How Can We Help?
- Install Windows 2016 Server with 6GB Memory, 6 CPUs and a second disk D:\
- Start Server Manager and install “Windows Server Update Service” and include all features
- Install WID Connectivity and WSUS Service only
- Store updates on D:\WSUS
- Install
- Open “Windows Server Update Services” Console to configure WSUS
- Store updates locally on D:\WSUS, RUN and CLOSE
- WSUS wizard will open NEXT
- Uncheck “Yes, I would like to join the Microsoft update improvement program
- Configure as a replica server from “MasterServerHostName”
- Use proxy server if needed
- Start connecting to master server
- Download updates in all languages
- Synchronize automatically
DON’T BEGIN INITIAL SYNCHRONIZATION
- NEXT and FINISH
- Open Options in Windows Update Service Console
- Update Source and Proxy Server (“MasterServerHostName”)
- Products and Classifications – is disabled because the Server will use the same settings as the Masterserver
- Update Files and Languages (Download files from Microsoft Update, do not download from upstream server) Firewall Rule to Internet is needed!!!
- Automatic Approvals – is disabled because the Server will use the same settings as the Masterserver
- Computers – Use Group Policy
- Server Cleanup Wizard is not need
- Report Rollup – is disabled because the Server will use the same Settings as the Masterserver
- E-Mail Notifications (Configure McAfee to allow SMTP and open Firewall to SMTP Server)
- Personalization – use standard setup
- Close Windows Update Service Console
- Update Source and Proxy Server (“MasterServerHostName”)
- Install SQLSysClrTypes.msi – Microsoft Download
- Install ReportViewer.msi – Microsoft Download
- Install SSMS-Setup-ENU.exe – Microsoft Download
- Open Microsoft SQL Management Studio to reconfigure the WSUS Database
- Connect to Database with the following Servername \\.\pipe\MICROSOFT##WID\tsql\query
- Change Memory Setup from Database
REBOOT SERVER
- Connect to Database with the following Servername \\.\pipe\MICROSOFT##WID\tsql\query
- Open Windows Update Server Console
- Check if the download option is set to download directly from Microsoft Updates again
- Synchronize with Replica Server
- After a succeeded synchronisation you will see all WSUS Organisation Units
- If you need a new Organisation Unit add the OU on the Master Server
- After a succeeded synchronisation and missing updates the download from Microsoft will start if Internet breakout is configured correctly
- Check if the download option is set to download directly from Microsoft Updates again
- Open Group Policy Management Console and configure a site policy e.g. for servers
- Configure WSUS Group Policy (Site Policy !!!)
- Create one Policy for Server Systems and one for Client Systems – split Clients and Server to different WSUS Servers
- Edit each Policy for the correct WSUS System (Computer Configuration – Policies – Administrative Templates – Windows Components – Windows Update) e.g.:
- Configure Automatic Updates
- Specify intranet Microsoft update server location and enter new server name
- Enable client-side targeting – add the new site name
- Create a WMI Filter for Servers and Clients – needed to split Clients and Servers
- Configure WSUS Group Policy (Site Policy !!!)
- Change IIS Settings
- Queue Length from 1000 to 25000; Limit Interval from 5 to 15
- “Service Unavailable” Response from HttpLevel to TcpLevel; Private Memory Limit (KB) to 0
- REBOOT SERVER