Created a winxp V-machine and joined it to the domain.
Now to configure the clients to get their updates from the WSUS, a new Group Policy Object (GPO) needs to be added since you are in AD. But if you are not deploying it, I think it can be done through modifying the registry or simply the local policies.
The DC is a fresh installation so I installed Group Policy Management Console (GPMC) or you can do it through management console and add snap-in (run -> mmc ), the first way is much neater.
Next I created a new GPO using GPMC, right click Group Policy Object and the name the new GPO, ex. WSUS. I only created on and applied it on the domain level but you can create multiple ones and link it to different Organizational Units (OU) depends on your organization structure and complexity.
Right click the newly created GPO and edit
Dive through computer configuration -> administrative templates -> windows components -> windows update and configure the following:
- Specify Intranet Microsoft Update Service Location
- Configure Automatic Updates
- Automatic Update Detection Frequency
Link the GPO appropriately, right click whatever object you want and link existing GPO. That was one of my mistakes linked in the wrong place so not all object got the policy. You can force the new GPO by running (gpupdate /force) on the client side
OH and a nice feature that you can do on the WSUS server level -you can configure GPO to do that-, create groups and assign computers to them so you can push updates to selected groups. I am thinking of having a testing group to test the updates before pushing it to all others, it’ll include helpdesk and IT people and maybe a server group and the rest.
When synchronizing, WSUS will connect to Microsoft updates and download whatever you specify, don’t forget to configure that option (options -> synchronization options) all you’ll download a hell lot of updates you don’t need -yeah another mistake from my side-
You can go through the updates and approve and select the group to install to. Also, the web management gives you details about what’s going on and which computers needs updates and what is installed, pretty decent.
Hmmm, I think that’s about it. I’m not sure if I am missing something but here is the link from Microsoft WSUS 3.0
If you think something is not right or I may have forgot something, please don’t hesitate to correct me 
Now I am formatting an IBM and since I am lazy I don’t have server OS image, so I have to do everything from scratch and also configure the RAID for the disks … that part NOT fun at all …
One thing down … trillion more to go …. ;D
The final thing:
Recent Comments