https://github.com/mozilla/policy-templates/tree/master/windows Activate the GPO – GoTo Install Certificates Add one fully qualified pem or der or cer file path per entry like: \\DC\certs\company.cer Thats easier then using these standard pathes… Advertisements
WindoesUpdate.log says: Digital Signatures on file C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab are not trusted Be sure your WSUS installation is fully patched: https://wsus.de/de/FAQ -> 44 WSUS auf Windows Server 2008 / 2008 R2 WSUS 3.0 (RC): Build 3.0.6000.318 WSUS 3.0 (RTW): Build 3.0.6000.374 WSUS 3.0 (SP1): Build 3.1.6001.65 WSUS 3.0 (SP1) + KB954960: Build 3.1.6001.66 WSUS 3.0 (SP2 […]
How to identify and decline superseded updates in WSUS
/****************************************************************************** This sample T-SQL script performs basic maintenance tasks on SUSDB 1. Identifies indexes that are fragmented and defragments them. For certain tables, a fill-factor is set in order to improve insert performance. Based on MSDN sample at http://msdn2.microsoft.com/en-us/library/ms188917.aspx and tailored for SUSDB requirements 2. Updates potentially out-of-date table statistics. ******************************************************************************/ USE SUSDB; GO SET […]
After executing this run a mainenance job to re-index your stuff. DECLARE @var1 INT DECLARE @msg nvarchar(100) CREATE TABLE #results (Col1 INT) INSERT INTO #results(Col1) EXEC spGetObsoleteUpdatesToCleanup DECLARE WC Cursor FOR SELECT Col1 FROM #results OPEN WC FETCH NEXT FROM WC INTO @var1 WHILE (@@FETCH_STATUS > -1) BEGIN SET @msg = ‘Deleting ‘ + CONVERT(varchar(10), […]
UPDATE [SUSDB].[dbo].[tbComputerTargetDetail] SET [OSDescription] = ‘Windows 10′ WHERE [OSMajorVersion] = ’10’ AND [OSMinorVersion] = ‘0’ AND [OldProductType] = ‘1’ AND ([OSDescription] <> ‘Windows 10’ or [OSDescription] IS NULL) SRC: https://www.emde-it-loesungen.de/techtalk/systemadministration/wsus-wartung.html
Open the SQL Server Management Studio. Right click your service. Open Properties. Select Connections. Tune the Timeout value from 600 to a much higher value or set it to 0 for no timeout.
