The process of managing computers in the LAN and WSUS Server includes:
o Check if the computers in the LAN are connected to the WSUS Server. If the PCs are not connected to the WSUS Server, execute the sync commands manually from the unconnected PCs
o Check WSUS Server version and update WSUS Server to the latest version o Synchronize information about updates from Microsoft Server to WSUS Server o Allows the WSUS Server to download necessary updates for the operating system
and software from the Microsoft Server. Then check if the WSUS Server has downloaded all the selected updates
o Check the update status of PCs in LAN
o Check the update status of PCs and Servers in LAN on WSUS The steps are as follows:
Check the connection of computers in the LAN to the WSUS Server Check the initial WSUS Server configuration
Go to All Programs Administrative Tools Windows Server Update Services
34
Figure 3. 40 Manage computers in LAN and WSUS Server
By default, computers on the LAN will be included in the Unassigned Computers group.
It is possible to create Computer Groups to classify Windows operating systems and Group Computers to classify PC boards for easy management. We can further combine with Active Directory Users and Computers, Group Policy Management to perform updates for each Board at different times. Implement synchronization between the client and the WSUS server. Noticed, when I first installed WSUS Server, there were some PCs that were not connected to WSUS Server. Then, you can go to that PC, go to Run, execute the command wuauclt /resetauthorization /detectnow to connect that PC to the WSUS Server. In this case, on the Windows Server 2016 PC (Win_DC) execute the command: wuauclt /resetauthorization /detectnow.
After performing the sync, we have the result that the Windows Server 2016 PC has been added to Unassigned Computers in the WSUS Server
35
Group 09 - RESEARCHING AND DEPLOYING WINDOWS SERVER UPDATE SERVICES
Figure 3. 41 Manage computers in LAN and WSUS Server
Check WSUS Server Version
When new PCs and Servers are added to the WSUS Server, the Installed/ Not Applicable Percentage section is 0% because the WSUS server is analyzing the update status of the PCs. and Server. Now the status of the PCs and Servers is Not yet Reported. To perform the update status information immediately to the WSUS Server, go to the PCs and Servers that have not sent the update status information, go to Run, type the command wuauclt /reportnow. PCs and Servers immediately send updated status information to the WSUS Server. Sometimes, because the version of the WSUS Server is lower than the version of the PC and Server in the LAN, the status of the PC and Server remains Not yet Reported. At this time, it is necessary to update the version for WSUS Server. To see the WSUS Server version, go to Help About Update Service…
36
Figure 3. 42 Manage computers in LAN and WSUS Server To update, select the service pack of windows and download the update
After running the update package, the current version of the WSUS Server is 10.0.14393.2969
37
Group 09 - RESEARCHING AND DEPLOYING WINDOWS SERVER UPDATE SERVICES
Synchronize updates from Microsoft Server to WSUS Server
After the PCs and Servers have been placed in Unassigned Computers of WSUS Server and have notified the update status to WSUS Server, we have the following information:
Figure 3. 43 Manage computers in LAN and WSUS Server
For example in the above case for a Win_DC PC: the percentage of installed or inappropriate updates is 90%, the number of required updates is 234, corresponding to 10%. We proceed to synchronize (Synchronize now) to see if the required update number information for computers on the LAN from the Microsoft homepage about WSUS Server has changed:
Figure 3. 44 Manage computers in LAN and WSUS Server
38
After synchronizing, the program will notify the last update time and the update status is successful
Figure 3. 45 Manage computers in LAN and WSUS Server
Download updates from Microsoft Server to WSUS Server
Currently, PCs (Windows Server 2016 Win_DC) and Servers (windows server 2016) have 52 security updates and 22 critical updates that need updating.
Figure 3. 46 Manage computers in LAN and WSUS Server
Perform updates (Approve) updates for PCs, Servers to download updates from Microsoft homepage to WSUS Server.
39
Group 09 - RESEARCHING AND DEPLOYING WINDOWS SERVER UPDATE SERVICES
Figure 3. 47 Manage computers in LAN and WSUS Server
At the Approve Updates window, select All Computers, Select Approved for Install. Then select OK
Figure 3. 48 Manage computers in LAN and WSUS Server Wait for the process to accept the updates
40 2
1
Figure 3. 49 Manage computers in LAN and WSUS Server Accept the updated successfully, then select Close
Figure 3. 50 Manage computers in LAN and WSUS Server Wait for updates to be downloaded from Microsoft Server to the WSUS server
41
Group 09 - RESEARCHING AND DEPLOYING WINDOWS SERVER UPDATE SERVICES
Figure 3. 51 Manage computers in LAN and WSUS Server
After the WSUS Server has downloaded the updates we can see the required update number
Figure 3. 52 Manage computers in LAN and WSUS Server
42
Check the update status of PCs and Servers in LAN Check PC Win_DC01. Before updating the PC Win_DC01.
Figure 3. 53 Manage computers in LAN and WSUS Server
When it's time to sync updates from WSUS Server to PC Win_DC01 (set in Domain Controller's Group Policy). Updates will be automatically downloaded to your PC. After the updates have been downloaded to the PC, if the policy on the Domain Controller is Auto-Download and Notify for Install, a message will be displayed asking you to update the patches (for Win_DC01 PC).
This is the process of installing updates.
43
Group 09 - RESEARCHING AND DEPLOYING WINDOWS SERVER UPDATE SERVICES
Figure 3. 54 Manage computers in LAN and WSUS Server Once the update is complete, restart your PC. Click the Restart now
Figure 3. 55 Manage computers in LAN and WSUS Server After rebooting, we proceed to check for updates
44
Figure 3. 56 Manage computers in LAN and WSUS Server
Check the update status of PCs and Servers in LAN on WSUS Server After the computers in the LAN have been updated, we will receive a message that the computers are in 93% updated condition, required updates are 6 (Update needed)
Figure 3. 57 Manage computers in LAN and WSUS Server
45
Group 09 - RESEARCHING AND DEPLOYING WINDOWS SERVER UPDATE SERVICES
CONCLUSION Result
About learning knowledge
Through researching and building this topic, we have strengthened and learned many things such as:
o Consolidating knowledge about network administration, through the course in general and the final topic in particular, helped the group to better understand how it works as well as the benefits of implementing WSUS
o Cultivate knowledge and observation skills, be sharp in exercises as well as proficiently use virtual machines, apply vmware to network administration.
About the topic
Facing the rapid development of information technology, the deployment and implementation of WSUS is an indispensable thing. The results of the project are:
o Understand and understand how it works, as well as deploy and install WSUS o Finalize the topic, deploy and install WSUS
After finishing a project, the indispensable thing is a written report on your topic and project presentation slides. The detailed report presents a reasonable table of contents layout.
Difficulty
Do not time perfect project but time time. Song if there are many time more than group they will complete and security up to that you can be given up to the performance.
46