Removing WSUS

A while back, the company I work for experimented with setting up a Windows Server Update Service (WSUS).  The idea is that you have one server that goes out and downloads all of the hotfixes, service packs, and so on for your network – then each of your client machines goes directly to the local WSUS server to get the weekly dose of patches, configurable by various group policies, and with monitoring to make sure that everything is going smoothly.  At the time we set it up, we were having crushing bandwidth problems – two servers downloading a service pack would pretty much disable the building…

Over time, the bandwidth problems were fixed, and as sometimes happens the WSUS server crumbled to dust.  For the most part nobody noticed – new servers and clients were not configured with the WSUS policy, downloading their hotfixes direct from Microsoft through plentiful bandwidth.  Unfortunately, older server and clients were left in the dark, sending cries out to a WSUS URL that will never respond…  oops

To Fix (and get your automatic updates to work again):

Delete the registry key at “HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate”.  For fun, restart the “Windows Update” service (not sure if this is necessary). 

I found this VBS file to be useful in figuring out if a server was still trying to use an old WSUS install, or if the problem was group-policy related.