Windows Server Update Services или сокращённо WSUS — инструмент компании Microsoft в серверных редакциях ОС, предоставляющий системным администраторам возможность управлять жизненным циклом обновлений для операционных систем Windows и других продуктов Microsoft по всей сети организации. WSUS позволяет администраторам централизованно одобрять, отклонять и планировать обновления для развертывания на клиентских компьютерах и серверах. Он также предоставляет базовые возможности отчетности и мониторинга для отслеживания соответствия обновлений и выявления потенциальных проблем. В этой инструкции рассмотрим, как развернуть WSUS Server на Windows Server 2022.
Установка роли
Перед тем, как начать необходимо проверить соответствие сервера минимальным требованиям:
- Минимум 2Гб ОЗУ + к системе (4 ГБ)
- CPU 1,5 ГГц
- Достаточный объем свободного места. Лучше использовать отдельный диск под хранение обновлений
Когда требования выполнены, приступим к установке:
Откроем Server Manager, затем выберем пункт «Add roles and features» в меню «Manage».
Кликнем «Next» в окне «Before you begin».
Выберем опцию «Role-based or feature-based installation» и далее «Next». Укажем сервер, на который соответственно будет установлена роль WSUS и далее жмём «Next».
Выбираем опцию «Windows Server Update Services» в перечне ролей. При этом автоматически будут установлены зависимые и требующиеся компоненты. Жмём «Add Features» и «Next».
На экране «Select features» выберем опцию «Windows Internal Database» и нажмём «Next». После нажимаем снова «Next».
На экране «Select role services» должны стоять галки «WID Connectivity» и «WSUS services». Нажимаем «Next».
В окне «Content» укажем путь к хранилищу обновлений.
На экране «Web Server Role» оставляем компоненты для установки IIS, предложенные системой по умолчанию и нажмём «Next».
Подтверждаем установку на следующем экране, жмём «Install».
Нажимаем «Install»
После завершения установки выбираем опцию «Launch Post-Installation tasks» и закроем кнопкой «Close».
На экране «Join the Microsoft Update Improvement Program (optional)» выберите опцию «I do not want to join the program at this time» и нажмите «Next».
На экране «Microsoft Software License Terms» нажмём «I accept the license terms».
На экране «Choose Upstream Server» выберем опцию «Synchronize from Microsoft Update» и далее нажимаем «Next».
На экране «Specify Proxy Server», если прокси не используется, можно пропустить и нажать «Next».
В окне «Connect to Upstream Server” нажимаем «Start Connecting». Ждём завершения операции и нажимаем «Next».
На экране «Choose Languages» выберем только те языки, для которых необходимо синхронизировать обновления.
На экране «Choose Products» выберем продукты Microsoft, для которых необходимо синхронизировать обновления.
На экране «Choose Classifications» выберем классификации обновлений, которые необходимо синхронизировать.
На экране «Ready to Install» нажмём «Finish». Необходимо также дождаться синхронизации обновлений.
После этого можно производить базовую настройку с помощью оснастки «Update Services» , включая:
- Synchronization Schedule — настройка графика синхронизации обновлений в соответствии с требованиями организации
- Email Notifications — уведомления по электронной почте для администраторов о новых обновлениях
- Настройка правил утверждений обновлений для развертывания на хостах
- Настройка крайних сроков (дедлайнов) установки
- Управление и создание групп хостов
- Отчётность и контроль состояния установок
WSUS Server — инструмент для управления и распространения апдейтов и патчей для ОС Windows и других продуктов Microsoft по всей сети организации. Настройка WSUS не сложна, но требует определенных знаний и навыков. Следуя этой инструкции, вы сможете успешно настроить WSUS Server на Windows Server 2022 и обеспечить свои системы последними обновлениями безопасности и программного обеспечения.
191028
Санкт-Петербург
Литейный пр., д. 26, Лит. А
+7 (812) 403-06-99
700
300
ООО «ИТГЛОБАЛКОМ ЛАБС»
191028
Санкт-Петербург
Литейный пр., д. 26, Лит. А
+7 (812) 403-06-99
700
300
ООО «ИТГЛОБАЛКОМ ЛАБС»
How to Setup WSUS Server on Windows Server 2022. In this guide, we will introduce WSUS, its advantages then explain how to install and configure WSUS on Windows Server 2022.
What is Windows Server Update Services (WSUS)?
The Windows Server Update Services (WSUS) is a Microsoft program that allows administrators to keep their Windows servers up to date by downloading the latest updates from Microsoft and distributing them to computers on the network.
