This document provides step-by-step instructions for installing and configuring Windows Server Update Services (WSUS) 3.0 SP2. It outlines 7 steps: 1) confirming system requirements, 2) installing the WSUS server or administration console, 3) configuring network connections, 4) configuring updates and synchronization, 5) configuring client updates, 6) configuring computer groups, and 7) approving and deploying updates. The document contains detailed procedures for completing each step using either the Windows Server Manager or WSUSSetup.exe file.
The document provides an overview of Windows Server Update Services (WSUS) 3.0, which allows administrators to deploy and manage Microsoft product updates. Key features include improved ease of use through a new administration console, enhanced deployment options such as more flexible update approvals and server hierarchies, and improved performance. The document discusses WSUS server and client requirements, server-side features like update targeting and notifications, and deployment scenarios for single or multiple WSUS servers.
This document provides instructions for installing Windows SharePoint Services 3.0 (WSS 3.0) on Windows Server 2003. It describes the prerequisites, different installation types (basic, advanced, stand-alone), and steps for an advanced installation. An advanced installation allows customizing options like the data storage location and enabling the creation of a SharePoint farm with multiple servers. The document explains considerations for each installation type and guides the user through completing the configuration wizard after installation.
Windows SharePoint Services 3.0 can be installed on Small Business Server 2003 through an advanced installation that allows for a side-by-side installation with the existing SharePoint v2 installation. This involves running the SharePoint setup, selecting the "Web Front End" option, and configuring the database and authentication settings. After installation, a web application and top-level site collection must be created through the SharePoint Central Administration site before the new SharePoint site will be accessible.
This document provides an overview of the key functions and configuration options available in the SharePoint Central Administration site, which allows centralized administration and management of a SharePoint farm. It describes how to access and configure security, operations like services and timer jobs, application management settings, and backup/restore functions. The Central Administration site is the central location for most administration and configuration of the SharePoint environment.
March is synonymous with luck, and this March Patch Tuesday luck is on your side. There are some Critical updates. And Microsoft resolved two publicly disclosed vulnerabilities, so you'll want to patch those holes before someone turns your luck from good to bad. And of course - because they're far from as rare as a four-leaf clover - the Meltdown and Spectre updates continue to roll out. But all in all, it looks like you'll get your pot of gold this month in the form of time back to focus on core business goals.
The document provides instructions on configuring security settings in Windows SharePoint Services version 3 (WSS v3). It discusses default user groups and permissions in WSS v3, how to add users and assign them permissions, and how to configure anonymous access. The document contains step-by-step guides to tasks like creating new permission levels and user groups, and managing permissions for individual lists and libraries.
Windows XP Service Pack 3 (SP3) combines all previously released updates for Windows XP, including security updates and hotfixes. It provides a small number of new features like Network Access Protection to help Windows XP users take advantage of capabilities in Windows Server 2008. SP3 aims to provide a new baseline for Windows XP deployments and ensure all Windows XP systems have the latest updates, without significantly changing the Windows XP experience.
This document provides instructions for installing Metus Library v3.5 software. It describes installing the operating system, license manager, Microsoft SQL Server, Metus Archive Server, Metus Process Server, Metus Image Matching Server, Metus Image Matcher, Metus Service Starter, Metus Library client, and Metus Online Web Server. The instructions include setting permissions, services, and sharing a project in Metus Online.
The document provides an overview of Windows Server Update Services (WSUS) 3.0, which allows administrators to deploy and manage Microsoft product updates. Key features include improved ease of use through a new administration console, enhanced deployment options such as more flexible update approvals and server hierarchies, and improved performance. The document discusses WSUS server and client requirements, server-side features like update targeting and notifications, and deployment scenarios for single or multiple WSUS servers.
This document provides instructions for installing Windows SharePoint Services 3.0 (WSS 3.0) on Windows Server 2003. It describes the prerequisites, different installation types (basic, advanced, stand-alone), and steps for an advanced installation. An advanced installation allows customizing options like the data storage location and enabling the creation of a SharePoint farm with multiple servers. The document explains considerations for each installation type and guides the user through completing the configuration wizard after installation.
Windows SharePoint Services 3.0 can be installed on Small Business Server 2003 through an advanced installation that allows for a side-by-side installation with the existing SharePoint v2 installation. This involves running the SharePoint setup, selecting the "Web Front End" option, and configuring the database and authentication settings. After installation, a web application and top-level site collection must be created through the SharePoint Central Administration site before the new SharePoint site will be accessible.
This document provides an overview of the key functions and configuration options available in the SharePoint Central Administration site, which allows centralized administration and management of a SharePoint farm. It describes how to access and configure security, operations like services and timer jobs, application management settings, and backup/restore functions. The Central Administration site is the central location for most administration and configuration of the SharePoint environment.
March is synonymous with luck, and this March Patch Tuesday luck is on your side. There are some Critical updates. And Microsoft resolved two publicly disclosed vulnerabilities, so you'll want to patch those holes before someone turns your luck from good to bad. And of course - because they're far from as rare as a four-leaf clover - the Meltdown and Spectre updates continue to roll out. But all in all, it looks like you'll get your pot of gold this month in the form of time back to focus on core business goals.
The document provides instructions on configuring security settings in Windows SharePoint Services version 3 (WSS v3). It discusses default user groups and permissions in WSS v3, how to add users and assign them permissions, and how to configure anonymous access. The document contains step-by-step guides to tasks like creating new permission levels and user groups, and managing permissions for individual lists and libraries.
Windows XP Service Pack 3 (SP3) combines all previously released updates for Windows XP, including security updates and hotfixes. It provides a small number of new features like Network Access Protection to help Windows XP users take advantage of capabilities in Windows Server 2008. SP3 aims to provide a new baseline for Windows XP deployments and ensure all Windows XP systems have the latest updates, without significantly changing the Windows XP experience.
This document provides instructions for installing Metus Library v3.5 software. It describes installing the operating system, license manager, Microsoft SQL Server, Metus Archive Server, Metus Process Server, Metus Image Matching Server, Metus Image Matcher, Metus Service Starter, Metus Library client, and Metus Online Web Server. The instructions include setting permissions, services, and sharing a project in Metus Online.
Nothing like starting off the new decade with rumors your computer cryptography has a vulnerability which can result in a lack of trust for almost everything you do! The reality is that this vulnerability has not been publicly disclosed nor exploited and our friends at Microsoft have a solution. Besides the Crypto vulnerability, the most notable news is still the final public patch release for Windows 7, Server 2008, and Server 2008 R2. Apply the updates soon; major security vulnerabilities are exploited quickly!
overview / popularization about Exchange Server.
This document is a short understanding regarding mail réputation, Exchange setup and my main useful powershell Script.
How to enable admin account w10 pureinfotechDarnette A
The document describes three methods to enable the built-in Administrator account on Windows 10: using Command Prompt, PowerShell, or Computer Management. Each method involves running an application with elevated privileges and using a command or checking/unchecking options to activate the Administrator account. Once enabled, the Administrator account will be available for sign-in.
The document provides guidance on using limited remote access from non-EPA issued computers to access EPA network resources. It describes two methods - the preferred Limited Access VPN connection and the alternate Limited Access Proxy. It provides system requirements and step-by-step instructions for setting up and using each connection method to access the My Workplace portal and Outlook Web Access. Troubleshooting tips are also included.
