In this guide, we will fix DllRegisterServer failed error code 0x80040201 schmmgmt.dll. While migrating Active Directory getting this error the module “schmmgmt.dll” loaded but the call to DllRegisterServer failed with error code 0x80040201.
When struggling to register the Active Directory Schema Snap-in (also known as the Schema MMC console or Schema Console) using Windows. Windows Server. We may have to apply the command from a dos command prompt. Otherwise, you will have the following error after applying the registration command regsvr32 schmmgmt.dll
We are getting that error message because User Account Control on the computer may be limiting your competencies to register the Active Directory Schema Snap-in. Even when we logged on with a user account that is a member of the Schema Admins group. Note that it isn’t necessary to log in or start an elevated command prompt using an account that belongs to the Schema Admins group.
To open a command prompt, click on the Windows Start button from the toolbar, and type Command Prompt. Then, you right-click Command Prompt and then click Run as administrator.
Type regsvr32 schmmgmt.dll and then press enter
Once the Schema Management dll is registered (schmmgmt.dll) you will get a successfully registered message.
Now you can go back to console root, select the file, and add or remove snap-ins.
In this article, I will explore how to demote the domain controller in Windows Server 2019 Active Directory Domain Services (AD DS). Do you want to demote a domain controller? Is your domain controller having issues and do you need to manually remove it? No problem.
In this article, we will walk through two options to demote a domain controller. If you are able to access the Windows server then the first option is the preferred choice.
Note: Do not tick Force the removal of this domain controller box. Only choose this option if you are uninstalling the last domain controller in the domain.
You may change credentials on this screen if required and then click next.
The domain name system (DNS) server warnings window.
Tick the box Proceed with removal and then click next.
If you get the DNS delegation option you can choose Remove DNS delegation and then click next. Mostly, you will not get DNS delegation and can untick this box.
In this article, I will explain how to enable network discovery in Windows Server 2022. Network Discovery is a Windows feature that permits Windows computers to discover and find other devices and computers on the network.
In the services fine and open the Function detection resource publication service.
Set it to Automatic, status start, and then apply the changes.
Now open the SSDP Discovery service.
Set it to Automatic and then click ok to apply the changes.
Open the UPnP host devices service
Set it to Automatic and then click ok to apply the changes.
After applying the changes, we will have activated network discovery in Windows Server 2022.
Conclusion
In the above steps, we have learned how to enable network discovery in Windows Server 2022. This is the way to solve this problem in our server. It is important to check the computers/devices inside the network.
In this guide, I will explain how to join Windows to domain controller 2022. To add a computer, in this case, Windows 10 or 11, to a domain in Windows Server 2022 we require the following. Windows 10 or 11 Professional or Enterprise, this since Windows 11 Home does not allow adding the computer to the domain.
Requirements for Domain
Required an account that is a member of the domain First, we need to check that the Windows IP configuration is correct.
Join Windows to Domain Controller
Open network properties, typing “ncpa.cpl” in the run command. Apply the changes and then exit the configuration.
Right-click on this pic on the Windows 11 desktop and then select properties.
Under system > About, click on Domain or workgroup.
Windows 11 system properties, select the Change button to job Windows to Active directory.
Select the Domain box and then enter the domain name, click ok.
Now enter the domain administrator credentials and then click ok.
Select the ok button and after a moment the computer will join the domain controller.
Click ok to restart the computer.
Click close
Restart the client computer by selecting Restart now.
After logging in Windows 11 operating system, open Windows Settings, About. Now you can see that the equipment has been added successfully to the selected domain.
We go back to the Windows Server 2022 domain controller, in the Windows Server 2022 go to the Server Manager, choose Tools, and then Active Directory Users and Computers.
In the Active Directory users and computers window, expand your local domain. Click on the Computers section and then on your right side you can see the previously added equipment.
This has been a very easy procedure to add a computer to a domain controller in Windows Server 2022 and thus be able to manage it according to the established policies.
Windows Server and macOS are two popular operating systems widely used in enterprise and personal computing. Both operating systems have unique features and functionality that suit specific tasks and environments. This article will explore what Windows Server and macOS are, how they work, and their key differences.
What is Windows Server?
