mspx
- You can run this against all computers in your domain to discover who has a duplicate SID.
You should really then run NewSID from Sysinterals on any of the duplicate computers to resolve any potential issues in the future (not to mention the security issues involved with having duplicate SIDS on the network): http://www.microsoft.com/technet/sysinternals/utilities/newsid.mspx
NOTE: You don't need to RUN NewSID on each computer prior to fixing the duplicate ID issue in WSUS, but it may rear its ugly head later on, so if you can find the time, I would recommend fixing this issue as soon as you can.
No comments:
Post a Comment