Scribd Logo
Upload

Welcome to Scribd!

  • AutoUpdate WSUS

    Uploaded by

    LiviuD
    27 views18 pages

    Original Title

    AutoUpdate_WSUS.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    27 views18 pages

    AutoUpdate WSUS

    Uploaded by

    LiviuD

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 18

    How to set up WSUS on Windows Server 2008 R2

    Posted on June 22, 2012 by Chris


    ComTech: IT Support Stirling

    Good morning my fellow readers. Today I am going to show you how to set up WSUS on Windows Server 2008 R2 . WSUS is fantastic
    for centralising management of Windows Updates throughout your network. Installing a WSUS server makes deploying patches and
    security fixes much easier and so by default makes your life easier too!!

    For the purpose of this tutorial I will be using Windows Server 2008 R2 SP1 with 1.5 Gb of RAM (you would use much more than this in a
    production environment).

    Open up Server Manager . Right click on Roles and then click Add Roles .
    When asked to select which roles you want to install click Windows Server Update Services and when prompted Add the additional
    roles that are required (eg Web Server IIS)
    During installation you will be prompted to accept the license agreement and then you will be asked where do you want to store all the
    updates. Either choose a new folder or accept the defaultC:\\WSUS location.
    You will now be asked to choose whether you want to install the Windows Internal Database or use an existing one instead. I tend to just
    install the database on the C drive in C:\\WSUS but the choice is yours.
    Next you will be asked for your web site preference. You can use the default IIS web site to access WSUS over the network or you can
    specify your own one. Again I quite happily choose the default for this.
    On the last page page review your options and then click next.

    The installation itself takes a long time but once installed the first thing we need to do is synchronize the WSUS server with Microsoft
    Update (or another WSUS server on the network) so expandServer Manager – Windows Server Update Services – Update Services
    – Options – Update Source and Proxy Server .
    For the purpose of this tutorial I will synchronise with Microsoft Update.
    Next we have to choose which products to download updates for so click on Products and Classifications .
    Choose all the products which you require updates for and click OK.

    Next we have to decide what languages to download the updates in (if you select all available languages your downloads will take a long
    time and take up a loads of disk space). Click onUpdate Files and Languages and then the Update Languages tab. Choose your
    language and then click Apply.
    We now need to decide when to check for new updates and when to download them. To accomplish this we need to click
    on Synchronization Schedule (shown below).

    You can synchronize manually but it is better to synchronize automatically on a daily schedule. Once you have set your daily schedule
    click Apply.

    With all the housekeeping done all that is left to do is to perfrom the initial synchronization so expand Server Manager – Windows
    Server Update Services – Update Services – Synchronizeand then right click and go to Synchronize Now . This will start the
    synchronize process.
    That is the configuration for the WSUS server complete.

    Distributing Updates across the network

    To accomplish this we need to set up a Windows Update Group Policy and then distribute it to all computers in the domain.

    To do this expand Start – Administrative Programs – Group Policy Management . Once the Group Policy Management Console is
    open expand Group Policy Management – Forest – Domains – “your domain” – Group Policy Objects . Right click on Group Policy
    Objects and go toNew .
    When the New GPO box appears eneter a name for the new GPO and then click OK. Your new GPO should be visible on the screen (as
    shown below). Right click on it and go to Edit .
    Now in the left panel expand Computer Configuration – Policies – Administrative Templates – Windows Components – Windows
    Update to get the screenshot below.
    The first setting to configure is Specify intranet Microsoft update service location . Right click and go to Edit .

    As shown above set this to enabled. Enter the location of your WSUS Server where required and then click Apply.
    The next setting to configure is Configure Automatic Updates . Set this to enabled and specify how the downloads should be installed
    and at what time. Once configured click Apply.
    Next we have to configure the Automatic Updates Detection Frequency policy.

    Enable the policy and set to 1 hr. Click Apply.


    Last thing we need to do on the GPO front is link it to the domain.

    The next time the computers on your domain restart their group policy settings will be updated and they will be pointed to the new WSUS
    server (screenshot of client computer shown below).

    You might also like