WSUS 3.0 Cleanup Manager

how schedule WSUS 3.0 Cleanup Manager?

"Nicola Sanavio" <> wrote in message
news:...
| how schedule WSUS 3.0 Cleanup Manager?


Perhaps try the WSUS Newsgroup
http://www.microsoft.com/technet/com...pdate_services

news://msnews.microsoft.com/microsof...pdate_services
(OE client)

xposted for convenience
--
====================================
TaurArian [MS-MVP] 2005-2007 - Australia
====================================
How to make a good post: http://www.dts-l.org/goodpost.htm
Backup and data recovery: http://www.acronis.com.sg/
Enhancing file system performance: http://www.diskeeper.com/defrag.asp
Defending your machine: http://defendingyourmachine2.blogspot.com/

The Cleanup Wizard is not configurable. There are sample scripts on the
Script center that you can use with MOM or via task Scheduler to do this
automatically

--
Cecil [MSFT]
Deployment, WSUS
Microsoft

This posting is provided "As Is" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

"TaurArian [MS-MVP]" <> wrote in message
news:%23NBa$...
> "Nicola Sanavio" <> wrote in message
> news:...
> | how schedule WSUS 3.0 Cleanup Manager?
>
>
> Perhaps try the WSUS Newsgroup
> http://www.microsoft.com/technet/com...pdate_services
>
> news://msnews.microsoft.com/microsof...pdate_services
> (OE client)
>
> xposted for convenience
> --
> ====================================
> TaurArian [MS-MVP] 2005-2007 - Australia
> ====================================
> How to make a good post: http://www.dts-l.org/goodpost.htm
> Backup and data recovery: http://www.acronis.com.sg/
> Enhancing file system performance: http://www.diskeeper.com/defrag.asp
> Defending your machine: http://defendingyourmachine2.blogspot.com/
>
>

Hello, I can't find in the script cenrter the sample script I could use with
Task scheduler to run automatically the cleanup wizard that comes with WSUS
3.0 : could you copy and paste (or provide URL) for such a script in this
forum please ?

Thanks a lot,
Damien

"Cecils(MSFT)" wrote:

> The Cleanup Wizard is not configurable. There are sample scripts on the
> Script center that you can use with MOM or via task Scheduler to do this
> automatically
>
> --
> Cecil [MSFT]
> Deployment, WSUS
> Microsoft
>
> This posting is provided "As Is" with no warranties, and confers no rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
> "TaurArian [MS-MVP]" <> wrote in message
> news:%23NBa$...
> > "Nicola Sanavio" <> wrote in message
> > news:...
> > | how schedule WSUS 3.0 Cleanup Manager?
> >
> >
> > Perhaps try the WSUS Newsgroup
> > http://www.microsoft.com/technet/com...pdate_services
> >
> > news://msnews.microsoft.com/microsof...pdate_services
> > (OE client)
> >
> > xposted for convenience
> > --
> > ====================================
> > TaurArian [MS-MVP] 2005-2007 - Australia
> > ====================================
> > How to make a good post: http://www.dts-l.org/goodpost.htm
> > Backup and data recovery: http://www.acronis.com.sg/
> > Enhancing file system performance: http://www.diskeeper.com/defrag.asp
> > Defending your machine: http://defendingyourmachine2.blogspot.com/
> >
> >
>
>

Damien Rouaud schrieb:

> Hello, I can't find in the script cenrter the sample script I could use with
> Task scheduler to run automatically the cleanup wizard that comes with WSUS
> 3.0 : could you copy and paste (or provide URL) for such a script in this
> forum please ?

Managing WSUS 3.0 from the Command Line:
http://technet2.microsoft.com/Window...949431033.mspx

Winfried
--
http://www.microsoft.com/germany/win...s/default.mspx
http://www.wsuswiki.com/Home

Thanks, unfortunately, none of wsusutil commands gets close to what can be
done with the cleanup wizard, not even removeinactiveapprovals, which is nice
but won't do anything for storage related issues.
It would have been nice to be able to do what wsusdebugtool let us do so
easily but I don't think WSUS 3.0 supports this tool that came along previous
relaeases of WSUS ?

Regards,
Damien

"Winfried Sonntag [MVP]" wrote:

> Damien Rouaud schrieb:
>
> > Hello, I can't find in the script cenrter the sample script I could use with
> > Task scheduler to run automatically the cleanup wizard that comes with WSUS
> > 3.0 : could you copy and paste (or provide URL) for such a script in this
> > forum please ?
>
> Managing WSUS 3.0 from the Command Line:
> http://technet2.microsoft.com/Window...949431033.mspx
>
> Winfried
> --
> http://www.microsoft.com/germany/win...s/default.mspx
> http://www.wsuswiki.com/Home
>

"Damien Rouaud" <> wrote in message
news5EA6F0C-32A3-4C56-ABA8-...
> Thanks, unfortunately, none of wsusutil commands gets close to what can be
> done with the cleanup wizard, not even removeinactiveapprovals, which is
> nice
> but won't do anything for storage related issues.
> It would have been nice to be able to do what wsusdebugtool let us do so
> easily but I don't think WSUS 3.0 supports this tool that came along
> previous
> relaeases of WSUS ?

