Ask the expert

The best ways to use a WSUS server in Windows Server 2012 R2

What is WSUS and how is it best used? Does a WSUS server support PowerShell?

Requires Free Membership to View

Operating system platforms are not static entities. Once initially installed, the operating system must be patched and updated as new content becomes available. This helps to ensure the best performance, reliability and security. But enterprise deployments pose challenges. When IT administrators must ensure proper updates on dozens, hundreds or even thousands of physical and virtual machines, the potential for oversights and mistakes can compromise even the best-run data center. Administrators need to recognize the tools available to help manage OS updates across the enterprise network. One native tool is Windows Server Update Services (WSUS).

WSUS provides Windows Server 2012 and Windows Server 2012 R2 administrators with a server-based tool capable of supporting Microsoft product updates across the organization. This can streamline update processes and help to ensure that all servers and systems are properly updated in a timely manner. This also avoids the need for a time-consuming and error-prone inventory of each individual machine. First introduced in 2005, WSUS is currently in version 4 released in late 2012.

In many situations, one server is configured as a WSUS server. The WSUS server connects to Microsoft Update to cache the available update and patch content. Administrators can then use the WSUS server to check installations, receive reports on the update status of certain machines and push out the cached updates to selected systems. This allows IT administrators to centralize and automate software updates. In addition, some servers can be allowed to connect directly to Microsoft Update, though these are usually non-essential systems or machines within a network's demilitarized zone where threat exposure will not harm the business.

The hardware requirements are generally light for a WSUS server role under Windows Server 2012 R2 and NET Framework 4.5, but data center developers should make the effort to meet or exceed requirements. These include at least one 1.4 GHz CPU or faster, 1.5 GB of additional memory (beyond the Windows OS requirements), 10 GB of storage space for WSUS and a minimum of 10/100 MB Ethernet connectivity. Most servers easily exceed these requirements, and a WSUS server can be provisioned as a virtual machine.

A series of 12 new cmdlets introduced with Windows Server 2012 and 2012 R2 allow WSUS functions to be scripted (or added to existing scripts) through PowerShell. This allows creation and support for scripts that administrators can use to automate activities and help maintain consistent activities across the data center. As just a few examples, Add-WsusComputer can add a specific client system to a target group, Get-WsusUpdate will get details about the available update and Approve-WsusUpdate will allow an update to be applied to systems. Other cmdlets provide additional control over getting and using WSUS.

This was first published in April 2014

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: