How to target WSUS clients with the registry keys

Posted on Christian By Christian 8 Comments on How to target WSUS clients with the registry keys

The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interface can all use the registry. In this article, you will learn how to target WSUS clients with registry keys. Please see WSUS Setup: How to configure Windows server update services, and Client Visibility Issues: Fix WSUS Clients appear then disappear in the console.

Here are some related WSUS contents. Handy WSUS Commands(Windows Server Update Services Commands, WAUACLT, PowerShell and USOClient). Also, see how to Start, Stop and Restart Windows Server Update Services (WSUS) via PowerShell and CMD.

Steps to target WSUS clients with the registry keys

The below syntax should be saved with the .reg extension and in order to create the registry keys. In this step. I will be using the registry key as this can also be used to point the server to the Upstream server.

Create the registry key and save it anywhere on your PC. Next, double-click to run the reg file created, and reboot your PC.

Here is what the registry settings would look like, you can modify this by specifying the IP address. In the previous example, I used the local group policy. For more articles written by me on the Windows registry, see the following hyperlinks. What is Registry Editor and how to access the registry hives? and how to search through the Windows registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"ElevateNonAdmins"=dword:00000001
"WUServer"="http://x.x.x.x:8530"
"WUStatusServer"="http://x.x.x.x6:8530"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000003
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000f
"AutoInstallMinorUpdates"=dword:00000001
"UseWUServer"=dword:00000001

For more articles I have written, see the following hyperlinks: Configuring WSUS Email Notification to Work With Office365, How to setup and configure Windows server update services (WSUS), and Important Areas to Master on WSUS (Installed and not applicable, Install 1/4, and Installed / Not applicable 100)

Run the created Registry Key

After saving the file with the .reg extension and running it, these entries will be created in the registry

Note: You can also use the local group policy alongside additional options.

In order to be reported and have the WSUS server approve updates on the server, run the following commands below. These commands below force our servers to contact the WSUS server.

They both can also be run at the same time as shown below. Please see how to disable automatic Windows updates.

Navigate to the WSUS server and refresh the computer group, this server should appear.

Also, see How to apply Windows Updates from WSUS to the server using AWS RunCommand, and How to Configure SSL between WSUS servers (Upstream and Downstream Servers)

View WSUS Reports

Note: To view the report, you will have to download and install Microsoft Report Viewer.

With this installed reports can be generated as shown below


Windows Server Update Services: Windows 2016 Servers does not show up on WSUS console, and WSUS clients appear and disappear from the WSUS Update Services console.

FAQs

How does the AU Client work with WSUS?

The AU client understands each client setting, communicates with the WSUS server on a scheduled basis, and keeps your client up to date. Each supported Microsoft OS includes its own version of the AU client; however, the client machine updates the AU client to the latest version when it first contacts your WSUS server to ensure compatibility.

Why does the AU client need to update when connecting to a WSUS server?

The AU client must update to the latest version to ensure compatibility with WSUS and its features. This update occurs automatically when the client machine first contacts the WSUS server, allowing the AU client to apply the correct settings and manage updates effectively.

I hope you found this blog post helpful on how to target WSUS clients with the registry keys. Please refer to this article on how to disable unused Cisco Access Ports. If you have any questions, please let me know in the comment session.

5/5 - (1 vote)
Windows Server Tags:, , , , , , ,

Related Posts

More Related Articles

banner How to Create a Child and Tree Domain Windows Server
vtpm 1 Enable vTPM and BitLocker HyperV VM: Fix the device that cannot use a TPM module Virtualization
banner How to install and configure FSRM in Microsoft Windows Server Windows Server
adc How to add a second Domain Controller Windows Server
Screenshot 2021 02 05 at 19.09.17 How to install and update PowerShell version 7 on Windows and Linux Windows Server
How to create an Advanced Windows Scheduled Task Windows Server

Comments (8) on “How to target WSUS clients with the registry keys”

  2. when I change the register table as you show above, it works well. but I have thousands of PC. So how can i apply the new WSUS server ip to all the clients.

  3. I made a GPO and pushed it from the AD server. However, the majority of virtual computers display “the RPC server is unavailable”.

    1. Since this affects only a subset of PCs’, there is no need to troubleshoot (verify) the policies with WSUS client agent. Could you verify if the WSUS agent service (wuauserv) is running? If yes, run (gpupdate /force) and re-run this command (wuauclt /detectnow) to fix or update the agent, run. This could also be a network-related issue (DNS-related). If all the services are running, the DNS flush and renew might fix it.

      Kindly take a look at the Windows Event Viewer (windowsupdate.log) for more information as there could be other reasons why the error is prompted.

Leave a Reply