?
Solved

WSUS connectivity

Posted on 2013-01-31
4
Medium Priority
?
283 Views
Last Modified: 2016-02-20
I have a non domain window 2003 sp2, and there is a domain connected WSUS (2k3 as well). Is it possible to push updates to the non domain windows server ? if so how can I do this ?
0
Comment
Question by:shadow2007
4 Comments
 

Assisted Solution

by:chichaoff
chichaoff earned 664 total points
ID: 38840814
On you workgroup computers, run regedit to open registry editor, navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate

You also need to create/configure the UseWUServer registry value in the subkey
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU with dword:0x1

in order to cause the WUAgent to read the other two values (WUServer and WUStatusServer). If UseWUServer is absent, or false, the WUAgent will continue to update from Automatic Update (if configured to update at all).

Configure WUServer and WUStatusserver as the URL of your WSUS server with the port number.

After configuring, run "wuauclt /detectnow" to force the communication.
Reply  Quote
0
 
LVL 4

Accepted Solution

by:
AnthonyHamon earned 668 total points
ID: 38840899
This is possible.  As your Windows Server 2003 machine is not on the domain, you need to configure AU using Local Group Policy, as follows:

Run gpedit.msc
Open the User Configuration branch of the tree
Right-click Administrative Templates and select Add/Remove Templates
Select wuau and click Add.  Click wuau.adm in the Policy Templates dialog box and click Open
To view all the AU configuration policy options in the Group Policy Object Editor, go to Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update
Select 'Specify intranet Microsoft update service location' and specify the address of your WSUS server
Amend any of the other AU policy settings, as required
Restart your server
Run wuauclt /detectnow
Check the C:\Windows\WindowsUpdate.log file to ensure that the server was able to connect to your domain based WSUS server
0
 
LVL 12

Assisted Solution

by:Sandeep
Sandeep earned 668 total points
ID: 38840962
You have to set Local GPO for that machine.

You can access it through gpedit.msc as advised above.

Go to Computer Configuration->Administrative Templates->Windows Components->Windows Update

Over here you will find several values in which there are few important which requires to be set. There are others too but below are important, if Configure Automatic Updates is set to disabled, even after providing WSUS IP, server will not look to detect Windows Update.

Configure Automatic Updates - Enable this, and select default option 3 Auto Download and notify for install.
Specify intranet Microsoft update service location - Provide WSUS Server IP as http://ServerIP

Once this one is done, reboot your PC.
Run command wuauclt /detectnow - This will detect new patches from WSUS Server.
wuauclt /reportnow  - This will report the status to the WSUS Server about patches.

Hope this Helps.
0
 
LVL 58

Expert Comment

by:McKnife
ID: 38844773
...and if you don't want to reboot your server (which I can imagine), simply restart your update service to enable the new settings. wuauclt /detectnow alone will not do this, by the way.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question