Further, administrators plan, manage, and deploy patches and hotfixes for client operating systems, Microsoft applications, and Windows Servers using WSUS. Primarily, a free product from Microsoft that provides more control over updates than other tools. Also, WSUS offers a central location for clients to acquire the updates.
Many small and medium sized businesses (SMBs) easily use the free and simple tool to manage Microsoft Windows updates. In fact, Windows 8.1, 10, and 11 are all supported by Microsoft client operating systems that uses WSUS.
In other words, WSUS will soon be a part of Server 2022, but at present, it is compatible with Windows Server 2008 R2, 2012, 2012 R2, 2016, and 2019.
The free add on application helps administrators in analysing the current system and manage downloads. In effect, it offers enhanced reporting capabilities as well as supports multiple languages. Further, it includes security updates, drivers, update rollups, and feature packs. Based on the number of client machines, administrators deploy WSUS servers. In case, you deploy two or more WSUS servers, you have the authority to decide whether you want to connect one or more servers to Microsoft update. In detail, the Microsoft Update connected servers serve as a source of updates for other servers in the network.
Simultaneously, automatic alerts are an important part of WSUS. When a new update is released, WSUS automatically sends out an alert to the system administrators. This way, the system administrators deploy the update to their computers. Another fact about WSUS is – it is a complex program, and it takes a lot of time to set it up and manage it.
In simple terms, Windows Server Update Services (WSUS) is a centralized software distribution service that helps administrators distribute updates to Windows computers in an organization. Using WSUS, you reduce the time it takes to deploy updates to Windows computers.
Benefits of Windows Server Update Services (WSUS)
In like fashion, Microsoft provides a number of updates for its products on a regular basis, among them critical updates, security updates, and updates related to drivers, service packs, and tools are common. Hence, in order to fix security flaws and guarantee client machines function as intended, installing these updates on client machines is necessary.
But manually inspecting, authorizing, and installing updates takes a lot of time and effort. Further, manually verifying that each client system received the proper upgrades is error prone. Also, you might leave your IT environment open to threats from the internet.
Hence, it is best to use Windows Server Update Services. You may consolidate and automate update management for Microsoft products using Windows Server Update Services. This makes it easier to decide which computers need a particular update and when and how to deploy updates.
Additionally, without interfering with worker productivity, you may schedule updates and check for client workstations that need to have updates installed. In a way, you also save on your corporate internet bandwidth using WSUS.
If you use Internet Explorer as your web browser, you can remotely manage WSUS servers using HTTP or HTTPS. Further, it allows deploying updates to clients in multiple languages.
Another feature of WSUS that makes it a better solution is the enhanced reporting capabilities. The reports generated help determine health status and update deployment metrics.
Also, if you have already purchased the Windows Server license, you do not require any extra licensing.
Surely, another great benefit of WSUS is it allows administrators to test if the launched update works with their network or not. Further, it helps in installing updates without affecting the production work, mainly during the maintenance time frame.
Now it is the main part of this article How to Setup WSUS Server on Windows Server 2022.
WSUS Azure
WSUS AWS
WSUS GCP
How to Setup WSUS Server on Windows Server 2022
In this section, we show you how to install and configure Windows Server Update Service on Windows Server 2022.
Prerequisites
- A server running Windows Server 2022 operating system along with RDP access.
- A user with administrative privileges.
- Minimum 4 GB of RAM with 2 Cores CPU.
Install WSUS Server on Windows Server 2022
First, you will need to install the Windows Server Update Services (WSUS) role on your server. Follow the below steps to add the WSUS role:
Step 1 – Open the Windows Server Manager as shown below:
Step 2 – Click on Add roles and features. You should see the before you begin screen:
Step 3 – Click on the Next button. You should see the select installation type screen:
Step 4 – Select “Role based of feature based installation” and click on the Next button. You should see the select destination server screen:
Step 5 – Select your destination server and click on the Next button. You should see the select server roles screen:
Step 6 – Select “Windows Update Services” and click on the Next button. You should see the WSUS screen:
Step 7 – Click on the Next button. You should see the select role services screen:
Step 8
Follow to Step 8 – Select WSUS service and click on the Next button. You should see the WSUS content location screen:
Step 9 – Define the path of WSUS installation and click on the Next button. You should see the IIS role screen:
Step 10 – Click on the Next button. You should see the role services screen:
Step 11 – Select Web Server roles and click on the Next button. You should see the confirm installation screen:
Step 12 – Click on the install button to start the installation. Once the installation is complete, you should see the following screen:
Step 13 – Restart your system to apply the changes.