This document provides an agenda and overview for a July 15, 2020 webinar on the Patch Tuesday updates. The webinar will include an overview of the July 2020 Patch Tuesday updates, discussion of vulnerabilities in the news, such as a wormable DNS server vulnerability and publicly disclosed Windows vulnerability, and Q&A. The webinar is hosted by Chris Goettl and Todd Schell and participants can dial in or join online.
This document provides an agenda and overview for a webinar on the April 2018 Patch Tuesday updates. The webinar will cover an overview of the April 2018 patches, notable security issues in the news, known issues with the updates, and questions and answers. Bulletins to be discussed include updates for Windows 10, Internet Explorer, Adobe Flash Player, Windows Server 2008, Windows 7, Windows Server 2012, Windows 8.1, and more. A number of vulnerabilities will be patched, including remote code execution flaws.
The holidays are just around the corner. How, you wonder, are we going to tie those into November Patch Tuesday? Through tradition, of course! Because what are the holidays without that treasured recipe you replicate line by line each year? And what is security without steadfast adherence to the list of controls you've put in place? The KRACK vulnerability is another in this year's endless litany of reminders that keeping up with software updates is critical. Be sure you've pushed out the October OS updates - and don't let the tradition slip this month either, as there are quite a few Critical security vulnerabilities to patch.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out
Outlook configuration in Microsoft OfficeFreeKaaMaal
This document provides instructions for configuring Outlook to send and receive internet email. The steps include adding a new email account profile, selecting POP3 as the server type, entering email address, username, and server information, ensuring outgoing server authentication is enabled, and finishing the setup. Once complete, internet email can be sent and received using Outlook.
The document summarizes an upcoming webinar on the August 2018 Patch Tuesday updates. The webinar will include an overview of the August patches, discussion of notable security news items, and a review of Microsoft and third-party bulletins. It will also cover Windows lifecycle awareness, new patch notification systems, and known issues for some of the August updates. Attendees can ask questions during the live Q&A portion.
This document summarizes a webinar about the January 2016 Patch Tuesday updates. It includes:
- An agenda for the webinar covering the January Patch Tuesday overview, known issues, bulletins, and Q&A.
- Summaries of several Microsoft security bulletins addressing vulnerabilities in Windows 10, Edge, Internet Explorer, Office, and other Microsoft products. It also summarizes updates from Adobe for Flash Player, Acrobat, and Reader.
- Information about other industry news items like the end of support for some Windows versions and changes to Flash redistribution requirements.
This document provides installation instructions for QNXT software. It lists the basic system requirements and establishes an order of installation for various components. Key steps include installing Microsoft SQL Server 2000 with a specific collation setting, installing Microsoft Excel, the Micro-Dyn SQL database and components, McKesson ClaimCheck software, and finally the QNXT application itself. The document also provides notices about important considerations like server naming conventions and Microsoft hotfixes.
This document provides a summary of the March 2016 Patch Tuesday webinar. It includes the agenda, known issues with some of the bulletins, and summaries of the various security bulletins released. The bulletins addressed vulnerabilities in Windows, Internet Explorer, Edge, Windows Media, Windows PDF Library, graphics fonts, and third party software like Firefox and Chrome. They fixed issues like remote code execution, elevation of privilege, and security feature bypass.
This document provides instructions on installing and launching MySQL Workbench on Windows, Linux, and Mac OS X. It discusses the software's hardware and software requirements, installation procedures for each operating system, and an overview of the main features and interface of MySQL Workbench.
This document summarizes a webinar about the February 2016 Patch Tuesday updates. The webinar agenda includes an overview of the February 2016 Patch Tuesday, known issues, security bulletins, and a question and answer session. The document also lists several security updates from Microsoft, Adobe, Google, and Oracle that address vulnerabilities in Windows, Edge, Internet Explorer, Flash Player, Java, and other software. Many of the updates resolve remote code execution vulnerabilities and are marked as critically or highly severe.
This document provides information about a capstone networking project, including hardware, software, network configuration, installing Windows Server 2012, installing a VPN and firewall, network protocols, IP addressing, and hardware and software security and backup. The hardware includes domain controllers, client computers, routers, switches, and servers. The software includes programs like Microsoft Office, Exchange, PowerShell, and operating systems like Windows and Windows Server. Details are provided about setting up a domain network and workgroup network, and configuring DNS, DHCP, and active directory on the Windows Server 2012 domain controller. Steps for installing a VPN and configuring a firewall are also outlined. Networking protocols, IP addressing schemes, and concepts of public vs private IP classes and subnet
This document provides a step-by-step guide for using File Server Resource Manager (FSRM) in Windows Server 2008 R2 to manage storage resources. It covers how to create quotas, file screens, and file classification properties to understand and control storage usage. It also discusses generating storage reports and backing up FSRM configurations. The guide offers procedures for tasks like quota creation, file screening, file expiration, and classification rule setup.
Distribution File System DFS TechnologiesRaphael Ejike
Distribution File System (DFS) technologies allow administrators to group shared folders located on different servers into logically structured namespaces that appear to users as single shared folders. DFS Namespaces provide this functionality. DFS Replication is used to synchronize files between servers over local and wide area networks, while minimizing bandwidth usage. Domain-based and stand-alone DFS differ in their path structure, location, availability, server type, and whether a domain controller is required.
Server High Availability Failover ClustersRaphael Ejike
Failover clusters provide high availability of server roles and applications by transferring resources from a failed node to another node. The cluster service moves resources offline in a defined order on the failed node and brings them online on the new node. Quorum determines whether the cluster has enough active nodes and witnesses, like disks or file shares, for the cluster to continue running to prevent split-brain scenarios where multiple parts of the cluster think they are active. There are different quorum modes depending on whether votes come from just nodes, nodes and disks, or nodes and a file share.
Financial Services Risk Management (FSRM) provides leading risk management advisory services and is known for unparalleled quality. It assists major financial and industrial clients with quantitative advisory services including valuation, pricing, hedging, and risk modeling. FSRM also offers potential new services in 2015 such as energy/commodity risk advisory, asset liability management, and risk capital modeling.
Nothing like starting off the new decade with rumors your computer cryptography has a vulnerability which can result in a lack of trust for almost everything you do! The reality is that this vulnerability has not been publicly disclosed nor exploited and our friends at Microsoft have a solution. Besides the Crypto vulnerability, the most notable news is still the final public patch release for Windows 7, Server 2008, and Server 2008 R2. Apply the updates soon; major security vulnerabilities are exploited quickly!
overview / popularization about Exchange Server.
This document is a short understanding regarding mail réputation, Exchange setup and my main useful powershell Script.
How to enable admin account w10 pureinfotechDarnette A
The document describes three methods to enable the built-in Administrator account on Windows 10: using Command Prompt, PowerShell, or Computer Management. Each method involves running an application with elevated privileges and using a command or checking/unchecking options to activate the Administrator account. Once enabled, the Administrator account will be available for sign-in.
The document provides guidance on using limited remote access from non-EPA issued computers to access EPA network resources. It describes two methods - the preferred Limited Access VPN connection and the alternate Limited Access Proxy. It provides system requirements and step-by-step instructions for setting up and using each connection method to access the My Workplace portal and Outlook Web Access. Troubleshooting tips are also included.
This document provides an agenda and overview for a July 15, 2020 webinar on the Patch Tuesday updates. The webinar will include an overview of the July 2020 Patch Tuesday updates, discussion of vulnerabilities in the news, such as a wormable DNS server vulnerability and publicly disclosed Windows vulnerability, and Q&A. The webinar is hosted by Chris Goettl and Todd Schell and participants can dial in or join online.
This document provides an agenda and overview for a webinar on the April 2018 Patch Tuesday updates. The webinar will cover an overview of the April 2018 patches, notable security issues in the news, known issues with the updates, and questions and answers. Bulletins to be discussed include updates for Windows 10, Internet Explorer, Adobe Flash Player, Windows Server 2008, Windows 7, Windows Server 2012, Windows 8.1, and more. A number of vulnerabilities will be patched, including remote code execution flaws.
The holidays are just around the corner. How, you wonder, are we going to tie those into November Patch Tuesday? Through tradition, of course! Because what are the holidays without that treasured recipe you replicate line by line each year? And what is security without steadfast adherence to the list of controls you've put in place? The KRACK vulnerability is another in this year's endless litany of reminders that keeping up with software updates is critical. Be sure you've pushed out the October OS updates - and don't let the tradition slip this month either, as there are quite a few Critical security vulnerabilities to patch.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out
Outlook configuration in Microsoft OfficeFreeKaaMaal
This document provides instructions for configuring Outlook to send and receive internet email. The steps include adding a new email account profile, selecting POP3 as the server type, entering email address, username, and server information, ensuring outgoing server authentication is enabled, and finishing the setup. Once complete, internet email can be sent and received using Outlook.
The document summarizes an upcoming webinar on the August 2018 Patch Tuesday updates. The webinar will include an overview of the August patches, discussion of notable security news items, and a review of Microsoft and third-party bulletins. It will also cover Windows lifecycle awareness, new patch notification systems, and known issues for some of the August updates. Attendees can ask questions during the live Q&A portion.
This document summarizes a webinar about the January 2016 Patch Tuesday updates. It includes:
- An agenda for the webinar covering the January Patch Tuesday overview, known issues, bulletins, and Q&A.
- Summaries of several Microsoft security bulletins addressing vulnerabilities in Windows 10, Edge, Internet Explorer, Office, and other Microsoft products. It also summarizes updates from Adobe for Flash Player, Acrobat, and Reader.
- Information about other industry news items like the end of support for some Windows versions and changes to Flash redistribution requirements.
This document provides installation instructions for QNXT software. It lists the basic system requirements and establishes an order of installation for various components. Key steps include installing Microsoft SQL Server 2000 with a specific collation setting, installing Microsoft Excel, the Micro-Dyn SQL database and components, McKesson ClaimCheck software, and finally the QNXT application itself. The document also provides notices about important considerations like server naming conventions and Microsoft hotfixes.
This document provides a summary of the March 2016 Patch Tuesday webinar. It includes the agenda, known issues with some of the bulletins, and summaries of the various security bulletins released. The bulletins addressed vulnerabilities in Windows, Internet Explorer, Edge, Windows Media, Windows PDF Library, graphics fonts, and third party software like Firefox and Chrome. They fixed issues like remote code execution, elevation of privilege, and security feature bypass.
This document provides instructions on installing and launching MySQL Workbench on Windows, Linux, and Mac OS X. It discusses the software's hardware and software requirements, installation procedures for each operating system, and an overview of the main features and interface of MySQL Workbench.
This document summarizes a webinar about the February 2016 Patch Tuesday updates. The webinar agenda includes an overview of the February 2016 Patch Tuesday, known issues, security bulletins, and a question and answer session. The document also lists several security updates from Microsoft, Adobe, Google, and Oracle that address vulnerabilities in Windows, Edge, Internet Explorer, Flash Player, Java, and other software. Many of the updates resolve remote code execution vulnerabilities and are marked as critically or highly severe.
This document provides information about a capstone networking project, including hardware, software, network configuration, installing Windows Server 2012, installing a VPN and firewall, network protocols, IP addressing, and hardware and software security and backup. The hardware includes domain controllers, client computers, routers, switches, and servers. The software includes programs like Microsoft Office, Exchange, PowerShell, and operating systems like Windows and Windows Server. Details are provided about setting up a domain network and workgroup network, and configuring DNS, DHCP, and active directory on the Windows Server 2012 domain controller. Steps for installing a VPN and configuring a firewall are also outlined. Networking protocols, IP addressing schemes, and concepts of public vs private IP classes and subnet
This document provides a step-by-step guide for using File Server Resource Manager (FSRM) in Windows Server 2008 R2 to manage storage resources. It covers how to create quotas, file screens, and file classification properties to understand and control storage usage. It also discusses generating storage reports and backing up FSRM configurations. The guide offers procedures for tasks like quota creation, file screening, file expiration, and classification rule setup.
Distribution File System DFS TechnologiesRaphael Ejike
Distribution File System (DFS) technologies allow administrators to group shared folders located on different servers into logically structured namespaces that appear to users as single shared folders. DFS Namespaces provide this functionality. DFS Replication is used to synchronize files between servers over local and wide area networks, while minimizing bandwidth usage. Domain-based and stand-alone DFS differ in their path structure, location, availability, server type, and whether a domain controller is required.
Server High Availability Failover ClustersRaphael Ejike
Failover clusters provide high availability of server roles and applications by transferring resources from a failed node to another node. The cluster service moves resources offline in a defined order on the failed node and brings them online on the new node. Quorum determines whether the cluster has enough active nodes and witnesses, like disks or file shares, for the cluster to continue running to prevent split-brain scenarios where multiple parts of the cluster think they are active. There are different quorum modes depending on whether votes come from just nodes, nodes and disks, or nodes and a file share.
Financial Services Risk Management (FSRM) provides leading risk management advisory services and is known for unparalleled quality. It assists major financial and industrial clients with quantitative advisory services including valuation, pricing, hedging, and risk modeling. FSRM also offers potential new services in 2015 such as energy/commodity risk advisory, asset liability management, and risk capital modeling.
The document provides an overview of the new features in Microsoft Windows Server Update Services (WSUS) 3.0, which allows administrators to more easily manage and deploy updates from Microsoft to computers in their network. Key improvements in WSUS 3.0 include enhanced ease of use through a new administration console, improved deployment options such as more flexible update approvals and support for server hierarchies, and better performance through features like faster synchronization intervals and bandwidth optimization. The document also outlines the server and client requirements for WSUS as well as its various features on both the server and client sides.
This document provides step-by-step instructions for setting up basic and advanced Active Directory Certificate Services (AD CS) lab environments. The basic lab uses two servers - one as the domain controller and one to host an enterprise root CA. The root CA issues certificates to the Online Responder service and a client computer. The advanced lab adds a subordinate CA, network device enrollment, and additional configuration steps. Both labs configure certificate templates, the Online Responder, and revocation checking to test AD CS functionality.
