Tip

Properly set up Windows Update Services

In this two-part series, Serdar Yegulalp explains the benefits of Windows Update Services, the next version of Software Update Services (SUS), which is currently available for open evaluation until the final product is released later in 2005. Serdar covers how to set up WUS on a server in part one below. In

    Requires Free Membership to View

part two, he'll detail how to use it to roll out XP SP2 updates to desktops and when not to use WUS.


Microsoft's Windows Update Services (WUS), formerly known as Software Update Services, is set to be released in 2005. Currently available for open evaluation, WUS lets administrators silently custom-deploy updates and fixes throughout a network using Windows Update technology. But, to do so, you first have to make sure it's properly configured. In part one of this tip, I'll outline the benefits of WUS and explain how to set it up on a server.

The following is a list of reasons why you should consider using WUS. Note, in part two of this series, I will identify when it's best not to use WUS.

  • Total administrative management
    Administrators can install the updates that they want when they want, and withhold updates that may conflict with existing installed software.
  • Silent installs
    Updates to systems with Windows Update enabled can be rolled out "silently," without user interaction, and are installed at the next reboot.
  • Granular installs
    WUS lets you specify target groups of computers for deploying updates. The default updates all computers in your organization, but groups can be created through Group Policy or by adding computer names manually.

  • No user hassles
    Users don't need to install anything themselves. Administrators can also let the server retrieve and deploy the updates without intervention.
  • How to run WUS on a server

    Before you begin setting up WUS, you'll need IIS 5.0 or later, the .NET Framework 1.1 or better (included with Windows Server 2003), and the Background Intelligent Transfer Service (BITS) 2.0 or better. BITS is also a required component for each client. WUS will also install the SQL Server 2000 Desktop Engine as part of its component package, but if you want to use an existing SQL Server or SQL Server Desktop installation instead, you can specify that during setup. Desktop computers need to have BITS 2.0 or better installed, as documented on this Microsoft support page.

    During the install you'll be presented with an option labeled "Store updates locally." If you choose this option and provide a pathname, WUS will only roll out valid updates stored in that path rather than attempt to contact Microsoft for the latest updates. This is useful if you want to control which updates are rolled out by downloading them manually and placing them in the provided directory.

    If you choose to obtain updates from Microsoft, you must allow access on ports 80 and 443 from that server to Microsoft.com and Windows.com, so be sure to configure your firewall correctly. If you're using a proxy server to go through the firewall, you can specify the proxy using the WUS console (installed in Start/All Programs/Administrative Tools/Microsoft Windows Update Services). Select Options/Synchronization Options/Proxy Server to do this.


    Click for part two on using WUS to roll out XP SP2 and when to avoid using this update tool.

    More Information from SearchWindowsSecurity.com

  • Tip: Author Jonathan Hassell outlines what not to do when patching Windows
  • Tip: Get help prioritizing critical Windows patches
  • Tip: Get tools to ease patching pains


  • This was first published in February 2005

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.