How to Setup WSUS Server on Windows Server 2022
After installing WSUS server, you will need to configure it using WSUS Server configuration wizard. Follow the below steps to configure the WSUS server:
Step 1 – Go to the Windows Server Manager => Tools then click on the WSUS Server Configuration wizard. You should see the following screen:
Step 2 – Click on the Next button. You should see the upstream server selection screen:
Step 3 – Select “Synchronize from Microsoft Update” and click on the Next button. You should see the Specify Proxy Server screen:
Step 4 – If you are using any proxy server then define it otherwise leave it blank and click on the Next button. You should see the language selection screen:
Step 5
Follow to Step 5 – Select your language and click on the Next button. You should see the product selection screen:
Step 6 – Select any product that you want to update and click on the Next button. You should see the classifications selection screen:
Step 7 – Define your update classification then click on the Next button. You should see the synchronize selection screen:
Step 8 – Select “Synchronize Manually” and click on the Next button. Once the WSUS configuration is complete, you should see the following screen:
Step 9 – Click on the Next button to start synchronization. You should see the following screen:
Step 10 – Click on the Finish button to complete the WSUS configuration.
Install Update From WSUS Server
Thereafter, to install all updates from the WSUS server, you will need to install the WSUS Admin Console on the computer where you want to install update.
Open the the PowerShell as Administrator and run the following command to install the WSUS console:
Install-WindowsFeature -Name UpdateServices-Ui
After the installation, launch the Windows Server Update Services console as shown below:
Click on the Action => Connect to Server. You should see the following screen:
Provide the WSUS IP address, port number and click on the Connect button. Once the WSUS server is connected, you should see the following screen:
You can now import update from the WSUS server to your system.
Thank you for reading How to Setup WSUS Server on Windows Server 2022. We shall now conclude.
How to Setup WSUS Server on Windows Server 2022 Conclusion
In this guide, we explained how to install and setup WSUS server on Windows server 2022. We also explained how to connect to WSUS server and install update manually.
Summarizing, Windows Server Update Services (WSUS) is a Windows Server 2008 or later feature that enables you to manage updates for your computers. In the same way, WSUS provides a system for system administrators to deploy updates and manage the activation status of updates. WSUS is a central point for software updates for Windows computers and mobile devices. It is a copy of the latest software updates from Microsoft and other software vendors.
On balance, WSUS also helps to distribute the updates to computers in your organization. You can join WSUS to receive updates from other organizations or the Internet. Using Windows Server Update Services (WSUS), saves you on your corporate internet bandwidth as well as automates update management for Microsoft products. The enhanced reporting feature supported by WSUS also helps determine health status and update deployment metrics.
Overall, Windows Server Update Services (WSUS) is an amazing free product from Microsoft that provides more control over updates and prevents installing patches that break software or cause downtime.
Take a look at more Windows content in our blog here.
Microsoft has released in its Insider program the new version of Windows Server which is the bet for corporate environments offering administrators a wide set of functions so that data management is as complete as possible, Windows Server 2022 is no stranger to these options and that is why the use of roles is key to increase server productivity and one of the fundamental roles for administration tasks is WSUS..
WSUS (Windows Server Update Services — Windows Server Update Services) is a role that basically gives us the opportunity to implement the update options of all the most current Microsoft product portfolio, this covers all types of products for both servers and for client computers.
This WSUS role facilitates administrative tasks since it will be possible to install, manage and distribute updates to all computers in the domain automatically, saving manual tasks for such operation..
WSUS Features
WSUS allows us to:
- Have an update management automation available for Windows and its products
- Have various Windows PowerShell cmdlets to manage administrative tasks in WSUS
- Security improvements since we have the SHA256 hash privacy level
- Function of separation between client and server, so the versions of the Windows Update Agent (WUA) can be delivered independently of WSUS so as not to apply them to all computers in the domain
- Centralized management of updates
WSUS requirements
To implement WSUS on Windows Server 2022, the following minimum requirements will be necessary:
- 1.4 GHz x64 processor, 2 GHz or higher recommended
- 100 Mbps or higher network adapter
- Extra 2 GB of RAM
- 10 GB available disk space, 40 GB recommended to accommodate downloaded updates
We see how to install this role in Windows Server 2022.