This slide deck presentation on best practices for architecting and implementing Windows Server Update Services (WSUS) was used at a technology conference. The document provides an overview and outline of the presentation topics, which include WSUS architecture designs, implementation, troubleshooting tips, and a demonstration. Contact information is provided for the presenting company for additional information.
This document provides instructions for creating a two-node server cluster using Windows Server 2003. Key steps include installing Windows Server 2003 on each node, setting up two network adapters per node on separate subnets for public and private communication, configuring shared storage accessible by both nodes, and installing the Cluster Service software while ensuring only one node has access to shared storage at a time. The document outlines hardware and software requirements and provides a checklist to prepare for cluster installation and configuration.
Active directory rights_management_services_luna_sa_revfBilguun Ganbat
The document provides steps to integrate Microsoft Active Directory Rights Management Services (AD RMS) with Luna SA on Windows Server 2008 R2. Key steps include:
1. Configuring user accounts and groups in Active Directory.
2. Installing the Luna Cryptographic Service Provider (CSP) on the Windows Server 2008 R2 system to register the Luna SA partition.
3. Installing AD RMS and selecting the Luna CSP during setup to store the AD RMS cluster key on the Luna SA.
Active directory rights_management_services_luna_sa_revfsandeep updahayay
This document provides instructions for integrating Microsoft Active Directory Rights Management Services (AD RMS) with Luna SA hardware security modules. The steps outlined include configuring user accounts and groups, installing the Luna Cryptographic Service Provider on Windows Server 2008 R2 and 2012, and installing AD RMS using the Luna CSP to store encryption keys on the Luna SA HSM for security and FIPS 140-2 compliance. Verification steps are also provided to test the functionality of the integrated solution.
This document provides guidelines for securing host-based systems. It recommends installing and configuring a host-based firewall, keeping the operating system and applications patched, backing up the system regularly, monitoring logs, disabling unused services, using strong passwords, replacing insecure services with secure alternatives like SSH, and restricting access to services where possible. It then provides more detailed recommendations for securing Windows, UNIX, Linux, and RedHat Linux systems during installation and configuration.
Sharepoint 2007 Install Best Practice Phase 1LiquidHub
This document provides instructions for installing Microsoft Office SharePoint Server 2007 in a server farm. It outlines hardware and software requirements and describes installing SharePoint on front-end, application, and database servers. The two-phase process involves installing SharePoint using a domain administrator account, then running the configuration wizard to configure authentication, databases, and other settings. Additional post-installation steps include configuring Internet Explorer security settings and designating SharePoint administrators.
This document provides guidance on planning security for sites and content in Microsoft Windows SharePoint Services 3.0. It discusses the available default permission levels and security groups, and helps determine if any custom groups or permission levels need to be created. Worksheets are also included to aid in deciding which security groups and administrators to use for various permission levels and administration roles.
Microsoft OCSP LUNA SA PCI Integration GuideChris x-MS
This document provides guidance on integrating Microsoft Online Certificate Status Protocol (OCSP) with SafeNet Luna Hardware Security Modules (HSMs). It describes the OCSP client and server components, how Luna HSMs can be used to securely and quickly sign OCSP responses, and the steps to configure a CA to support OCSP and issue signing certificates stored on Luna HSMs. The document also outlines testing the integration by generating and checking the status of certificates.
Windows Server 2008 includes several new security features to protect the operating system and applications. These include code integrity validation to prevent unauthorized code from loading, user access control to limit applications to standard user privileges, and network access protection to control network access based on the health status of client machines. The document also discusses improvements to application hardening, encryption technologies like BitLocker, and additional auditing capabilities in Windows Server 2008.
Common WSUS Issues in Deployment Operations and DiagnosticsSolarWinds
For more information on Patch Manager, visit: http://www.solarwinds.com/patch-manager.aspx
Tips & Solutions for Common WSUS Issues
Deployment
• Documentation
• Database Engine
• Target Group Management
Operations
• Superseded updates
• Server Cleanup Wizard
Diagnostics
• Content Downloading
• Duplicate SusClientID
• High CPU Utilization
• Client Diagnostics Tool
• WindowsUpdate.log
The document provides instructions for configuring the Windows Server 2012 R2 Base Configuration test lab. It describes installing Windows Server 2012 R2 on DC1 and configuring it as an Active Directory domain controller, DNS server, and DHCP server for the Corpnet subnet. It also describes installing Windows Server 2012 R2 on additional computers APP1 and CLIENT1, configuring their TCP/IP settings, and joining them to the Corp domain. This establishes the basic Corpnet infrastructure to build out additional test labs.
This document provides an overview of the software update architecture from the server side in System Center Configuration Manager. It discusses the key components like software update points, configuration items, and the synchronization process. It also covers concepts like multiple software update points, software update point failover, and the deployment of software update policies.
This document provides best practices for installing Sophos Endpoint Security and Control on-premise. It discusses what software is included, features that require planning like installation locations, update management, and role-based administration. It then describes the installation process and considerations for a single-site network, including deploying management and client software, setting up roles, and designing an update structure tailored to the network size and types of computers.
This document provides a summary of the privacy policies for certain Windows 7 and Windows Server 2008 R2 installation features: Dynamic Update, Installation Improvement Program, and Remote Access Connections. These features may send information to and from the Internet during installation to update drivers, improve the installation process, or enable internet connections. The document outlines what information is collected by each feature and how Microsoft uses and protects this information. Users have options to control participation in some of these features.
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
The document provides guidance for upgrading Active Directory domains to Windows Server 2008 or Windows Server 2008 R2. It outlines key planning tasks such as assigning credentials, introducing a test server, determining supported upgrades, assessing hardware requirements, and developing a test plan. Detailed instructions are given for performing tasks like installing AD DS on a test server, upgrading domain controllers, and completing post-upgrade configuration. Background information and references are also included to aid in the planning and execution of the domain upgrade process.
This document provides step-by-step instructions for setting up a test lab to demonstrate Network Access Protection (NAP) enforcement using virtual private network (VPN) connections. The test lab uses four computers - one domain controller, one VPN server, one NAP policy server, and one client computer. The instructions cover installing and configuring each system to validate client health policies, enforce network access based on compliance, and automatically remediate noncompliant clients.
Microsoft Windows Intune getting started guide dec 2012 releaseDavid J Rosenthal
Get the most out of Windows Intune.
This document is designed to help you evaluate the main features of Windows Intune and set up your new Windows Intune environment. To facilitate this process, this document uses an example configuration for a business called Adatum. Throughout this paper, you will see screenshots taken from this environment that illustrate how you can similarly configure your Windows Intune environment. Subsequently, you can implement the documented steps to create and customize your environment to meet your own business needs.
Microsoft Windows Intune getting started guide dec 2012 release
WSUS30SP2StepbyStep
1. Windows Server Update Services 3.0 SP2
Step By Step Guide
Microsoft Corporation
Author: Anita Taylor
Editor: Theresa Haynie
Abstract
This guide provides detailed instructions for installing Windows Server Update Services 3.0 SP2
(WSUS 3.0 SP2) using either Windows Server Manager or the WSUSSetup.exe file. This guide
also contains basic setup instructions for WSUS 3.0 SP2 using either Windows Server Manager
or the WSUS Server Configuration Wizard.
