The cookie is supposed to have a 60 minute timeout, but I don't have all of
the specifics on this, and I've seen scenarios where the cookie does appear
to timeout like it should have.
My best suggestion is to put 'wuauclt /resetauthorization /detectnow/ in a
logon script for a couple of days. There will be a small extra load on the
clients and servers for executing this extra detection, but it'll be a lot
less significant than if you have to walk around to clients.
You could also use the psexec utility of SysInternals to remotely execute
Lawrence Garvin, M.S., MCTS, MCP
Independent WSUS Evangelist
MVP-Software Distribution (2005-2007)
Everything you need for WSUS is at
And, almost everything else is at