How To Install Wsus On Server 2016 Step By Step

How to Install and Configure WSUS in Windows Server 2022

• What is WSUS Windows Server 2022?
• Steps to Install and Configure WSUS Windows Server 2022 Server Office
  • Setup Servers that Meet WSUS Installation Requirements
    • System Requirements for Installing WSUS Office
    • Other WSUS Windows Server 2022 Role Installation Requirements
    • WSUS Windows Server 2022 Database Requirements
    • Additional Installation Requirements
    • Perform WSUS (Windows Server Update Service) Pre-installation Tasks
  • Install WSUS Windows Server 2022 Server Role
  • Configure WSUS Windows Server 2022 Using the WSUS Configuration Wizard
  • Configure Downstream Servers for WSUS Windows Server 2022
    • Continue with Downstream Server Configuration
  • Configure Group Policies for WSUS Windows Server 2022 Updates
    • Configure GPO for WSUS Windows Server 2022
    • Link the WSUS Windows Server 2022 GPO to a Container
    • Concluding Notes Regarding WSUS (Windows Server Update Service) GPO
  • Configure Client-Side Targeting for WSUS Windows Server 2022
• Other Helpful Guides
• Boosted Resources and References

What is WSUS Windows Server 2022?

WSUS Windows Server 2022 is a Microsoft Server role that allows download and installation of Operating System updates to computers in a local network.

Organization Administrators use WSUS (Windows Server Update Service) to create calculator groups to ease patch management. Besides, Windows Server Update Service server can also generate compliance reports to determine computers that demand specific updates.

In this tutorial y'all will learn how to:

• Install and configure the WSUS Windows Server 2022 Server office
• Configure group policies for WSUS Windows Server 2022 updates
• Set up Customer-side targeting for WSUS Windows Server 2022

If you follow the setup in this tutorial you lot should be able to setup a working WSUS server infrastructure.

To walk through the installations and configurations discussed in this tutorial, you need a Domain Controller, 2 WSUS servers (one as upstream, another equally downstream server) and a Windows 10 Client computer. All computers must be members of the Ad Domain.

Steps to Install and Configure WSUS Windows Server 2022 Server Office

Here are the steps to install and setup Windows Server Update Service in Windows Server 2022

Setup Servers that Meet WSUS Installation Requirements

Before y'all install WSUS Windows Server 2022 function, you need to confirm that your server meets the requirements. Below are the requirements.

System Requirements for Installing WSUS Role

• Processor: 1.4 gigahertz (GHz) x64 processor (2Ghz or faster is recommended)
• Memory: WSUS server requires an boosted ane.5GB of RAM – in a higher place and beyond what is required by Windows Server 2022.
• Available deejay space: 10 GB (recommended: 40GB or more)
• Network adapter: 100 megabits per second (Mbps) or greater

Other WSUS Windows Server 2022 Role Installation Requirements

• If there is a pending restart requirement, restart the server before you enable the Windows Server Update Service server part.
• Additionally, Microsoft .NET Framework four.5 must be installed on the server.
• The NT Authority\Network Service account must take Total Control permissions for the post-obit folders:

%windir%\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files and %windir%\Temp folders. This path might not be prior to installing Cyberspace Data Services (IIS).

• Finally, the installation account must be a member of the Local Administrators group

WSUS Windows Server 2022 Database Requirements

At least i of these databases is required:

• Windows Internal Database (WID)
• Microsoft SQL Server 2022
• MS SQL Server 2022
• Microsoft SQL Server 2022
• MS SQL Server 2022
• Microsoft SQL Server 2008 R2

Additional Installation Requirements

Autonomously from the requirements listed above, below are further considerations and requirements:

• You can install WSUS server function and the database server on divide computers. Notwithstanding,
• The Database server cannot be a Domain Controller.
• Also, the WSUS server cannot run Remote Desktop Services
• The Database server and the WSUS server must exist in the same AD Domain. If in different domains, the domains must have a trust relationship.
• Finally, the two servers must be in the aforementioned time zone or exist synchronized to the same GMT fourth dimension source.

Perform WSUS (Windows Server Update Service) Pre-installation Tasks

Before you install Windows Server Update Service role, perform the post-obit tasks:

• Add the Domain Admin account as fellow member of the Local Administrators group on the server you wish to install WSUS part: Open Server Manager, so click Tools and select Figurer Management. On Reckoner Direction, click Local Users and Groups. Double-click Groups then double-click Administrators group. Finally confirm that the installation business relationship is a member of the local administrators group.

• Confirm that Microsoft .NET Framework 4.5 (4.6 on Windows Server 2022) is installed. If not, install information technology: Open Server Manager. And then click Add Roles or Features. On the first page click Next. So select Function-based or Characteristic-based installation. Click Adjacent until you go to Features.

• Next, confirm that the Network Service account have Full Control permissions to: %windir%\Microsoft.Internet\Framework64. Right-click Framework64 and select Properties, so click the Security tab.

Important Tip
To be able to modify the permission of Framework64 you may need to take ownership of the folder. You may as well demand to add your account to the local administrators group.

• Confirm that the server y'all wish to install WSUS role meet the following requirements: Retention is 1.5 GB of RAM – to a higher place and beyond what is required by Windows Server 2022. Available deejay infinite: 10 GB (twoscore GB or greater is recommended). Finally, confirm that your network adapter is 100 megabits per 2d (Mbps) or greater.

Install WSUS Windows Server 2022 Server Role

At present you are set up to install WSUS. Follow the steps beneath:

• Log on to the server and open Server Director (should unremarkably open by default).
• From Server Manager (meridian right corner), click Manage then select Add Roles and Features.

• On the "Earlier yous brainstorm" page, click Next.
• On the "Select Installation type" select "Role-based or feature-based installation" and click Side by side.

• Next, on the "Select Destination server page", select the server you wish to install WSUS (Windows Server Update Service) role and click Next.

• Adjacent page presents option to select the roles you wish to install. Check the boxes beside Windows Server Update Service. A page will load asking yous to confirm boosted features to install. Click Add Features. And so click Next.

• The "Select features" page loads. To keep click Side by side.

• Notation the data in the Windows Server Update Services folio. Then click Adjacent to proceed.

• Review the features checked below. And then click Next.

• Enter a local or remote path to store updates.

• On the Web Server (IIS) Role information page, read the information and then click Next to proceed.
• Then review the server roles and features you selected. Click Next.

• Finally, on the confirmation page, review your selections. Check the box Restart the destination server automatically if required and click Install.

WSUS office may also be installed by running the PowerShell control below:

Install-WindowsFeature -Proper name UpdateServices -IncludeManagementTools

Configure WSUS Windows Server 2022 Using the WSUS Configuration Magician

Afterwards installing WSUS Windows Server 2022, the next step is configuration. To configure the function:

• Open Server Director and click the yellow bister triangle. And so select Launch Post-installation tasks. Await for the post-installation job to consummate. Then go along to the next step.

• However on Server Director, click Tools and then select Windows Server Update Services.

• Read the information on the "Before you begin" page, then click Adjacent to proceed.

• Next, make up one's mind whether you wish to join the Microsoft Update Improvement Plan or not. Click Adjacent.

• The next stage is very disquisitional every bit this is where you decide the WSUS Server that connects to Microsoft Updates Server. Select Synchronize from Microsoft Update. And then to proceed click Next.

• If y'all require a proxy server to connect to the internet, configure it here.

• Read the relevant information on the Connect to Upstream Server page then click Kickoff Connecting.

Important Tip
The previous stride may accept old to complete depending on your internet connection.

• Once the connection task is completed, click Next.

• Select the languages to download then click Adjacent. I am downloading just English.

• Choose the products you wish to download updates for. If yous are in a production environment, download updates for all products in your surroundings.

• Make up one's mind updates nomenclature to download. In nigh cases the defaults are okay.

• Decide how yous wish to synchronize your WSUS server with Microsoft Updates server. In a product environment, this has a lot of implications. Consider the number of updates to download, and your internet bandwidth.

• On the Finish page, check Begin initial synchronization and click Side by side. Then click Finish.

Configure Downstream Servers for WSUS Windows Server 2022

In a production environs with computers in dissimilar locations, a downstream server may be required. The downstream server will download updates from your upstream server and distribute the updates to computers in its local network. This style, you avert updates installing over WAN links.

The steps below volition walk y'all through how to configure a downstream WSUS Windows Server 2022 server.

Important Tip
To perform this job you would have installed Windows Server Update Service role on the downstream server. Moreover, you should also perform mail service-installation task.

• Log on to the second WSUS server. From Server Manager click Tools then Select Windows Server Update Services.
• On the Earlier you lot begin page, click Adjacent.

• Determine whether to join the Microsoft Update improvement program or not. Click Next to proceed.

• On the Choose Upstream Server page, enter the name of your upstream WSUS server. And then check the boxes Use SSL when synchronizing update information and This is a replica of the upstream server. To proceed click Side by side.

Of import Tip
Depending on your environment, you may decide non to configure the downstream server equally a replica of the upstream. Even so, it is strongly recommended to use SSL.

• On the Specify Proxy Server page, click Next.

• Finally, to synchronize with the upstream WSUS server, click Start Connecting.

Important Tip
If you receive HTTP error, check that your upstream server is configured to accept SSL connection. Alternatively, y'all could get dorsum and uncheck Use SSL when synchronizing update information.

Keep with Downstream Server Configuration

In the terminal task when you click Outset Connecting, it may take sometime for the magician to process your request.

• When the Next button becomes available, click it to proceed.

• Compared to the same screen when we configured the upstream server, the but available linguistic communication is English. Click Next to keep.

• Earlier in the tutorial we configured sync schedule for the upstream server. Exercise the same beneath. If y'all are working in a production environment, be sure to prepare the time below to happen after the upstream server has synced.

