Day: December 12, 2019

Posted in Active Directory, AWS, Patch Management, Windows

CONFIGURATION OF WSUS

Posted on by Akhil
  • After confirming with the desired language continue to select the products and the updates that are required for the servers to which the process of patch management should be done.
  • Option of synchronization is up to individual.
  • Begin with the initial synchronization as shown below.
  • Which results in a pop-up of the WSUS Console.
  • All the updates that are obtained once after the server gets in contact with the Microsoft cop. can be seen in this console.
  • Console > Updates > All Updates // Make sure the option (Unapproved and any) to be turned on as shown below.
  • As it is shown that these updates needed to be approved, select all the updates that are visible in the console and right click to approve them which will lead to a confirmation pop-up window as shown.
  • Right click on the group or the computers to which the patch management need to be done and approve for the installation.

Group policy management

Once the updates were approved by the PMS server, to push the desired updates to the client servers one need to update their group policy. This can be done in the Group Policy Management.

  • Windows Start > Server Manager > Tools > Group policy management // In the PMS server.
  • Create a GPO in this domain and Link it here.. by right clicking on the domain to which the patches need to be pushed.
  • Right click on the created group policy to edit which results in Group policy management editor.
  • Expand Computer configurations > Policies > Administrative Templates > Windows Components > Windows Updates.
  • Double click Configure Automatic Updates and set it to Enabled.
  • One has a freedom of selecting an option of how to configure the updates as shown below.
  • Click on Apply and then OK.
  • Double click Specify Intranet Microsoft Update Service Location and set it to Enabled.
  • Specify the intranet statistics server below in the format [http:Servername:8530] as shown.
  • Click on Apply and OK.
  • Proceed to the client server’s command prompt and force the server to update the group policy as shown below and wait for the servers to get appeared in the WSUS console under unassigned computers.

THE BLOG WILL BE CONTINUED