Installing and configuring WSUS on Windows Server 2012

wsus2Windows Server Update Services (WSUS) is used to distribute Microsoft patches, hotfixes and security updates in an environment. WSUS is counted as a basis of security management  to make sure every computer is up to date and does not have any security vulnerabilities.

It is a role in Windows Server 2012, also it can be downloaded from Microsoft web site and installed on server.  

  1. Open Server Manager console, click Add roles and features, then Next
  2. Select Role-based or feature-based installation, and click Next
  3. Choose Select a server from the server pool, select your desired server, then click Next
  4. Scroll down to select Windows Server Update Services. Some features like .NET and IIS should be installed before WSUS installed. So hit Add Features button to install them. The click on Next 4 times.
  5. On Content Location selection, you should specify a path for the updates to be stored locally. I will use C:\WSUS, and click Next, then Install
  6. Wait some times for the installation to be completed. Then click on Close
  7. Click Notifications on Server Manager window, then click on Launch Post-Installation tasks,wait again some moments
  8. Go to Administrative Tools, and open Windows Server Update Services
  9. At the first time, a wizard starts. Click on Next  twice
  10. On next page, because it is the first WSUS server, select Synchronize from Microsoft Update, then click on Next
  11. If you use a proxy server to connect to the Internet, specify its settings, and click Next
  12. Click Start Connecting to download update information
  13. Select Download updates only in these languages, and select the languages for which you want updates, then click Next
  14. The next page lets you specify the products for which you want updates. Select them and click Next
  15. The classifications page allows you to specify the update classifications you want to obtain. Select them as required , then click Next
  16. If you choose Synchronize automatically, the WSUS server will synchronize at set intervals. Set the time of the First synchronization and specify the number of Synchronizations per day that you want this server to perform. And click Next
  17. Leave the check boxes intact, and click Finish
  18. The next step is to configure Group Policy to configure clients to be updated via WSUS server. So open Group Policy
  19. Expand Computer Configuration, expand Administrative Templates, expand Windows Components, and then click Windows Update
  20. In the details pane, double-click Configure Automatic Updates. Click Enabled, then OK
  21. In the Windows Update details pane, double-click Specify intranet Microsoft update service location. Click Enabled, and specify the server name in both boxes. Here it is http://Server1.CyrusBesharat.local. Click OK
  22. The computers take a while to be located in WSUS console. Be sure to approve the updates before deploying to the clients
Advertisements
%d bloggers like this: