Configure WSUS to have computers download updates from Microsoft

   -     -   (0)  -    2 minutes

Windows Server 2012R2 Windows Server 2016 Windows Server 2019

In this tutorial, I will explain how to configure WSUS so that computers download updates directly from the Microsoft website and not from your WSUS server.

This configuration has the advantage of reducing the disk space required for storing updates, but at the cost of putting more strain on your internet connection. The timing of this configuration depends on your environment:

  • Available bandwidth
  • Number of products you manage in WSUS

It is also important to know that since Windows 10, there is a “P2P network” between computers for downloading updates between workstations, which saves bandwidth.

Now that you have all the information, I will explain how to do it.

In this tutorial I started from an existing installation, in the case of a new WSUS server, you just need to select the right option at the time in the initial configuration.

From the WSUS role administration console, click on Options 1 which is located in the left menu.

In the list of options, click Update files and languages ​​1.

A new window will open, which will allow us to configure the storage of updates, select Do not store update files locally (computers install from Microsoft Update) 1 then click on the Apply 2 and OK 3 buttons to validate the WSUS configuration.

To force a database update, we will use the WsusUtil.exe tool with the reset option.

SUMMARY

Checks that each row of database metadata is associated with a corresponding content stored in the file system. If the content is missing or damaged, WSUS re-downloads it. This command is useful after restoring a database.

Open a cmd or PowerShell prompt as Administrator.

Go to the following location:

cd "C:\Program Files\Update Services\Tools"

Launch the utility:

.\WsusUtil.exe reset

The command may take several hours to complete depending on the size of the database and the performance of the WSUS server.

Trick :

To know if the processing is finished, monitor the CPU usage of the database service, when it is normal, the database has been updated.

You can now run WSUS cleanup to remove the files already present.

Related Posts

apply the ruleWSUS : automatic approval of updates WSUS : deploy Microsoft Edge Console IIS on WSUSWSUS: Fix the problem of downloading Windows 10 updates

Leave a Comment