I have several servers behind a firewall, all with 192 addressing an
none have had updates in several years.
The firewall should have a rule to let requests to outside t
windowsupdate.microsoft.com using port 80
I have installed a WSUS server into this area and it is pingable
from all clients.
Pingable means only that: the server receives and responds to the ping
from the clients.
You have to make sure that your WSUS server is listening on port 80.
If the server is inside the firewall, on the same subnet as the clients
then they should have no problem findind your server.
Start with your WSUS server and make sure it can get updates fro
Microsoft, so your other machines have a place to go to get update
Better yet, start with your firewall to make sure your server will b
able to get updates.
- Use Internet Explorer on your WSUS server to test if it can reac
windowsupdate.microsoft.com (or Menu-->Tools-->Windows Update)
Configure your WSUS server to get updates daily from MS.
On the "Update Services" console, click on your server to expand it
then click on "Options" and "Update Source and Proxy Server"
Select "Synchronize from Microsoft Update", click Ok.
Then click on "Synchronizations" and, on the right side, click o
"Synchronize now". With all good, it should complete, depending on you
or you have to wait until it finishes.
Check your IIS settings, and "TO MAKE YOUR LIFE EASIER" edit the defaul
page (usually it is in C:\Inetpub\wwwroot\iisstart.htm) and put th
actual name of your server. It's better to see a friendly message.
Go to any of your clients, open a webbrowser and point it t
http://yourserver and you should see the page you just modified.
If all is good so far, it means that your WSUS server is listening an
serving on port 80, ie. this is the default, and you are good to go.
For your reference, here are the registry settings on a client side tha
*works* on a "workgroup" environment.
C:\ > reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
TargetGroupEnabled REG_DWORD 0x0
ElevateNonAdmins REG_DWORD 0x0
WUServer REG_SZ http://mywsusserver.acme.com
WUStatusServer REG_SZ http://mywsusserver.acme.com
C:\ > reg quer
NoAutoUpdate REG_DWORD 0x0
AUOptions REG_DWORD 0x5
NoAutoRebootWithLoggedOnUsers REG_DWORD 0x1
AutoInstallMinorUpdates REG_DWORD 0x1
RebootRelaunchTimeoutEnabled REG_DWORD 0x1
RescheduleWaitTimeEnabled REG_DWORD 0x1
RescheduleWaitTime REG_DWORD 0xf
DetectionFrequencyEnabled REG_DWORD 0xf
DetectionFrequency REG_DWORD 0xf
RebootWarningTimeoutEnabled REG_DWORD 0xf
RebootWarningTimeout REG_DWORD 0x1e
UseWUServer REG_DWORD 0x1
NoAUShutdownOption REG_DWORD 0x0
NoAUAsDefaultShutdownOption REG_DWORD 0x0
Hope this helps.
adelara's Profile: http://forums.techarena.in/members/210948.ht
View this thread: http://forums.techarena.in/server-update-service/1329150.ht