Integrating WSUS to Active Directory

Hello Experts,

I need some help integrating a WSUS server to an Active Directory organization.

The WSUS server needs to know the systems it needs to update.

How do I do that?
marceloNYCMiddle-Tier AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andy MIT Systems ManagerCommented:
You'd apply a group policy to the PC's so they communicate back to your WSUS server. They should then appear automatically and you can make amendments accordingly from there.

https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/4-configure-group-policy-settings-for-automatic-updates
0
marceloNYCMiddle-Tier AdministratorAuthor Commented:
OKay, I m going to try it now... I 'll update you soon
0
Cliff GaliherCommented:
Ultimately WSUS is still a back end for windows uodate. Which is inherently a "pull" uodate system. You can't force WSUS to "know" which systems it need to update. Even with ient-side targeting, it is up to the client to check in, and only then will WSUS be aware of the system and its status. And deleting a system from AD doesn't remove it from WSUS.

If you really need server-side tracking and reporting, you'll need an agent-based system with alerts about systems out of compliance. Microsoft's play in that space is SCCM. And there are other 3rd-party solutions. But WSUS won't get there alone.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

marceloNYCMiddle-Tier AdministratorAuthor Commented:
I tried this not sure is working.

I do not see the computer that is added to the server.

https://www.itprotoday.com/windows-8/deploying-windows-server-update-services-domain-environment-and-using-group-policies
0
Cliff GaliherCommented:
As I said. WSUS is inherently a pull system. No computer will show up in WSUS until that client receives the group policy "and" windows update decides to check it. Which is is allowed to do at its leisure. It can take a day or two before you see systems appear with properly configured group policies. Improperly configured group policies can cause systems to never check in and therefore would never appear in WSUS.
0
David Johnson, CD, MVPOwnerCommented:
first use rsop or gpresult  and check that your group policy is applied
if yes applied.  from an elevated cmd prompt

wuauclt /resetauthorization /detectnow  
wuauclt /reportnow

Open in new window


you should now see that computer in the unassigned computers or all computers list in WSUS
0
Cliff GaliherCommented:
I recall that those commands no longer work as expected in Win10. But am not in a place to find their replacements at the moment.
0
David Johnson, CD, MVPOwnerCommented:
they still work on my Windows 10 Enterprise VM's
0
Cliff GaliherCommented:
The commands run without error.  But /detectnow, for certain, no longer *does* anything. Enterprise or otherwise.

https://blogs.technet.microsoft.com/yongrhee/2017/11/09/wuauclt-detectnow-in-windows-10-and-windows-server-2016/
0
David Johnson, CD, MVPOwnerCommented:
Thanks Cliff I didn't know it was replaced by
UsoClient.exe startscan

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
marceloNYCMiddle-Tier AdministratorAuthor Commented:
Thank you!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
WSUS

From novice to tech pro — start learning today.