Windows Server is a server operating system developed by Microsoft. It is design to provide a platform for running and managing server-based applications, services, and data. Windows Server is a powerful operating system that offers a range of features, including remote access, data storage and management, security, and virtualization.
One of the key features of Windows Server is Active Directory, a directory service that stores information about users, computers, and other resources on a network. Active Directory allows administrators to manage and control access to network resources, such as files, printers, and applications.
Windows Server also includes various other features, such as Windows PowerShell, a command-line interface for managing Windows Server, and Hyper-V, a virtualization platform that allows multiple operating systems to run on a single physical server.
How does Windows Server work?
Windows Server provides a platform for running and managing server-based applications and services.
It can be installe on a physical server or run as a virtual machine on a hypervisor. Once installe, Windows Server can be configure and managed using various tools, including the Server Manager, PowerShell, and the Windows Admin Center.
Windows Server can also be configure to provide remote access to resources on the network. This can be complete using Remote Desktop Services, which allows users to access applications and desktops on a remote server. Windows Server can also be configure to provide secure access to resources on the network using virtual private networking (VPN) or DirectAccess.
What is macOS?
macOS is an operating system developed by Apple Inc. It is designe for use on Apple’s Macintosh computers and provides a user-friendly interface for managing and using the computer.
macOS is know for its stability, security, and ease of use.
macOS includes various features, such as Spotlight, a search tool that allows users to quickly find files, documents, and other content on their computer. It also includes Time Machine, a backup and restore tool that allows users to back up and restore their data easily.
Another key feature of macOS is its integration with other Apple products, such as the iPhone and iPad. Users can easily share files, documents, and other content between Mac and Apple devices using features such as AirDrop and iCloud.
How does macOS work?
macOS works by providing a user-friendly interface for managing and using the computer. It is built on a UNIX-base foundation, which provides stability, security, and performance. macOS includes a variety of built-in applications, such as Safari, Mail, and iTunes, as well as the App Store, which allows users to download and install third-party applications.
macOS can be configure and manage using the System Preferences application, which provides a graphical interface for managing network configuration, security, and display settings. macOS also includes Terminal, a command-line interface for managing the operating system and running scripts and other commands.
One of the key advantages of macOS is its tight integration with other Apple products, such as the iPhone and iPad. Users can easily share files, documents, and other content between Mac and Apple devices using features such as AirDrop and iCloud.
Key Differences between Windows Server and macOS
While both Windows Server and macOS are powerful operating systems, they have several key differences.
One of the main differences is the target audience. Windows Server is design for enterprise environments, while macOS is design for personal use. Windows Server is optimiz for running server-base applications and services, while macOS is optimiz for providing a user-friendly
This blog has detailed how to schedule Windows Server Reboot Automatically (Windows or Server 2008/2019). You may want to reboot a Windows Server once a week or month as a matter of routine maintenance. It’s particularly useful too. Say you want to reboot a server because you installed particular software that you didn’t expect needed a restart, or there are some updates. You cannot really do it unless after hours and you don’t need to hang around and then you would just like it to reboot itself a couple of hours after working hours when everyone left.
Note: I’m using Windows Server 2019. This is almost the same as in 2008/2012/0216.
1- Select the search bar and type Task Scheduler, click on it to open. You can find it by clicking on the Windows start button, expanding Windows Administrator Tools, open Control Panel to select Administrative Tools.
2- Create a new basic task using the Create Task action.
3- Type a name for the task. I renamed it Restart Server or (Restart This Server). Type a description Schedule Windows Server for Automatically restart.
4- Since this task is to just restart the server one time (select one time) and then click next.
5- Provide it a date and time to restart. Click next.
6- Select Start A Program action and then click Next.
7- Type shutdown into the Program/Script box and then /r into the Add arguments box. Click Next.
8- Click Finish.
9- We are almost done if you want this to run if you get logged off and you want to set this up so you can use it again later. In the Task Scheduler right-click on your new task and then select Properties.
10- This will show up on the general settings page. The default settings are “Run only when the user is logged on” Switch it to “Run whether the user is logged on or not”. Choose Configure to select the Server you want to reboot.
11- Select ok, after typing your administrator password.
Changing the Schedule for The Automatic Reboot
So now we have a task that will automatically reboot our Windows server (Computer, PC) one time.
