XP SP2 Installed through SUS does not install silently

From: Bobbie Harder (bobbieh_at_WINDOWS.MICROSOFT.COM)
Date: 08/20/04

  • Next message: A Wood: "AOL 9.0 Disables Built In Firewall in XP SP1" 
    Date:         Thu, 19 Aug 2004 15:35:22 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    XP SP2 Installed through SUS does not install silently

     

     

    Situation:

    * Windows XP SP2 was made available for download to SUS servers on
    Monday, August 16. Unlike installation of Windows XP SP2 directly via
    the Automatic Updates or Windows Update, deploying XP SP2 via SUS allows
    IT administrators to deploy the update without requiring user
    interaction (referred to as 'silent install') on the Windows XP
    machines.
    * However, due to an error in the install parameters included in
    the package initially made available for download to SUS servers,
    customers who had approved the update for deployment on their SUS
    servers found that the SUS client did not install the update silently -
    user interaction was required. Note that this was not a problem with
    Windows XP SP2 itself, but rather with the install parameters specified
    in the package delivered to SUS servers.

     

    Status:

    * The problem was corrected and the updated package was made
    available for download to SUS servers at approximately 11:30 am US
    Pacific Time, Thursday, 8/19/04.

     

    Guidance for SUS administrators:

    * SUS administrators need to synchronize the SUS server to get the
    updated package information
    * Note: Synchronization will not re-download the XP SP2 package if
    it has already been downloaded to the SUS server's content directory.
    The only item downloaded for this synchronization is the aurtf.cab (less
    than 1mb) which contains the metadata for the updates.
    * If the SUS server is set for daily scheduled synchronization,
    the new install parameters will be picked up automatically the next time
    the server synchronizes with the Microsoft site.
    * If the SUS server is not set for daily scheduled
    synchronization, or if the SUS administrator desires to pull the
    corrected content down immediately without waiting for the next
    scheduled synchronization, a manual synchronization needs to be
    performed.

            a. In the SUS Admin UI, go to the Synchronize Server link
            b. Click on the Synchronize Now button

    * After synchronization, ensure that the XP SP2 update has an
    "approved" status, as it may be listed as either "new" or "updated"
    unless the SUS server is configured to automatically approve updated
    items.
    * Any client computer that has already detected or downloaded the
    XP SP2 package from the SUS server will need to be forced to re-run
    detection in order to pick up the updated install parameters and install
    SP2 silently. This can be done either manually on each XP machines that
    received the SP2 update or through a scalable administration mechanism
    such as Active Directory based Group Policy or administrative scripting.
    Note that the clients will download the entire Windows XP SP2 package
    from the SUS server. For information on controlling the load on the SUS
    server and the internal network, please see the guidance provided at:
    http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/xpsp2sus.ms
    px

     

            a. Manual Method to force Automatic Updates detection:

                                                                  i.
    Open services.msc

                                                                 ii.
    Locate the Automatic Updates service and click on "Stop the service."

                                                               iii.
    Open regedit.exe

                                                              iv.
    Navigate to
    HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update

                                                                v.
    Delete the LastWaitTimeout and DetectionStartTime registry keys if
    either (or both) exist.

                                                              vi.
    Ensure that the AUState registry key is set to a value of 0x2

                                                             vii. Close
    regedit.exe

                                                           viii. In
    services.msc locate the Automatic Updates service and click on "Start
    the service."

                                                               ix.
    Close services.msc

                                                                x. Wait
    approximately 10 minutes for Automatic Updates to do detection and start
    downloading the XP SP2 update again.

            b. Using Group Policy to force Automatic Updates detection:

                                                                  i. If
    Group Policy is used to control the Automatic Updates configuration, and
    there are multiple computers that you need to force re-detection to
    occur on, you can follow the steps in KB326693
    (http://support.microsoft.com/default.aspx?scid=kb;en-us;326693)

     

    -----
    NTBugtraq Editor's Note:

    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.
    -----

  • Next message: A Wood: "AOL 9.0 Disables Built In Firewall in XP SP1"