To stay up to date, remember to subscribe to our YouTube channel! SUBSCRIBE
Install WSUS on Windows Server 2022
Step 1
First, we validate the version of Windows Server with «winver»:
Step 2
We open the Server Manager and select «Add roles and features»:
Step 3
The following wizard will be displayed:
Step 4
Click Next and select «Role-based or feature-based installation»:
Step 5
In the next window we choose the server in which the role will be installed:
Step 6
Next, we locate the «Windows Server Update Services» box:
Step 7
We activate your box and the following will be displayed:
Step 8
We add the characteristics and we will see the selection of the river:
Step 9
Click Next and in the Features window we do not modify anything:
Step 10
In the next window we will see a summary of the WSUS role:
Step 11
In the next window we select the WSUS roles:
Step 12
These are:
- WID Connectivity: it is a service whose task is to install the WID database
- WID Services: its role is to manage all WSUS services
Step 13
Click Next and we will see this:
Step 14
We activate the «Store updates in the following location» box and enter the desired path where the downloads will be hosted, in this case we go to the Explorer and copy that path:
Step 15
We paste it in the respective field:
Step 16
We click on Next and we will see a summary about the roles of the IIS (Internet Information Services) web server:
Step 17
In the following window it is possible to select the desired role services:
Step 18
After this we will see a summary of the role to install in Windows Server 2022:
Step 19
Click Install to complete the installation:
Step 20
At the end we will see the following:
Step 21
We click on «» Start post-installation tasks «to complete the process:
Step 22
At the end of this we will see the following. We click Close to exit the wizard.
Step 23
Now we go to «Tools — Windows Server Update Services»:
Step 24
The following wizard will be displayed:
Step 25
Click Next and we can participate or not in the improvement program:
Step 26
In the next window we activate the box «Synchronize from Microsoft Update»:
Step 27
We click Next and now we define whether or not we will use a proxy server:
Step 28
Click Next
Step 29
Click on «Start Connection» to download Microsoft products:
Step 30
Upon completion of this download we will see the following:
Step 31
Click Next and select the languages available for updates:
Step 32
Then we choose which products will be available to receive updates through WSUS:
Step 33
In the next window we confirm the type of updates to download:
Step 34
There we activate the boxes as necessary and click Next to define the synchronization method to use:
Step 35
Click Next and we will see the following:
Step 36
Click Next to complete the process:
Step 37
Click «Finish» to finish the WSUS configuration on Windows Server 2022.
Step 38
We will be redirected to the WSUS console to see details of the available updates:
Step 39
In the WSUS console we click on the «Options» category:
Step 40
We double click on «Computers» and in the displayed window we activate the «Use group policy or computer registry settings» box. Click Apply and OK to apply the changes.
Step 41
We go to the «Teams» section, right click on the «All teams» line and select «Add group of teams»:
Step 42
We assign the name to the group:
Step 43
Click Add and we see the group created:
Step 44
Now we go to the Server Manager and select «Tools / Group Policy Management»:
Step 45
We right click on the Organizational Unit of the teams that will be linked to WSUS and select the option «Create a GPO in this domain and link it here»
Step 46
We assign the desired name and apply the changes:
Step 47
We right click on the created GPO and select the Edit option:
Step 48
In the open window we go to the path «Computer Configuration — Policies — Administrative Templates — Windows Components — Windows Update», first of all we select the policy «Configure Automatic Updates»:
Step 49
We edit the policy and activate the «Enabled» box, then select option 3 — «Automatically download and notify installation» in the Configure automatic update field. Apply the changes by clicking Apply and OK.
Step 50
Now we edit the policy «Specify the location of the Windows Update service on the intranet»
Step 51
We edit this policy, enable it and in the field «Establish the intranet update service to detect updates» and «Establish the intranet statistics server» we enter the syntax http: //Equipo.Dominio: 8530 . We apply the changes.
Step 52
Then we go to the policy «Enable client-side recipients»:
Step 53
We edit the policy and activate the «Enabled» box, in the «Target group name for this computer» field enter the name of the created group. We apply the changes.
Step 54
We go to the client computer of the domain, we access the command prompt as administrator and there we execute:
gpresult / r
Step 55
This takes care of updating the domain policies on the computer. Now we initialize Windows Update with the command:
Wuauclt.exe / reportnow / detectnow
Step 56
Finally we go back to Windows Server 2022, and in the WSUS console and in the policy we can see the computers where the configuration has been applied:
Step 57
Now we will go to «Updates / All updates», we right click on any update and choose «Approve»:
Step 58
Now we select the GPO created and choose «Approved for installation»:
Step 59
We will see the following:
Step 60
Click OK to install said update:
Thanks to WSUS we have the best alternative to manage everything related to updates in Windows Server 2022 and domain computers..