12- Go back to the Task Scheduler Window, right-click on the task, and then click Properties. Select the Triggers tab.
13- Select the One Time trigger and then click the Edit button. Change the time and date, click ok and your server/PC/computer will now restart at the new time.
14- When you click ok it will ask you to re-enter the administrator password.
What is the most effective way to plan Windows Server’s automatic reboots?
The Task Scheduler function integrated into Windows Server is the best way to arrange automatic reboots. You can build scheduled tasks in Task Scheduler that can start a server reboot at predetermined intervals or particular days and hours. You can automate the reboot procedure without any human intervention by specifying the proper parameters in Task Scheduler. This guarantees that your Windows Server reboots on a regular basis, enhancing system performance and health.
How can I restart Windows Servers in a program for routine maintenance?
To automate Windows Server reboots for routine maintenance, utilize Task Scheduler. By creating a scheduled job in the work Scheduler, you can set the ideal timing and frequency for the automated reboots.
You can configure it such that the server reboots either once a week or once a month, depending on your maintenance requirements. Now that human interaction is no longer necessary, you can focus on other important tasks while still making sure that your Windows Server reboots periodically for peak performance.
What are the benefits of scheduling Windows Server reboots automatically?
Scheduling Windows Server reboots automatically offers several benefits, including:
Streamlined maintenance:
Automated reboots ensure routine maintenance tasks, such as installing updates or software, are performed on schedule, reducing the risk of neglecting important tasks.
Time savings:
By eliminating the need for manual intervention, administrators can save time and effort that would otherwise be spent initiating reboots individually.
Increased productivity:
Scheduled reboots can be set to occur during off-peak hours or after work hours, minimizing disruptions to users and maximizing productivity.
Improved stability:
Regular reboots help refresh system resources, clear memory, and resolve certain software or configuration issues, leading to improved server stability and performance. By scheduling Windows Server reboots automatically, you can ensure that your server operates at its best while minimizing manual effort and interruptions.
Can I schedule specific dates and times for Windows Server automatic reboots?
Yes, you can schedule specific dates and times for Windows Server automatic reboots using Task Scheduler. You can set the trigger parameters when creating a task in Task Scheduler to specify the precise date, time, and repetition pattern for the automated reboot. With this flexibility, you can modify the schedule to suit your requirements and make sure that the server reboots when you want it to without the need for user intervention.
Are there any risks or considerations when scheduling automatic reboots for Windows Server?
When scheduling automatic reboots for Windows Server, there are a few risks and considerations to keep in mind:
Impact on running processes:
Rebooting the server automatically may interrupt running processes or services, potentially affecting ongoing operations. It is important to plan the reboot schedule carefully to minimize disruptions.
Data loss or corruption:
Before starting automated reboots, make sure that all unsaved data is correctly saved and backed up to avoid any possible data loss or corruption.
Application compatibility:
Prior to setting up automatic reboots, it’s important to take into account any requirements or dependencies that some apps or services may have. To prevent any problems, make sure that crucial apps are compatible with the reboot schedule.
Compatibility with applications:
Some applications or services may have specific requirements or dependencies that need to be considered before scheduling automatic reboots. Ensure that critical applications are compatible with the reboot schedule to avoid any issues. By considering these risks and taking appropriate measures, such as proper data backup and compatibility checks, you can mitigate potential issues and ensure the smooth execution of scheduled Windows Server reboots.
How to ensure the successful execution of scheduled Windows Server reboots?
To ensure the successful execution of scheduled Windows Server reboots, consider the following tips:
Test the reboot process:
Before implementing the scheduled reboot, test the process on a non-production environment to ensure it works as intended.
Monitor system health:
Regularly monitor the server’s health and performance to identify any potential issues that may impact the scheduled reboots.
Check for pending updates:
Ensure that all pending updates are installed before initiating the reboot to prevent conflicts or incomplete installations.
Communicate with users:
Inform users or stakeholders about the scheduled reboots to minimize any potential disruptions and ensure they are aware of the maintenance schedule. By following these guidelines, you can increase the likelihood of successful execution and minimize any potential issues during scheduled Windows Server reboots. Is it possible to schedule Windows Server reboots for after-hours to minimize disruption? Yes, it is possible to schedule Windows Server reboots for after-hours to minimize disruption.