3. Contents
Windows Server Update Services 3.0 SP2 Step By Step Guide...................................................5
Additional References ..............................................................................................................5
Step 1: Confirm WSUS 3.0 SP2 Installation Requirements ..........................................................5
Server Hardware and Software Requirements for Installing WSUS 3.0 SP2 .............................6
Client Software Requirements..................................................................................................6
Permissions .............................................................................................................................6
Preparing to Install WSUS 3.0 SP2 ..........................................................................................6
Next Step.................................................................................................................................7
Additional Resources ...............................................................................................................7
Step 2: Install WSUS Server or Administration Console ...............................................................7
If You Are Using Server Manager .............................................................................................8
If You Are Using the WSUSSetup.exe File ...............................................................................8
Using the WSUS 3.0 SP2 Setup Wizard...................................................................................8
Next Step...............................................................................................................................11
Additional Resources .............................................................................................................11
Step 3: Configure the Network Connections...............................................................................11
Next Step...............................................................................................................................14
Additional Resources .............................................................................................................15
Step 4: Configure Updates and Synchronization ........................................................................15
Step 4 Procedures .................................................................................................................15
If You Are Using the Windows Server Update Services Configuration Wizard.........................15
If You Are Using the WSUS Administration Console...............................................................17
Next Step...............................................................................................................................18
Additional Resources .............................................................................................................18
Step 5: Configure Client Updates...............................................................................................18
Step 5 Procedures .................................................................................................................19
Next Step...............................................................................................................................20
Additional Resources .............................................................................................................20
Step 6: Configure Computer Groups..........................................................................................20
Step 6 Procedures .................................................................................................................21
Next Step...............................................................................................................................21
Additional Resources .............................................................................................................21
Step 7: Approve and Deploy WSUS Updates.............................................................................22
Step 7 Procedures .................................................................................................................22
5. 5
Windows Server Update Services 3.0 SP2
Step By Step Guide
Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2) provides a
comprehensive solution for managing updates to your network. This guide provides instructions
for the basic installation and deployment tasks by using WSUS 3.0 SP2 on your network. This
guide contains the following sections:
Step 1: Confirm WSUS 3.0 SP2 Installation Requirements
Step 2: Install WSUS Server or Administration Console
Step 3: Configure the Network Connections
Step 4: Configure Updates and Synchronization
Step 5: Configure Client Updates
Step 6: Configure Computer Groups
Step 7: Approve and Deploy WSUS Updates
Additional References
WSUS 3.0 SP2 is a feature-rich update management solution. For complete information about
installing and using WSUS, refer to the following Web sites:
The WSUS Deployment Guide at http://go.microsoft.com/fwlink/?LinkId=139832.
The WSUS Operations Guide at http://go.microsoft.com/fwlink/?LinkId=139838.
The WSUS Release Notes at http://go.microsoft.com/fwlink/?LinkId=139840.
Step 1: Confirm WSUS 3.0 SP2 Installation
Requirements
Before you install or upgrade to Windows Server Upgrade Services 3.0 Service Pack 2
(WSUS 3.0 SP2), confirm that both the server and the client computers meet the WSUS 3.0 SP2
system requirements and confirm that you have the necessary permissions to complete the
installation.
6. 6
Server Hardware and Software Requirements for
Installing WSUS 3.0 SP2
1. Confirm that the server meets the WSUS 3.0 SP2 system requirements for hardware,
operating system, and other required software. System requirements are listed in the
WSUS 3.0 SP2 Release Notes at http://go.microsoft.com/fwlink/?LinkId=139840. If you are
using Server Manager to install the WSUS 3.0 SP2 Server, you can confirm that you meet
the software requirements by following the steps in the “Preparing to Install WSUS 3.0 SP2”
section.
2. If you install roles or software updates that require you to restart the server when installation
is complete, then restart the server before you install WSUS 3.0 SP2.
Client Software Requirements
Automatic Updates is the client of WSUS 3.0. Automatic Updates has no hardware requirements
other than being connected to the network.
1. Confirm that computer on which you are installing Automatic Updates meets the
WSUS 3.0 SP2 system requirements for Client computers. System requirements are listed in
the WSUS 3.0 SP2 Release Notes at http://go.microsoft.com/fwlink/?LinkId=139840.
2. If you install software updates that require you to restart the computer, restart it before you
install WSUS 3.0 SP2.
Permissions
The following permissions are required for the specified users and directories:
1. The NT AuthorityNetwork Service account must have Full Control permission for the
following folders so that the WSUS Administration snap-in displays correctly:
%windir%Microsoft .NETFrameworkv2.0.50727Temporary ASP.NET Files
%windir%Temp
2. Confirm that the account that you plan to use to install WSUS 3.0 SP2 is a member of the
Local Administrators group.
Preparing to Install WSUS 3.0 SP2
If you are running Windows 7 or Windows Server 2008 SP2, you can install WSUS 3.0 SP2 from
Server Manager. If you are using another supported operating system, or installing only the
WSUS Administration Console, go to the next section of this guide to install WSUS 3.0 SP2 by
using the WSUSSetup.exe file.
1. Log on to the server on which you plan to install WSUS 3.0 SP2 by using an account that
To prepare to install the WSUS 3.0 SP2 Server by using Server Manager
7. 7
is a member of the Local Administrators group.
2. Click Start, point to Administrative Tools, and then click Server Manager.
3. In the right side pane of the Server Manager window, in the Roles Summary section, click
Add Roles.
4. If the Before You Begin page appears, click Next.
5. On the Select Server Roles page, confirm that Application Server and Web Server (IIS)
are selected. If they have been selected, use the remainder of this step to confirm that
the required role services are selected. Otherwise, install Application Server and Web
Server (IIS) as follows.
a. On the Select Server Roles page, select Application Server and Web Server (IIS).
Click Next.
b. If you are installing Application Role Services, on the Application Server page, click
Next. On the Application Server Role Services page, accept the default settings, and
then click Next.
c. If you are installing Web Server IIS, on the Web Server (IIS) page, click Next. On the
Web Server (IIS) Role Services page, in addition to the default settings, select
ASP.NET, Windows Authentication, Dynamic Content Compression, and IIS 6
Management Compatibility. If the Add Roles Wizard window appears, click Add
Required Role Services. Click Next.
d. On the Confirm Installation Selections page, click Install.
e. On the Installation Results page, confirm that an “Installation succeeded” message
appears for the role services that you installed in this step, and then click Close.
Next Step
Step 2: Install WSUS Server or Administration Console
Additional Resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
Step 2: Install WSUS Server or
Administration Console
After you make sure that the server meets the minimum system requirements and that the
necessary account permissions were granted, you are ready to install
Windows Server Upgrade Services 3.0 Service Pack 2 (WSUS 3.0 SP2). Start the installation of
WSUS 3.0 SP2 by using the applicable procedure for your operating system and kind of
installation (by using either Server Manager or the WSUSSetup.exe file).
8. 8
If You Are Using Server Manager
1. Log on to the server on which you plan to install WSUS 3.0 SP2 by using an account that
is a member of the local Administrators group.