WSUS is one of the several roles available in Windows Server Edition. It allows system administrators to centrally manage updates, patches, and hotfixes, and deploy them efficiently to managed hosts. This role incorporates the IIS web server, which enables computers to receive update metadata and use it as a means of transmitting reports. In this overview, we will explore the installation process for this role.
Preparing
First, we will check that our system complies with minimum recommendations:
- Sufficient disk space for storing updates. Separate disk recommended
- Sufficient memory (minimum 8 GB recommended)
- Reliable internet connection
Installing
We start install by open «Server Manager» tool and then follow steps by screenshots:
Select the option «Role-based or feature-based installation» and then «Next». We indicate the server on which the WSUS role will be installed accordingly and then click «Next».
Select the «Windows Server Update Services» option in the list of roles. This will automatically install dependent and required components. Click «Add Features» and «Next».
On the «Select features» screen, select the «Windows Internal Database» option and click «Next». Then click «Next» again.
On the «Select role services» screen there should be «WID Connectivity» and «WSUS services» checkboxes. Click «Next».
In the «Content» window, specify the path to the update storage.
At the web server installation stage, leave the components for installing IIS, offered by the system by default, and click «Next».
Confirm the installation on the next screen by clicking «Install».
Choose components like on screen
Hit «Next»
After the installation is complete, select the «Launch Post-Installation tasks» option and close with the «Close» button.
On the «Join the Microsoft Update Improvement Program (optional)» screen, select the «I do not want to join the program at this time» option and click «Next».
Configuring
After completing role installation we need start WSUS Configuration.
Follow instructions like this screens:
This a basic steps for install. On the next steps choose required update languages, product types and update categories for usage case.
After completing the installation and configuration, it is need to basic setup.
Common tasks are:
- Initial Synchronization
- Automatic synchronization by schedule or manual
- Approving and Declining Updates
- Managing update groups of hosts
Conclusion
By following the outlined steps, you can successfully install and configure WSUS on Windows Server 2, enabling centralized management of Windows updates within your organization. With WSUS, you can ensure the security and stability of your systems by efficiently distributing updates and patches. Embrace the benefits of WSUS and simplify your Windows update management.
1101
CT Amsterdam
The Netherlands, Herikerbergweg 292
+31 20 262-58-98
700
300
ITGLOBAL.COM NL
1101
CT Amsterdam
The Netherlands, Herikerbergweg 292
+31 20 262-58-98
700
300
ITGLOBAL.COM NL
Today, I will be showing you howto install, configure, and deploy Windows Server Update Services (WSUS) on Windows Server 2022. I’ll also show you how to use the WSUS MMC interface, approve/manage updates, and more!
This video will demonstrate the process of the WSUS role installation, post-installation tasks, first-time WSUS configuration wizard, and the WSUS MMC.
Check it out and feel free to leave a comment! Scroll down below for more information and details on the guide.
Who’s this guide for
This guide is perfect for a seasoned IT professional or a beginner who is looking at getting experience with Windows Server 2022.
What’s included in the video
In this guide I will walk you through the following:
- Server Manager
- Windows Server Update Services Role Installation
- WSUS Considerations and Requirements
- WID (Windows Internal Database)
- SQL Express
- GPO Group Policy Objects
- WSUS Maintenance
- Upstream and Downstream WSUS Servers
- Bandwidth Optimization
- WSUS Usage and Platform
- WSUS Infrastructure Design
- WSUS Synchronization Schedule
- WSUS Language, Products, and Classifications selections
- WSUS MMC Overview
- “gpupdate /force” command usage
- WSUS Update Approval
- WSUS Reporting
Additional Information
Please see below (click to enlarge) for a WSUS GPO Configuration Example.
Please Note: This example contains configuration to automatically install updates. This example should only be used for workstations and not servers. Please use this example as a guide for your own study.
What’s required
To get started you’ll need:
- 1 x Server (Virtual Machine or Physical Server)
- Microsoft Windows Server 2022 Licensing
- A running Windows Server 2022 Instance (OSE)
- A network router and/or firewall
Hardware/Software used in this demonstration
- VMware vSphere
- HPE DL360p Gen8 Server
- Microsoft Windows Server 2022
- pfSense Firewall
Blog Posts mentioned in this video
- Enable Windows Update “Features on Demand” and “Turn Windows features on or off” in WSUS Environments
- WSUS IIS Memory Issue – Error: Connection Error