Configuring Windows Server Update Services (WSUS) in Server 2022
Posted on 16th June 2023
Overview
Windows Server Update Services (WSUS) is a server role included in Windows Server that enables you to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS can be used to automatically download and install updates for Windows Server operating systems, as well as other Microsoft products like Microsoft Office and Exchange Server. WSUS can be installed on computers running any of the following Windows Server operating systems:
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
In this article, we will show you how to configure WSUS in Windows Server 2022.
Installing WSUS
Before you can configure WSUS, you need to install the WSUS server role. To do this, follow these steps:
- Open the Server Manager console.
- In the Server Manager console, click on Manage and then select Add Roles and Features.
- On the Before you begin page, click Next.
- On the Installation Type page, select Role-based or feature-based installation and click Next.
- On the Server Selection page, select the server on which you want to install WSUS and click Next.
- On the Server Roles page, select Windows Server Update Services and click Next.
- On the Features page, click Next.
- On the Confirm installation selections page, click Install.
- On the Results page, click Close.
Configuring WSUS
Now that WSUS is installed, you need to configure it. To do this, follow these steps:
- Open the WSUS console.
- In the WSUS console, click on Options.
- In the Options pane, click on Update Source and Proxy Server.
- On the Update Source tab, select the Specify proxy server check box and enter the proxy server information.
- On the Proxy Settings tab, enter the proxy server information and click OK.
- In the WSUS console, click on Products and Classifications.
- In the Products pane, select the products that you want to download updates for and click OK.
- In the Classifications pane, select the classifications that you want to download updates for and click OK.
- In the WSUS console, click on Updates.
- In the Updates pane, click on All Updates.
- In the All Updates pane, select the updates that you want to download and click OK.
- In the WSUS console, click on Computers.
- In the Computers pane, select the Use Group Policy or registry settings on computers check box and click OK.
- In the WSUS console, click on Synchronization.
- In the Synchronization pane, click on Start.
Conclusion
In this article, we showed you how to configure WSUS in Windows Server 2022. WSUS is a useful tool that can help you manage the distribution of updates and hotfixes in a corporate environment. If you have any questions, feel free to post them in the comments section below.
Configuring Windows Server Update Services (WSUS) in Server 2022
In this article, we will continue our discussion on configuring WSUS in Server 2022. We will cover the following topics:
Configuring WSUS using the GUI
Configuring WSUS using PowerShell
Configuring WSUS using Group Policy Objects
Configuring WSUS using the GUI
The first method we will cover is using the WSUS Configuration Wizard. To launch the WSUS Configuration Wizard, go to Start > Administrative Tools > Windows Server Update Services. This will open the WSUS Administration Console.
In the WSUS Administration Console, click on the “Configure Server Settings” task in the left pane. This will launch the WSUS Configuration Wizard.
On the first page of the WSUS Configuration Wizard, you will need to choose whether to connect to Microsoft Update or a WSUS server. For this example, we will choose to connect to a WSUS server.
On the next page, you will need to choose whether to use an existing database or create a new one. For this example, we will choose to create a new database.
On the next page, you will need to specify the database settings. For this example, we will use the default settings.
On the next page, you will need to specify the web site settings. For this example, we will use the default settings.
On the next page, you will need to specify the proxy server settings. For this example, we will not use a proxy server.
On the next page, you will need to specify the update files and languages settings. For this example, we will choose to download update files for both x86 and x64 architectures and we will choose to download update files for all languages.
On the next page, you will need to specify the synchronization schedule. For this example, we will choose to synchronize manually.
On the next page, you will need to specify the account settings. For this example, we will use the default settings.
On the next page, you will need to specify the email notification settings. For this example, we will choose to not receive email notifications.
On the next page, you will need to review the settings. Once you are satisfied with the settings, click the “Finish” button to complete the WSUS Configuration Wizard.