• Finally, check Begin initial synchronization box and then click Finish.

Configure Grouping Policies for WSUS Windows Server 2022 Updates

The next pace is to use group policy settings to automatically configure WSUS.

Important Tip
In a complex production environment, you can create different Group Policy Objects (GPOs) and link them to dissimilar Organizational Units (OUs). For this tutorial, I volition link a single GPO to the acme of the domain.

• To begin, login to the Domain Controller. Open Server Manager, click Tools and so select Group Policy Management.

Important Tip
To go to the Domain, you may need to expand the Forest container then expand the Domain container.

• Side by side, make a copy of the Default Domain Policy GPO. To do this aggrandize the Group Policy Objects container. Then Drag the Default Domain Policy GPO into the Group Policy Objects container.

• Then, on the Copy GPO dialogue box, have the default permission and click Ok. The GPO will exist copied. Click Ok on the copy dialogue box.

• A new GPO, Copy of Default Domain Policy is created.

• It is a practiced thought to rename the copied GPO to a more memorable proper name. I chosen mine "WSUS GPO". To rename the GPO right-click it and then select Rename. In the side by side step, you will edit the GPO and configure WSUS settings

Configure GPO for WSUS Windows Server 2022

At present that yous have created a GPO for WSUS Windows Server 2022, next pace is to configure the GPO settings.

• To begin, correct-click the new GPO and select Edit. The Group Policy Management Editor opens.

• Beneath the Computer Configuration container, expand Policies. So navigate to \Administrative Templates\Windows Components. Click Windows Update. Finally, beneath the window select the Standard tab.

• In the details pane, double-click Configure Automated Updates. On the GPO settings, select Enabled, then configure automated updates settings. Read the help page (right) to help you brand a option to meet your requirement. When y'all end click Ok to save your changes.

• Back to the Group Policy Management Editor double-click the Specify intranet Microsoft update service location policy.

• Click the Enable option. And so on the Fix the intranet update service for detecting updates and Set the intranet statistics server boxes, enter the WSUS server name you wish to use. Enter in the format shown. Finally, click Ok to apply your changes.

Important Tip
If you used a dissimilar port number, call back to include it here. Also as important is the SSL option. If your server is configured for SSL, employ https, otherwise apply http.

• Before you close Grouping Policy Management Editor confirm that the two policy settings (highlighted in reddish below) are Enabled. Then close the editor and keep to the side by side step.

Link the WSUS Windows Server 2022 GPO to a Container

As I said earlier, you can link your WSUS GPO to OUs or directly on the domain. All-time practice is to link the GPO to OUs containing your Computers. For this tutorial though, I will be linking the GPO to the domain.

• To link the WSUS GPO to a container, drag it to the container. Mine is linked to the domain. You will exist prompted to confirm the link. Click Yes.

• The GPO is now linked to the domain!

Final Notes Regarding WSUS (Windows Server Update Service) GPO

Computers in the container are expected to accept the configuration in the GPO. When a figurer updates the GPO it should announced in the WSUS (Windows Server Update Services) console.

Computers may take upward to xxx minutes to bear witness up in WSUS console. To strength GPO update on a computer, run the command beneath from the computer:

gpupdate /strength

To force a computer to exist detected immediately by the WSUS server, execute the command below:

wuauclt.exe /detectnow

Configure Client-Side Targeting for WSUS Windows Server 2022

Client-side targeting, configured via Group Policy is used to add computers to WSUS groups. The WSUS group a figurer belongs determines the updates that volition exist applied to it.

When client-side targeting is enabled, client computers identifies WSUS computer groups they should be added to. The information is sent to the server when the customer communicates with the server. The WSUS server then uses the information received from the client to decide which updates are deployed to the customer figurer.

The steps below volition walk you through enabling customer-side targeting via group policy.

• Log on to the Domain Controller and open Grouping Policy Management (via Server Manager).
• Next, right-click the GPO you lot created before and select Edit. Group Policy Direction Editor opens. Navigate to \Administrative Templates\Windows Components. Click Windows Update

• In the details pane, double-click Enable Client-side targeting Policy.

• Enable the policy. Then on the Target group name for this computer, enter the proper name of the WSUS group. Click Ok to save your changes.

Important Tip
The name of the group entered higher up must be created nether the All Computers container in WSUS.

There you have it – WSUS installation and configuration! I promise you plant this Itechguide helpful.

If y'all have any questions or comments, kindly use the "Leave a Answer" course below.

Other Helpful Guides

• Active Directory Concepts & Administration
• Active Directory Domain Services: Installation & Configuration
• What is Active Directory (Top 50 Advert Questions Answered)

Additional Resources and References

• Windows Server 2022: A cheat sheet

• Was this mail service helpful?
• Yes (ane)No (0)

Source: https://www.itechguides.com/wsus-windows-server-2016/

Posted by: smithocied1993.blogspot.com

Share this post