0%

0/1 Lessons

Introduction

• 4min

0 / 1 lessons complete

Optional Lab Setup

• 44min

0 / 5 lessons complete

Installation and Configuring WSUS (Windows Server Update Services)

• 1hr 36min

0 / 5 lessons complete

How to use WSUS

• 46min

0 / 4 lessons complete

WSUS Troubleshooting

• 11min

0 / 4 lessons complete

Advanced WSUS Administration

• 57min

0 / 4 lessons complete

Course Conclusion

• 1min

0 / 1 lessons complete

Instructions

Q&A (0)

Notes (0)

Resources (0)

Saving Progress...

Resources

There are no resources for this lesson.

Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.

Create note

About your instructor

paul hill

Paul Hill

Expert IT Instructor

Paul is an IT Professional with over 14 years of experience currently working as a Network Administrator in contract support of various Federal Agencies in the United States.

He has been teaching online courses for the past 5 years and taught over 250k students in 195 countries.

What skills will I learn in this course?

  • Learn Windows Server Update Services (WSUS) Administration from Basic to Advanced
  • Learn to install and configure WSUS
  • Setup a Windows Server 2016 Lab (including a Windows Domain)!
  • Learn how to approve Windows Updates in WSUS
  • Learn how to move your WSUS content to another drive or location
  • Configure WSUS Clients not in your Active Directory Domain
  • Quickly and easily configure WSUS Clients with Group Policy
  • Build Upstream and Downstream WSUS Servers
  • How to manage WSUS in offline/disconnected environments
  • WSUS Troubleshooting

In this lecture, we are going to talk about Windows Server Update Services or WSUS.

In short Windows Service Update Services or WSUS is a Server Role that allows administrators to control Windows Updates within their domain.

So, Microsoft will release patches on a monthly basis that address different vulnerabilities and bug fixes to the Microsoft operating system. You as an administrator can control whether or not your computers install certain updates, whether they are required or optional updates, etc.

It is really important that you install a WSUS Server within your domain and you use it to control and keep your network safe.

Now there are a couple of different ways that WSUS can acquire updates.

First, you can download updates directly from Microsoft. Now, this is a viable option if your network has Internet connectivity.

Second, you can download updates from another WSUS Server which would be called an upstream server.

You can also import files directly to your WSUS Servers. If your server is disconnected from the Internet you can download the files onto a CD Drive and then transfer those files to your offline WSUS Servers and then import them to your WSUS Server which would allow you now to push them out to all your clients machines.

The most important bullet point in this slide is that the WSUS Server Role should never be installed on a Domain Controller because you’ll have access issues with the database.

Here’s an example of Importing WSUS Updates.

On the left, you can see we have an isolated network. Obviously, certain networks contain sensitive information and it is better for them to not be connected to the Internet. But how do you install these updates and patch all these critical vulnerabilities? Well, a way you do that is you have another network that is connected to the Internet but doesn’t contain the same sensitive information. You get a WSUS Server stood up or configured and installed on that network that has Internet connectivity. You download the updates from Microsoft servers then you transfer those updates via a DVD or USB drive over to the isolated network and then that network can pass out those updates.

Now, an example of an Upstream/Downstream WSUS Server would be an isolated network. It wouldn’t even have to be a network that has to be connected from the Internet but a certain scenario where we have a WSUS Server that is retrieving updates from another WSUS server.

So we can see the Downstream server, in this case on the left-hand side is accepting or is polling its updates from the upstream server.

Now, you might be asking how this works, how do we get it up and running?

First, you add the WSUS Server role to remember not a Domain Controller. 

Then you configure the client computers with Group Policy. Now, you either wait for the clients to check with WSUS or you force an early check-in. When you’re getting this setup I recommend that you force an early check-in just so you can see things are working the way they are supposed to.

Once you’ve done that, you organize your WSUS clients in Computer Groups. This is good for testing purposes. Now, I don’t know with which kind of networks you guys are going to be working on but if you are working with developers, certain versions that .Net will make, you know certain code not work and different things so it is a good idea to test your updates, have a test group, let’s say four workstations and deploy test updates to that workstations, see if anything breaks and if it’s all good go ahead and deploy to the rest of your network.

Now, the monthly maintenance for this is to go through and approve updates for the specific computer groups. Now, patch Tuesday is a term you need to be familiar with and is generally the second and occasionally the fourth Tuesday of each month and this is when Microsoft releases all its updates for their vulnerabilities.

OK, That’s an overview of WSUS or Windows Server Update Services.

0 0 votes
Lesson Rating
Subscribe
Notify of
profile avatar
4 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

profile avatar
Sai(@sai-sankeerth-siddamshetty)
Member
1 year ago

Unable to access Video lessons. It is showing only one text document, no videos, no lab links. Please look into this ASAP. Tried opening Server Academy in different browsers but same layout. NO VIDEO LESSONS AVAILABLE.

Last edited 1 year ago by Sai Sankeerth Siddamshetty
profile avatar
Ricardo P(@ricardop)
Admin
Reply to  Sai
1 year ago

Hi profile avatar Sai Sankeerth Siddamshetty

We are checking for the issue. We will post an update once solved. Thanks for reporting.

Ricardo

profile avatar
Ricardo P(@ricardop)
Admin
Reply to  Sai
1 year ago

Hi profile avatar Sai Sankeerth Siddamshetty

The issue was identified and resolved, and the video lessons should are working again. It should not display text only as before.

Ricardo

profile avatar
Sai(@sai-sankeerth-siddamshetty)
Member
Reply to  Ricardo P
1 year ago

Thanks for rectifying the issue.