Configuring WSUS using PowerShell
The next method we will cover is using PowerShell. To use PowerShell to configure WSUS, you will first need to launch the PowerShell console as an administrator.
Once the PowerShell console has been launched, you will need to import the WSUS module. To do this, type the following command and press Enter:
Import-Module -Name UpdateServices
Next, you will need to specify the WSUS server settings. To do this, type the following command and press Enter:
Set-WsusServer -Name “server1” -Port 8530 -UseSSL $true
In the command above, you will need to replace “server1” with the name of your WSUS server.
Next, you will need to specify the WSUS database settings. To do this, type the following command and press Enter:
Set-WsusDatabase -Name “server1” -SQLInstance “server1SQLEXPRESS”
In the command above, you will need to replace “server1” with the name of your WSUS server and “SQLEXPRESS” with the name of your SQL instance.
Next, you will need to specify the WSUS content directory settings. To do this, type the following command and press Enter:
Set-WsusContentDirectory -Path “D:WSUSContent”
In the command above, you will need to replace “D:WSUSContent” with the path to your WSUS content directory.
Next, you will need to specify the WSUS update files and languages settings. To do this, type the following command and press Enter:
Set-WsusUpdateFile -DownloadUpdateFiles $true – Languages “en,de,es,fr,it,ja,ko,zh-CN,zh-TW”
In the command above, you will need to replace “en,de,es,fr,it,ja,ko,zh-CN,zh-TW” with the languages you want to download update files for.
Next, you will need to specify the WSUS synchronization schedule. To do this, type the following command and press Enter:
Set-WsusSynchronizationSchedule -SyncNow $true – ScheduleType “Weekly” – StartDay “Sunday” – StartTime “03:00:00”
In the command above, you will need to replace “03:00:00” with the time you want the synchronization to start.
Next, you will need to configure the WSUS email notification settings. To do this, type the following command and press Enter:
Set-WsusNotificationServer -SendNotification $true -SmtpServer “smtp.contoso.com” – FromAddress “wsus@contoso.com”
In the command above, you will need to replace “smtp.contoso.com” with the name of your SMTP server and “wsus@contoso.com” with the email address you want to send email notifications from.
Lastly, you will need to start the WSUS service. To do this, type the following command and press Enter:
Start-WsusService
Configuring WSUS using Group Policy Objects
The final method we will cover is using Group Policy Objects (GPOs). To use GPOs to configure WSUS, you will first need to launch the Group Policy Management Console.
In the Group Policy Management Console, you will need to create a new GPO. To do this, right-click on the “Group Policy Objects” node in the left pane and choose “New”.
In the “New Group Policy Object” dialog, type a name for the GPO and click the “OK” button.
In the Group Policy Management Editor, go to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Update.
In the right pane, double-click on the “Specify intranet Microsoft update service location” policy.
In the “Specify intranet Microsoft update service location” dialog, choose the “Enabled” option and type the following in the “Set the intranet update service for detecting updates” field:
http://server1:8530
In the command above, you will need to replace “server1” with the name of your WSUS server.
Click the “OK” button to close the dialog.
Next, double-click on the “Specify intranet Microsoft update service for detecting updates” policy.
In the “Specify intranet Microsoft update service for detecting updates” dialog, choose the “Enabled” option and type the following in the “Set the intranet statistics server” field:
http://server1:8530
In the command above, you will need to replace “server1” with the name of your WSUS server.
Click the “OK” button to close the dialog.
Lastly, double-click on the “Turn on Access-Control-Expose-Headers” policy.
In the “Turn on Access-Control-Expose-Headers” dialog, choose the “Enabled” option.
Click the “OK” button to close the dialog.
Once you have configured all the policies, you will need to link the GPO to the appropriate OU. To do this, right-click on the GPO and choose “Link an Existing GPO”.
In the “Link Group Policy Object” dialog, choose the OU you want to link the GPO to and click the “OK” button.
You have now successfully configured WSUS using GPOs.