2. Click Start, point to Administrative Tools, and then click Server Manager.
3. In the right side pane of the Server Manager window, in the Roles Summary section, click
Add Roles.
4. If the Before You Begin page appears, click Next.
5. On the Select Server Roles page, select Windows Server Update Services.
6. On the Windows Server Update Services page, click Next.
7. On the Confirm Installation Selections page, click Install.
8. When the WSUS 3.0 SP2 Setup Wizard is started, skip the next section and see the “To
continue installing WSUS 3.0 SP2” procedure.
If You Are Using the WSUSSetup.exe File
1. Log on to the server on which you plan to install WSUS 3.0 SP2 by using an account that
is a member of the Local Administrators group.
2. Double-click the WSUSSetup.exe installer file.
3. When the Windows Server Update Services 3.0 SP2 Setup Wizard is started, see the “To
continue installing WSUS 3.0 SP2” procedure.
Using the WSUS 3.0 SP2 Setup Wizard
The WSUS Setup Wizard is launched from Server Manager or from the WSUSSetup.exe file.
1. On the Welcome page of the Windows Server Update Services 3.0 Setup Wizard, click
Next.
2. On the Installation Mode Selection page, select Full server installation including
Administration Console if you want to install the WSUS server on this computer, or
Administration Console only if you want to install the administration console only.
3. On the License Agreement page, read the terms of the license agreement, click I accept
the terms of the License agreement, and then click Next.
4. You can specify where clients get updates on the Select Update Source page of the
To start the installation of WSUS 3.0 SP2 Server by using Server Manager
To start the installation of WSUS 3.0 SP2 Server or the WSUS 3.0 SP2 Administration
Console by using the WSUSSetup.exe file
To continue installing WSUS 3.0 SP2
9. 9
installation wizard. By default, the Store updates locally check box is selected and
updates will be stored on the WSUS server in the location that you specify. If you clear
the Store updates locally check box, client computers obtain approved updates by
connecting to Microsoft Update. Make your selection, and then click Next.
5. On the Database Options page, select the software that is used to manage the
WSUS 3.0 database. By default, the installation wizard offers to install Windows Internal
Database.
If you do not want to use Windows Internal Database, provide an instance of
Microsoft SQL Server for WSUS to use by selecting Use an existing database on this
server or Use an existing database server on a remote computer. Type the instance
name in the applicable box. The instance name should appear as
<serverName><instanceName>, where serverName is the name of the server and
instanceName is the name of the SQL instance. Make your selection, and then click
Next.
10. 10
6. If you have opted to connect to a SQL Server, on the Connecting to SQL Server
Instance page, WSUS will try to connect to the specified instance of SQL Server. When
it has connected successfully, click Next to continue.
7. On the Web Site Selection page, specify the Web site that WSUS will use. If you want to
use the default Web site on port 80, select Use the existing IIS Default Web site. If you
already have a Web site on port 80, you can create an alternate site on port 8530 or 8531
by selecting Create a Windows Server Update Services 3.0 SP2 Web site. Click Next.
11. 11
8. On the Ready to Install Windows Server Update Services page, review the selections,
and then click Next.
9. The final page of the installation wizard will let you know if the WSUS installation
completed successfully. After you click Finish the configuration wizard will start.
Next Step
Step 3: Configure the Network Connections
Additional Resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
Step 3: Configure the Network Connections
After you install Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2), the
configuration wizard will launch automatically. You can also run the wizard later through the
Options page of the WSUS Administration Console.
12. 12
Before you start the configuration process, be sure that you know the answers to the following
questions:
1. Is the server's firewall configured to allow clients to access the server?
2. Can this computer connect to the upstream server (such as Microsoft Update)?
3. Do you have the name of the proxy server and the user credentials for the proxy server, if you
need them?
By default, WSUS 3.0 SP2 is configured to use Microsoft Update as the location from which to
obtain updates. If you have a proxy server on the network, you can configure WSUS 3.0 SP2 to
use the proxy server. If there is a corporate firewall between WSUS and the Internet, you might
have to configure the firewall to ensure that WSUS can obtain updates.
Note
Although Internet connectivity is required to download updates from Microsoft Update,
WSUS offers you the ability to import updates onto networks that are not connected to
the Internet.
Step 3 contains the following procedures:
Configure your firewall.
Specify the way this server will obtain updates (either from Microsoft Update or from another
WSUS server).
Configure proxy server settings, so that WSUS can obtain updates.
If there is a corporate firewall between WSUS and the Internet, you might have to
configure that firewall to ensure WSUS can obtain updates. To obtain updates from
Microsoft Update, the WSUS server uses port 80 for HTTP protocol and port 443 for
HTTPS protocol. This is not configurable.
If your organization does not enable port 80 or port 443 to be open to all addresses, you
can restrict access to only the following domains, so that WSUS and Automatic Updates
can communicate with Microsoft Update:
http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://wustat.windows.com
To configure your firewall
13. 13
http://ntservicepack.microsoft.com
Note
These instructions about how to configure the firewall are meant for a corporate firewall
positioned between WSUS and the Internet. Because WSUS initiates all of its network
traffic, you do not have to configure Windows Firewall on the WSUS server.
Although the connection between Microsoft Update and WSUS requires ports 80 and 443 to be
open, you can configure multiple WSUS servers to synchronize with a custom port.
The next two procedures assume that you are using the Configuration Wizard. In a later section
in this step, you will learn how to start the WSUS Administration snap-in and configure the server
through the Options page.
1. From the configuration wizard, after joining the Microsoft Improvement Program, click
Next to select the upstream server.
2. If you choose to synchronize from Microsoft Update, you are finished with the Options
page. Click Next, or select Specify Proxy Server from the navigation pane.
3. If you choose to synchronize from another WSUS server, specify the server name and
the port on which this server will communicate with the upstream server.
4. To use SSL, select the Use SSL when synchronizing update information check box.
In that case the servers will use port 443 for synchronization. (Make sure that both this
server and the upstream server support SSL.)
5. If this is a replica server, select the This is a replica of the upstream server check box.
6. At this point, you are finished with upstream server configuration. Click Next, or select
Specify proxy server from the left navigation pane.
1. On the Specify Proxy Server page of the configuration wizard, select the Use a proxy
server when synchronizing check box, and then type the proxy server name and port
number (port 80 by default) in the corresponding boxes.
2. If you want to connect to the proxy server by using specific user credentials, select the
Use user credentials to connect to the proxy server check box, and then type the
user name, domain, and password of the user in the corresponding boxes. If you want to
enable basic authentication for the user connecting to the proxy server, select the Allow
basic authentication (password is sent in cleartext) check box.
3. At this point, you are finished with proxy server configuration. Click Next to go to the next
page, where you can start to set up the synchronization process.
The following two procedures assume that you are using the WSUS Administration snap-in for
configuration. These two procedures show how to start the WSUS Administration snap-in and
configure the server from the Options page.
To specify the way this server will obtain updates
To configure proxy server settings
14. 14
To start the WSUS Administration Console, click Start, point to All Programs, point to
Administrative Tools, and then click Windows Server Update Services 3.0.
Note
In order to use all the features of the console, log on as a member of either the WSUS
Administrators or the Local Administrators security groups on the server on which WSUS
is installed. Members of the WSUS Reporters security group have read-only access to
the console.
