Windows Server

How to target WSUS clients with the registry keys

The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interface can all use the registry.

For more articles written by me on the windows registry, see the following links below
– What is Registry Editor and how to access the registry hives?
– How to search through the Windows registry.

For more information on how-tos surrounding Windows registry settings, see https://techdirectarchive.com/?s=registry&orderby=relevance&order=DESC

Note: WSUS uses port 8530 for HTTP and port 8531 for HTTPS to provide clients work station (servers with Updates).

Steps: The below syntax should be saved with the .reg extension and run in order to create the registry keys.

In this step, I will be using the registry key as this can also be used to point the server to the Upstream server
create a registry key and save anywhere on your PC, double click to run the reg file created and reboot your PC.

Here is how the registry settings would look like, you can modify this by specifying the IP address. In the previous example, i used the local group policy.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"ElevateNonAdmins"=dword:00000001
"WUServer"="http://x.x.x.x:8530"
"WUStatusServer"="http://x.x.x.x6:8530"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000003
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000f
"AutoInstallMinorUpdates"=dword:00000001
"UseWUServer"=dword:00000001

https://wikileaks.org/ciav7p1/cms/page_13762930.htmlhttps://www.laptopmag.com/articles/create-reg-file-for-registry-hacks
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc708449(v%3dws.10https://wikileaks.org/ciav7p1/cms/page_13762930.html

After saving the file with the .reg extension and running it, this entries will be created in the registry

Note: You can also use the local group policy along side additional optionsa.
https://phyllisinit.wordpress.com/2014/04/28/how-to-connect-a-non-domain-server-or-workstation-to-your-wsus-server/

In order to be reported and have WSUS server approve updates on the server, run the follow commands below. These commands below force our servers to contact WSUS server.

They both can also be run at the same time as shown below

Navigate to the WSUS server and refresh the computer group, this server should appear.

For more articles I have written, see the following hyperlinks below
Configuring WSUS Email Notification to Work With Office365
How to setup and configure Windows server update services (WSUS)
– Important Areas to Master on WSUS (Installed and not applicable, Install 1/4, and Installed / Not applicable 100)
How to apply Windows Updates from WSUS to the server using AWS RunCommand
– How to Configure SSL between WSUS servers (Upstream and Downstream Servers)
– Handy WSUS Commands – Windows Server Update Services Commands, WAUACLT, PowerShell and USOClient
– How to Start, Stop and Restart Windows Server Update Services (WSUS) via PowerShell and CMD
– Windows Server Update Services: Windows 2016 Servers does not show up on WSUS console,
WSUS clients appear and disappear from the WSUS Update Services console

Note: to view report: you have to download and install Microsoft Report Viewer
https://www.microsoft.com/en-us/download/details.aspx?id=45496

With this installed reports can be generated as shown below

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Buy me a coffeeBuy me a coffee

Advertisements
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x