WSUS: Set up client-side targeting


The client-side targeting on WSUS, when enabled, allows you to directly assign to a group declare in the console. This declaration is not done GPO or by modifying the register of the customer workstation.


  1. Have created computer groups in the WSUS console.
  2. Configure clients with Group Policy.

Enable targeting

Go to the WSUS console, in the menu click on Options 1 then on Computers 2 . Select the option Use Group Policy or Registry Settings on computers 3 and click Apply 4 then OK 5 .
enable client target

The WSUS configuration is complete, now you have to configure the GPO for WSUS to put the computers in the correct group. To illustrate this article, computers will be assigned to Standard group 1.
WSUS Group

Edit the Group Policy that allows client configuration and go to the Windows Update client settings in Computer Configuration / Administrative Templates / Windows Component / Windows Update. Open the Allow client-side targeting 1 setting.
Gpo enable

Enable 1 the parameter, enter the group (s) 2 of membership separating by one; and validate by clicking Apply 3 and OK 4 .
Config gpo

The parameter is configured, it only remains to wait for the stations update their strategy and contact the WSUS server.
resume strategy

Related Posts

WSUS: automatic approval of updates
Introduction In this tutorial, we will see how to automatically approve definition updates on WSUS. Definition updates are available almost daily, automatic approval avoids doing so. Approve updates automatically 1. Go to the WSUS console in Options

Apply a GPO to a group
Introduction In this article, I will explain how to apply a Group Policy (GPO) to an Active Directory group that contains multiple users. The tutorial also applies in case you want to apply the policy to a particular user. Prerequisites Have created

GPO: Deploy a certificate
Presentation In this tutorial, we will see how to deploy a certificate on computers using a GPO. Some cases where you may need to distribute a certificate: Internal Certification Authority Appliance certificate for SSL filtering Self-signed web serve

Leave a Comment