1. On the WSUS console, click Options in the left pane under the name of this server, and
then click Update Source and Proxy Server in the middle pane.
A dialog box will be displayed with Update Source and Proxy Server tabs.
2. In the Update Source tab, select the location from which this server will obtain updates.
If you choose to synchronize from Microsoft Update (the default), you are finished with
this wizard page.
3. If you choose to synchronize from another WSUS server, you have to specify the port on
which the servers will communicate (the default is port 80). If you select a different port,
you should ensure that both servers can use that port.
4. You may also specify whether to use SSL when synchronizing from the upstream WSUS
server. In that case, the servers will use port 443 to synchronize from the upstream
server.
5. If this server is a replica of the second WSUS server, select the This is a replica of the
upstream server check box. In this case all updates must be approved on the upstream
WSUS server only.
6. In the Proxy server tab, select the Use a proxy server when synchronizing check box,
and then type the proxy server name and port number (port 80 by default) in the
corresponding boxes.
7. If you want to connect to the proxy server by using specific user credentials, select the
Use user credentials to connect to the proxy server check box, and then type the
user name, domain, and password of the user in the corresponding boxes. If you want to
enable basic authentication for the user connecting to the proxy server, select the Allow
basic authentication (password in cleartext) check box.
8. Click OK to save these settings.
Next Step
Step 4: Configure Updates and Synchronization
To start the WSUS Administration Console
To specify an update source and proxy server
15. 15
Additional Resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
Step 4: Configure Updates and
Synchronization
This section describes how to configure a set of updates that you want to download by using
Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2).
Step 4 Procedures
You can do these procedures by using either the WSUS Configuration Wizard or the WSUS
Administration Console.
1. Save and download information about your upstream server and proxy server.
2. Choose the language of the updates.
3. Select the products for which you want to receive updates.
4. Choose the classifications of updates.
5. Specify the synchronization schedule for this server.
After you configure the network connection, you can download updates by synchronizing the
WSUS server. Synchronization begins when the WSUS server contacts Microsoft Update. After
the WSUS makes contact, WSUS determines whether any new updates have been made
available since the last time you synchronized. When you synchronize the WSUS server for the
first time, all the updates are available and are ready for your approval for installation. The initial
synchronization may take a long time.
The procedures in this section describe synchronizing with the default settings. WSUS 3.0 SP2
also includes options that enable you to minimize bandwidth use during synchronization.
If You Are Using the Windows Server Update
Services Configuration Wizard
In the step 3 procedures, you completed configuration of the upstream server and the proxy
server. This next set of procedures starts on the Connect to Upstream Server page of that
configuration wizard.
1. On the Connect to Upstream Server page of the configuration wizard, click the Start
Connecting button. This both saves and uploads your settings and collects information
about available updates.
To save and download your upstream server and proxy information
16. 16
2. While the connection is being made, the Stop Connecting button will be available. If
there are problems with the connection, click Stop Connecting, fix the problems, and
restart the connection.
3. After the download has completed successfully, click Next.
1. The Choose Languages page lets you receive updates from all languages or from a
subset of languages. Selecting a subset of languages will save disk space, but it is
important to choose all of the languages that will be needed by all the clients of this
WSUS server.
If you choose to get updates only for specific languages, select Download updates only
in these languages, and select the languages for which you want updates.
2. Click Next.
1. The Choose Products page lets you specify the products for which you want updates.
Select product categories, such as Windows, or specific products, such as
Windows Server 2008. Selecting a product category will cause all the products in that
category to be selected.
2. Click Next.
1. The Choose Classifications page allows you to specify the update classifications you
want to obtain. Choose all the classifications or a subset of them.
2. Click Next
1. On the Set Sync Schedule page, you choose whether to perform synchronization
manually or automatically.
If you choose Synchronize manually, you must start the synchronization process from
the WSUS Administration Console.
If you choose Synchronize automatically, the WSUS server will synchronize at set
intervals. Set the time of the First synchronization and specify the number of
Synchronizations per day that you want this server to perform. For example, if you
specify that there should be four synchronizations per day, starting at 3:00 A.M.,
synchronizations will occur at 3:00 A.M., 9:00 A.M., 3:00 P.M., and 9:00 P.M.
2. Click Next.
3. On the Finished page, you can start the WSUS Administration Console by leaving the
Launch the Windows Server Update Services Administrations snap-in check box
To choose update languages
To choose update products
To choose update classifications
To configure the synchronization schedule
17. 17
selected, and you can start the first synchronization by leaving the Begin initial
synchronization check box selected.
4. Click Finish.
Important
You cannot save configuration changes that are made while the server is
synchronizing. Wait until synchronization is finished and then make your
changes.
If You Are Using the WSUS Administration
Console
The following procedures explain how to perform the configuration steps by using the WSUS
Administration Console.
1. In the Options panel, click Products and Classifications. A dialog box appears with
Products and Classifications tabs.
2. In the Products tab, select the product category or specific products for which you want
this server to receive updates, or else select All Products.
3. In the Classifications tab, select the update classifications you want, or else select All
Classifications.
4. Click OK to save your selections.
1. In the Options panel, click Update Files and Languages. A dialog box appears with
Update Files and Update Languages tabs.
2. In the Update Files tab, choose whether to Store update files locally on this server or
to have all client computers install from Microsoft Update. If you decide to store update
files on this server, you also decide whether to download only those updates that are
approved or to download express installation files.
3. In the Update Languages tab, if you are storing update files locally, you choose to
Download updates for all languages (the default), or to Download updates only in
the specified languages. If this WSUS server has downstream servers, they will receive
updates only in the languages specified by the upstream server.
4. Click OK to save these settings.
1. In the Options panel, click Synchronization Schedule.
2. In the Synchronization Schedule tab, you choose whether to perform synchronization
To choose products and update classifications
To choose update files and languages
To synchronize the WSUS server
18. 18
manually or automatically.
If you choose Synchronize manually, you will have to start the synchronization process
from the WSUS Administration Console.
If you choose Synchronize automatically, the WSUS server will synchronize at set
intervals. Set the time of the First synchronization and specify the number of
Synchronizations per day that you want this server to perform. For example, if you
specify that there should be four synchronizations per day, starting at 3:00 A.M.,
synchronizations will occur at 3:00 A.M., 9:00 A.M., 3:00 P.M., and 9:00 P.M.
3. Click OK to save your selections.
4. In the navigation pane of the WSUS Administration Console, select Synchronizations.
5. Right-click or move to the Actions pane on the right side, and then click Synchronize
Now.
If you do not see the Actions pane on the right side of the console, on the console
toolbar click View, click Customize, and ensure that the Action pane check box is
selected.
6. After the synchronization is complete, in the left panel, click Updates to view the list of
updates.
Next Step
Step 5: Configure Client Updates
Additional Resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
Step 5: Configure Client Updates
In Windows Server Update Services 3.0 (WSUS 3.0 SP2), the WSUS Setup automatically
configures IIS to distribute the latest version of Automatic Updates to each client computer that
contacts the WSUS server.