Damien.. the simple answer is that you can do *anything* currently available
in the UI by writing a command-line tool that calls the appropriate API
calls.

All you need is some VB skills, the VB compiler, and the WSUS SDK.

If there's anything in the samples, you'll find them on the main WSUS
website, under the link "API Samples and Tools".

http://download.microsoft.com/downlo...nd%20tools.exe

--
Lawrence Garvin, M.S., MCTS, MCP
MVP - Software Distribution (2005-2007)

Thanks Mr garvin, I know you are right and I bought the books to do so a
couple of months ago (the commodity I need now is time but, well...).

Regarding WSUS utilities, it is not very obvious to me when I look at
http://technet.microsoft.com/fr-fr/wsus/bb466192.aspx if Server Diagnostic
tool (wsusdebugtool.exe) and Client diagnostic tool (CleintDiag.exe) are
still appropriate to use with WSUS 3.0.

I have tried command line WsusDebugTool.exe /Tool:PurgeUnneededFiles and it
did remove around 100 Mb of update files after I ran the WSUS 3.0 cleanup
wizard, but then the WSUS console was telling me it had to download again the
4 Gb of updates we require (considering our selection of produts, language
and approbation rules). After 20 minutes, the WSUS console reported the
downlaod was finished meanng to me it actually didn't download the file after
checking its presence locally.

I am not gonna use the PurgeUnneededFiles command again but it would be nice
to get an update about this utilities : is wsusutil the only one adequate
with WSUS 3.0 ?

I also tried ClientDiag and it reported pretty well apart from a security
error at the end which is probably caused by our implementation of SSL (it
does work very well so far).

Thanks again,
Damien


"Lawrence Garvin [MVP]" wrote:

> "Damien Rouaud" <> wrote in message
> news5EA6F0C-32A3-4C56-ABA8-...
> > Thanks, unfortunately, none of wsusutil commands gets close to what can be
> > done with the cleanup wizard, not even removeinactiveapprovals, which is
> > nice
> > but won't do anything for storage related issues.
> > It would have been nice to be able to do what wsusdebugtool let us do so
> > easily but I don't think WSUS 3.0 supports this tool that came along
> > previous
> > relaeases of WSUS ?
>
> Damien.. the simple answer is that you can do *anything* currently available
> in the UI by writing a command-line tool that calls the appropriate API
> calls.
>
> All you need is some VB skills, the VB compiler, and the WSUS SDK.
>
> If there's anything in the samples, you'll find them on the main WSUS
> website, under the link "API Samples and Tools".
>
> http://download.microsoft.com/downlo...nd%20tools.exe
>
> --
> Lawrence Garvin, M.S., MCTS, MCP
> MVP - Software Distribution (2005-2007)
>
>

"Damien Rouaud" <> wrote in message
news:562B43C7-F43E-416D-92F7-...
> Thanks Mr garvin, I know you are right and I bought the books to do so a
> couple of months ago (the commodity I need now is time but, well...).
>
> Regarding WSUS utilities, it is not very obvious to me when I look at
> http://technet.microsoft.com/fr-fr/wsus/bb466192.aspx if Server Diagnostic
> tool (wsusdebugtool.exe) and Client diagnostic tool (CleintDiag.exe) are
> still appropriate to use with WSUS 3.0.

The Client Diagnostic Tool is still appropriate for use, just make note of
the quirk where the CDT reports a WUA v7.0 installation as a WSUS 2.0
client.

The Server Diagnostic Tool, however, has been mostly consumed into the core
product of WSUS 3.0. I can't think, off the top of my head, of any regularly
used functions of the Server Diagnostic Tool that would still require that
tool. Also, since that tool was written against the WSUS 2.0 API, it may or
may not have full and correct functionality even if those utilities are
used.


> I have tried command line WsusDebugTool.exe /Tool:PurgeUnneededFiles and
> it
> did remove around 100 Mb of update files after I ran the WSUS 3.0 cleanup
> wizard,

Then you might want to check the options you chose for the cleanup wizard,
because the Cleanup Wizard should find everything and then some more, that
would have been found by the WsusDebugTool.

> but then the WSUS console was telling me it had to download again the
> 4 Gb of updates we require (considering our selection of produts, language
> and approbation rules).

This sounds like the default option "Only download approved files" has been
disabled.

> After 20 minutes, the WSUS console reported the
> downlaod was finished meanng to me it actually didn't download the file
> after
> checking its presence locally.

This could also be the case.

Did you perform this 'cleanup' on a replica server? There are several
special considerations when doing cleanup on replica servers.


> I am not gonna use the PurgeUnneededFiles command again but it would be
> nice
> to get an update about this utilities : is wsusutil the only one adequate
> with WSUS 3.0 ?

I would *not* recommend using the /PurgeUnneededFiles utility anyway. Use
the Server Cleanup Wizard.

> I also tried ClientDiag and it reported pretty well apart from a security
> error at the end which is probably caused by our implementation of SSL (it
> does work very well so far).

What 'security error' did you get? The CDT should not report any errors in a
properly configured SSL WSUS3 environment.

