Using WSUS without AD |
Posted Wednesday, 02 May 2007 by Michael Khanin  Windows Software Update Server (WSUS) is a great product that can be used to push out updates to your Windows computers. If you are deploying it in an Active Directory domain, you can use a GPO to quickly and easily configure your computers to use Automatic Updates and look to the WSUS server for those updates. But what if you are not using AD, can you still use WSUS?
WSUS works just as well in Non-AD enviroments although the configuration is a bit more work on the client side. In order to control the behaviour of Automatic Updates and point the computers to the WSUS server there are a number of registry entries that have to be modified and/or created. To begin, open up regedit and drill down to:
These five settings control the WSUS enviroment. WUServer: Defines the location of the WSUS Server - RegString - http://wsus_server_name WUStatus: Defines the location of the WSUS Status Server - RegString - http://wsus_server_name TargetGroupEnabled: Enables (1) or disables (0) client side targeting - Reg_DWORD - 1 or 0 TargetGroup: Defines the name of the target group - Reg_String - Groupname ElevateNonAdmins: Enables (1) or disables (0) non-admin users from controlling what updates get installed. - Reg_DWORD - 1 or 0 The next set of options configures Automatic Updates on the client. These options are located in the registry under
There are alot of options but I am only going to cover the main ones. AUOptions: Automatically download and schedule installation. - Reg_DWORD - 4 ScheduledInstallDay: The day of the week to install the downloaded hotfxes, 0 = everday. - Reg_DWORD - 0 ScheduledInstallTime: The time of day to install the downloaded hotfixes, n = hour (0-23) - Reg_DWORD - 3 (3:00 AM) DetectionFrequencyEnabled: Enables (1) or disables (0) the detection frequency interval - Reg_DWORD - 1 DetectionFrequency: Specifies the detection frequency interval, n=hours (0-22) - Reg_DWORD - 22 NoAutoRebootWithLoggedOnUsers: Prevents Automatic Updates from rebooting the computer if a user is logged in. If set to 1 the user will be prompted to reboot, if set to 0 the user will be warned that the PC is rebooting in 5 minutes. - Reg_DWORD - 1 UseWUServer: This must be present and set to 1 in order for the WSUS Enviroment values to be used. - Reg_DWORD - 1 These are the main options that need/should be set, however there are many more options you can configure. Configure Automatic Updates in a Non              |
|||
Popular
- Disable TCP Auto-Tuning to Solve Slow Network (Vista)
- PXE, aka Pre-Execution Environment - Part 1
- Install Windows Components from Command Line
- How to configure an authoritative time server in Windows Server 2003
- Windows XP Cloning or Universal system installation
- PXE, aka Pre-Execution Environment and Acronis - Part 2
- How to move SQL Server databases to a new location by using Detach and Attach functions in SQL Serve
Login Form
News by E-Mail