The best way to configure Automatic Updates depends on the network environment. In an
environment that uses Active Directory directory service, you can use an existing domain–based
Group Policy object (GPO) or create a new GPO. In an environment without Active Directory, use
the Local GPO. In this step, you will configure Automatic Updates and then point the client
computers to the WSUS server.
The following procedures assume that your network runs Active Directory. These procedures also
assume that you are familiar with Group Policy and use it to manage the network.
For more information about Group Policy, refer to the Group Policy Tech Center Web site at
http://go.microsoft.com/fwlink/?LinkID=47375.
19. 19
Step 5 Procedures
In step 4, you completed configuration of the updates that you want to download. Use this set of
procedures to configure automatic updates for client computers.
1. Configure Automatic Updates in Group Policy.
2. Point a client computer to the WSUS server.
3. Manually start detection by the WSUS server.
Perform the first two procedures on the domain–based GPO of your choice, and the third
procedure at a command prompt on the client computer.
1. In the Group Policy Management Console (GPMC), browse to the GPO on which you
want to configure WSUS, and then click Edit.
2. In the GPMC, expand Computer Configuration, expand Administrative Templates,
expand Windows Components, and then click Windows Update.
3. In the details pane, double-click Configure Automatic Updates.
4. Click Enabled, and then click one of the following options:
Notify for download and notify for install. This option notifies a logged-on
administrative user before the download and before you install the updates.
Auto download and notify for install. This option automatically begins downloading
updates and then notifies a logged-on administrative user before installing the
updates.
Auto download and schedule the install. This option automatically begins
downloading updates and then installs the updates on the day and time that you
specify.
Allow local admin to choose setting. This option lets local administrators to use
Automatic Updates in Control Panel to select a configuration option. For example,
they can choose their own scheduled installation time. Local administrators cannot
disable Automatic Updates.
5. Click OK.
1. In the Windows Update details pane, double-click Specify intranet Microsoft update
service location.
2. Click Enabled, and type the HTTP URL of the same WSUS server in the Set the
intranet update service for detecting updates box and in the Set the intranet
statistics server box. For example, type http://servername in both boxes, and then click
To configure Automatic Updates
To point the client computers to the WSUS server
20. 20
OK.
Note
If you are using the Local GPO to point the computer to WSUS, this setting takes effect
immediately, and this computer appears in the WSUS Administrative Console after a
short time. You can speed up this process by manually initiating a detection cycle.
After you set up a client computer, it will take several minutes before the computer appears on
the Computers page in the WSUS Administration Console. For client computers configured with
a domain-based Group Policy, it can take about 20 minutes after Group Policy refreshes (that is,
applies any new policy settings to the client computer). By default, Group Policy updates in the
background every 90 minutes, with a random offset of 0–30 minutes. If you want to update Group
Policy sooner, you can go to a command prompt on the client computer and type gpupdate
/force.
For client computers configured by using the Local GPO, Group Policy is applied immediately,
and the update takes about 20 minutes.
If you begin detection manually, you do not have to wait 20 minutes for the client computer to
contact WSUS.
1. On the client computer, click Start, and then click Run.
2. Type cmd in the Open box, and then click OK.
3. At the command prompt, type wuauclt.exe /detectnow. This command-line option
instructs Automatic Updates to contact the WSUS server immediately.
Next Step
Step 6: Configure Computer Groups
Additional Resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
Step 6: Configure Computer Groups
Computer groups are an important part of Windows Server Update Services 3.0 Service Pack 2
(WSUS 3.0 SP2) deployments. Computer groups permit you to test updates and target updates
to specific computers. There are two default computer groups: All Computers and Unassigned
Computers. By default, when each client computer first contacts the WSUS Server, the server
adds that client computer to both of these groups.
To manually start detection by the WSUS server
21. 21
You can create as many custom computer groups as you need to manage updates in your
organization. As a best practice, create at least one computer group to test updates before you
deploy them to other computers in your organization.
Step 6 Procedures
1. Create a test computer group.
2. Move at least one computer into the test group.
1. In the WSUS Administration Console, expand Computers and select All Computers.
2. Right-click All Computers and click Add Computer Group.
3. In the Add Computer Group dialog box, specify the Name of the new test group and
click Add.
In the next procedure, you will assign a client computer to the test group. A test computer is any
computer that has software and hardware that is consistent with the majority of client computers
on the network, yet not assigned to a critical role. After your tests are successful, you can
approve the updates for computers in the groups of your choice.
1. In the WSUS Administration Console, click Computers.
2. Click the group of the computer that you want to assign to the test group.
3. In the list of computers, select the computer or computers that you want to assign to the
test group.
4. Right-click Change Membership.
5. In the Set Computer Group Membership dialog box, select the test group that you
created previously, and then click OK.
Repeat these two procedures, that is, create a group and then assign computer(s) to the group,
to create as many additional computer groups as needed to manage updates at your site.
Next Step
Step 7: Approve and Deploy WSUS Updates
Additional Resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
To create a test group
To assign a computer to the test group
22. 22
Step 7: Approve and Deploy WSUS Updates
In this step, you approve an update for any computers in the test group for
Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2). Computers in the group
automatically contact the WSUS server over the next 24 hours to obtain the update. You can use
the WSUS reporting feature to determine whether those updates were deployed to the test
computers. When the tests are successfully completed, you can then approve the updates for the
applicable computer groups in your organization.
Step 7 Procedures
Approve and deploy an update.
Check the status of an update.
1. On the WSUS Administration Console, click Updates. An update status summary is
displayed for All Updates, Critical Updates, Security Updates, and WSUS Updates.
2. In the All Updates section, click Updates needed by computers.
3. On the list of updates, select the updates that you want to approve for installation on your
test computer group. Information about a selected update is available in the bottom pane
of the Updates panel. To select multiple contiguous updates, hold down the SHIFT key
while clicking updates; to select multiple noncontiguous updates, press down the CTRL
key while clicking updates.
4. Right-click the selection and click Approve.
5. In the Approve Updates dialog box, select your test group, and then click the down
arrow.
6. Click Approved for Install and then click OK.
7. The Approval Progress window appears which shows progress of the tasks that affect
update approval. When approval is completed, click Close.
After 24 hours, you can use the WSUS Reports feature to determine whether the updates were
deployed to the test group computers.
1. In the navigation pane of the WSUS Administration Console, click Reports.
2. On the Reports page, click the Update Status Summary report. The Updates Report
window appears.
3. If you want to filter the list of updates, select the criteria that you want to use, for
example, Include updates in these classifications, and then click Run Report on the
window's toolbar.
To approve and deploy an update
To check the status of an update
23. 23
4. You will see the Updates Report pane. You can check the status of individual updates
by selecting the update in the left section of the pane. The last section of the report pane
shows the status summary of the update.
5. You can save or print this report by clicking the applicable icon on the toolbar.
6. After you test the updates, you can approve the updates for installation on the applicable
computer groups in your organization.
Additional resources
Windows Server Update Services 3.0 SP2 Step By Step Guide
For more information about how to use WSUS 3.0 SP2, see:
The WSUS Deployment Guide at http://go.microsoft.com/fwlink/?LinkId=139832.
The WSUS Operations Guide at http://go.microsoft.com/fwlink/?LinkId=139838