Thanks Mr Garvin,

I indeed ran the cleanup wizard with all options checked on a replica
server, the very same one on which I also tried the wsusdebugtool
/purgeunneededfiles commands with the results I described.

Could you please elaborate on the special considerations I should have when
performing the cleanup wizard on a replica?

Regarding the "Only download approved files", it was enabled and I am
absolutely sure it hasn't been disabled at any stage (I guess I could check
in the change.log file if necessary but here I am sure). Never mind, I will
keep in mind I cannot use the wsusdebugtool /purgeunneededfiles command
anymore (it was actually a lazy way for me to automate the cleanup process
but it looks like time is coming to invest a bit in Visual Basic programming
!).

Last but not least, here is the result I get when performing ClientDiag on a
workstation managed by this replica server :

WSUS Client Diagnostics Tool

Checking Machine State
Checking for admin rights to run tool . . . . . . . . . PASS
Automatic Updates Service is running. . . . . . . . . . PASS
Background Intelligent Transfer Service is not running. PASS
Wuaueng.dll version 7.0.6000.374. . . . . . . . . . . . PASS
This version is WSUS 2.0

Checking AU Settings
AU Option is 4: Scheduled Install . . . . . . . . . . . PASS
Option is from Policy settings

Checking Proxy Configuration
Checking for winhttp local machine Proxy settings . . . PASS
Winhttp local machine access type
<Direct Connection>
Winhttp local machine Proxy. . . . . . . . . . NONE
Winhttp local machine ProxyBypass. . . . . . . NONE
Checking User IE Proxy settings . . . . . . . . . . . . PASS
User IE Proxy. . . . . . . . . . . . . . . . . NONE
User IE ProxyByPass. . . . . . . . . . . . . . NONE
User IE AutoConfig URL Proxy . . . . . . . . . NONE
User IE AutoDetect
AutoDetect not in use

Checking Connection to WSUS/SUS Server
WUServer = https://bkkws2k3dpt001.bkk.local:8531
WUStatusServer = https://bkkws2k3dpt001.bkk.local:8531
UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS
Connection to server. . . . . . . . . . . . . . . . . . PASS

WinHttpDownloadFileToMemory(szURLDest, NULL, 0, NULL, NULL, NULL,
&downloadBuffer) failed with hr=0x80072f8f

A security error occurred

It is obviously this last line that disturbs me as all computers - including
this one -properly report to the WSUS server, get updates, install them and
report back.

If you have any pointer on this error, it would be most welcomed.

Regards,
Damien


"Lawrence Garvin [MVP]" wrote:

> "Damien Rouaud" <> wrote in message
> news:562B43C7-F43E-416D-92F7-...
> > Thanks Mr garvin, I know you are right and I bought the books to do so a
> > couple of months ago (the commodity I need now is time but, well...).
> >
> > Regarding WSUS utilities, it is not very obvious to me when I look at
> > http://technet.microsoft.com/fr-fr/wsus/bb466192.aspx if Server Diagnostic
> > tool (wsusdebugtool.exe) and Client diagnostic tool (CleintDiag.exe) are
> > still appropriate to use with WSUS 3.0.
>
> The Client Diagnostic Tool is still appropriate for use, just make note of
> the quirk where the CDT reports a WUA v7.0 installation as a WSUS 2.0
> client.
>
> The Server Diagnostic Tool, however, has been mostly consumed into the core
> product of WSUS 3.0. I can't think, off the top of my head, of any regularly
> used functions of the Server Diagnostic Tool that would still require that
> tool. Also, since that tool was written against the WSUS 2.0 API, it may or
> may not have full and correct functionality even if those utilities are
> used.
>
>
> > I have tried command line WsusDebugTool.exe /Tool:PurgeUnneededFiles and
> > it
> > did remove around 100 Mb of update files after I ran the WSUS 3.0 cleanup
> > wizard,
>
> Then you might want to check the options you chose for the cleanup wizard,
> because the Cleanup Wizard should find everything and then some more, that
> would have been found by the WsusDebugTool.
>
> > but then the WSUS console was telling me it had to download again the
> > 4 Gb of updates we require (considering our selection of produts, language
> > and approbation rules).
>
> This sounds like the default option "Only download approved files" has been
> disabled.
>
> > After 20 minutes, the WSUS console reported the
> > downlaod was finished meanng to me it actually didn't download the file
> > after
> > checking its presence locally.
>
> This could also be the case.
>
> Did you perform this 'cleanup' on a replica server? There are several
> special considerations when doing cleanup on replica servers.
>
>
> > I am not gonna use the PurgeUnneededFiles command again but it would be
> > nice
> > to get an update about this utilities : is wsusutil the only one adequate
> > with WSUS 3.0 ?
>
> I would *not* recommend using the /PurgeUnneededFiles utility anyway. Use
> the Server Cleanup Wizard.
>
> > I also tried ClientDiag and it reported pretty well apart from a security
> > error at the end which is probably caused by our implementation of SSL (it
> > does work very well so far).
>
> What 'security error' did you get? The CDT should not report any errors in a
> properly configured SSL WSUS3 environment.
>
>
>