Setting Up Clients to Access WSUS
If you choose not to create a new Group Policy using the Software Vulnerability Manager WSUS Group Policy wizard, please edit your existing WSUS Group Policy as follows:
|
1.
|
In the Group Policy Management Console (GPMC), browse to the Group Policy Object (GPO) on which you want to configure WSUS and click Edit. |
|
2.
|
In the GPMC, expand Computer Configuration, expand Administrative Templates, expand Windows Components, and click Windows Update. Select: |
|
•
|
Enable: Configure Automatic Updates (choose your settings) |
|
•
|
Enable: Specify intranet Microsoft update service location (add the hostname/IP of your WSUS server) |
|
•
|
Enable: Allow signed updates from an intranet Microsoft update service location (Important – enables WSUS to distribute patches through Software Vulnerability Manager) |
|
3.
|
If Windows update not working, then check whether: |
|
•
|
WUServer contains WSUS server, WSUSStatusServer contains WSUS server:portnumber, AcceptTrustedPublishedCerts:1 in location |
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="psccm.sccm.test"
"WUStatusServer"="psccm.sccm.test:8530"
"ElevateNonAdmins"=dword:00000001
"AcceptTrustedPublisherCerts"=dword:00000001
|
•
|
In registry location, [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU], check"UseWUServer"=1 |
Important:For installing the WSUS server in your environment we recommend reading the Step by Step Installation Guide provided by Microsoft:
http://technet.microsoft.com/en-us/wsus/default.aspx