Saturday, April 14, 2018

ConfigMgr WSUS Server Assignments Report

With all the cool changes in Current Branch 1702 and later around Software update Points and boundary groups it made me think about our current topology and what endpoints are using which SUP. Numbers were changed to protect the innocent.


Looking at basic machine metrics such as memory and CPU I knew one of our primary site SUPs was busier then the others. Sure enough this report shows its is about 70% of the load (top two above). We have three WSUS servers in the primary site with two internal and one for Internet facing. Rest are on Secondary sites. It also showed a couple WSUS servers that have been gone for years and one I have no idea about so some service tickets were placed to address these anomalies.

We did not spend too much time on the report to make it fancy so it shows the counts at the top and breaks down each machine below it so you can export to CSV, XLSX or whatever to manipulate. In the case of the strange ones above, identify those systems so we can put in ticket to fix them.


We could not find anything already collected so we created a MOF to collect the data from the endpoints registry.

 //=======================================================  
 // WSUS Machine Location  
 //=======================================================  
 #pragma namespace ("\\\\.\\root\\cimv2")  
 #pragma deleteclass("WSUSLocation", NOFAIL)  
 [DYNPROPS]  
 Class WSUSLocation  
 {  
 [key] string KeyName;  
 String WUServer;  
 String WUStatusServer;  
 };  
 [DYNPROPS]  
 Instance of WSUSLocation  
 {  
 KeyName="RegKeyToMOF_32";  
 [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate|WUServer"),Dynamic,Provider("RegPropProv")] WUServer;  
 [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate|WUStatusServer"),Dynamic,Provider("RegPropProv")] WUStatusServer;  
 };  
 #pragma namespace ("\\\\.\\root\\cimv2")  
 #pragma deleteclass("WSUSLocation_64", NOFAIL)  
 [DYNPROPS]  
 Class WSUSLocation_64  
 {  
 [key] string KeyName;  
 String WUServer;  
 String WUStatusServer;  
 };  
 [DYNPROPS]  
 Instance of WSUSLocation_64  
 {  
 KeyName="RegKeyToMOF_64";  
 [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate|WUServer"),Dynamic,Provider("RegPropProv")] WUServer;  
 [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate|WUStatusServer"),Dynamic,Provider("RegPropProv")] WUStatusServer;  
 };  
 //=======================================================  
 // WSUS Machine Location END  
 //=======================================================  

The report needed some tweaking as our Internet facing WSUS would be returned as several DNS names based on how the endpoint reported it. You'll see that in the report and can modify to your IBCM WSUS or comment it out but it should work fine unless you have a system called 'IBCM_WSUS'.

 when wuserver00 like '%IBCM_WSUS%:80' then 'IBCM_WSUS:80'  
       when wuserver00 like '%IBCM_WSUS%:8530' then 'IBCM_WSUS:8530'  
       when wuserver00 like 'http://%.internal.mydomain.com%' then SUBSTRING(wuserver00, 8, CHARINDEX('.internal.mydomain.com',wuserver00) -8 )  
       when wuserver00 like 'http://%.external.mydomain.com%' then SUBSTRING(wuserver00, 8, CHARINDEX('.external.mydomain.com',wuserver00) -8 )  
       when wuserver00 like 'https://ibcm.mydomain.com:8531' then SUBSTRING(wuserver00, 9, CHARINDEX(':8531',wuserver00) -9 )  
       when wuserver00 like '%IBCM_WSUS%:80' then 'IBCM_WSUS:80'  
       when wuserver00 like '%IBCM_WSUS%:8530' then 'IBCM_WSUS:8530'  

Download



This Report is provided as-is, no warranty is provided or implied.The author is NOT responsible for any damages or data loss that may occur through the use of this Script.  Always test, test, test before rolling anything into a production environment.

You can find the report here.

No comments:

Post a Comment