One of our engineers wrote this little rough and ready script that recreates the AccountDomainSid and SUSClientID in the registry. This is caused often by VMs that have been cloned from a template.
Requirements are that PSEXEC is installed in the same directory as where the script is ran. We tend to create folder on the WSUS server and run it from there
@echo off
set /p a=”Enter IP Address or Name: please DO NOT include \”
psexec \%a% net stop wuauserv
psexec \%a% REG DELETE “HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate” /v AccountDomainSid /f
psexec \%a% REG DELETE “HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate” /v PingID /f
psexec \%a% REG DELETE “HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate” /v SusClientId /f
psexec \%a% net start wuauserv
psexec \%a% wuauclt /resetauthorization /detectnow
psexec \%a% wuauclt /reportnow
echo…………………………………………………………..
echo Machine should reappear in approx 10 minutes.
pause
He also adapted one that will force a machine to detect and report its WSUS status to the WSUS server
@echo off
set /p a=”Enter IP Address or Name please DO NOT include \ : “
psexec \%a% net stop wuauserv
psexec \%a% net start wuauserv
rem psexec %a% wuauclt.exe /resetauthorization
psexec \%a% wuauclt.exe /detectnow
psexec \%a% wuauclt.exe /reportnow
cls
echo …………………………………………………………..
echo REPORT STATUS
echo ————–
echo A report and detectnow has been run on the machine you specified.
pause
GOTO MENU