Conclusion
In conclusion, this guide has provided a comprehensive explanation of how to schedule Windows Server reboot automatically, specifically for Windows Server 2008/2012/2016/2019. Regular server reboots are essential for routine maintenance, and this automated scheduling process proves to be highly beneficial.
Whether it’s for unexpected software installations requiring a restart or system updates, automating the reboot process allows for convenient execution during after-hours when staff is not present.
The great thing about free Veeam Agent for Microsoft Windows is that it’s easy to use, and you don’t need any special IT knowledge to operate it. You can customize your backup settings to schedule backups, choose where to store your backups, and even encrypt your data for extra security.
With Veeam Agent for Microsoft Windows Free, you can back up your entire system, specific volumes, or individual files and folders. Plus, you can restore your files to their original or another location.
The best part? It’s completely free! You don’t have to worry about any hidden costs or fees.
Don’t let a data disaster happen to you. Protect yourself and your data by using Veeam Agent for Microsoft Windows, which is free. Back up your computer today and avoid the stress of losing your important files.
System requirements
The installation process for Veeam Agent for Microsoft Windows FREE is straightforward and easy. Once you’ve downloaded the installation file, simply run it and follow the on-screen instructions. You’ll be ask to accept the license agreement and choose the installation location.
Installation
Once the installation is complete, you’ll be prompt to create a backup job. You can choose what to backup, where, and when to schedule the backup. You can also set up email notifications to alert you if the backup job encounters any issues.
It’s important to note that you should always test your backups regularly to ensure your data is recoverable in a disaster. With Veeam Agent for Microsoft Windows FREE, you can easily restore your data by selecting the backup file and choosing what you want to restore.
After you have downloaded the archived file of Veeam Agent for Microsoft Windows FREE, you will need to extract it by unzipping it. Once you have done this, you can run the executable file to install the backup tool on your Windows-based device.
Assuming you have read and understood the terms and conditions, click the “Accept” button and proceed with the installation by clicking “Install.” The installation process should not take more than a minute or two to complete. Once installed, you will be present with various backup options such as external hard drives (e.g. USB flash drives, external HDDs, etc.), network folders (NAS), or Veeam backup repositories if you are already using other Veeam Availability solutions, as shown in the image above.
Once the installation is complete, you’ll have the option to run the Veeam Recovery Media creation wizard immediately or at a later time. If you create a USB flash drive, like in this example, check the box to deploy it immediately. But if you prefer to back up to a network folder or a Veeam repository, leave the box unchecked and configure it later.
It’s worth noting that when using a USB flash drive as your recovery media, Veeam Agent for Microsoft Windows will format it with FAT32. This means the flash drive will be limit to 32 GB and files equal to or less than 4 GB. However, this allows the USB flash drive to boot both BIOS-based and UEFI-based PCs.
You must select the media type when creating the recovery media in Veeam Agent for Microsoft Windows. In this window, I chose my USB drive and clicked Next. You can also create and store an ISO image file locally or externally. Including your computer’s storage and network, drivers are advisable when creating the recovery media. This will be useful when using the Veeam Recovery Media to boot your PC.
Now that your USB flash drive is bootable and ready to store backups, you can configure your backup jobs.
Configure backup
To access this feature, navigate to the Status tab in the top right corner. You will be present with three backup options: the entire computer, volume-level backup, and file-level backup. Choose the option best suits your needs and click on it to proceed.
Your approach to backing up your files will depend on your objectives and a backup plan. For instance, I personally use the file-level backup option to protect a constantly changing folder where I store work-related files.
Among these files are some of Gostev’s digests, which offer valuable insights into Veeam Backup & Replication v10. I saved these emails in the folder and plan to reference them in my guide in the future.
Back up your computer with Veeam Agent for Microsoft Windows free
Following the selection of the folders and files to be backe up. you will select the location of your backup files — Local Storage, Shared Folder, or Veeam Backup Repository.
As mentioned earlier, I will use local storage and a USB flash drive.
An Advanced option at the Local Storage step allows. you to schedule active full backups regularly, encrypt your backup files with a password, and change data reduction settings. More information on active full backups can be find here.
The following step is backup scheduling. This option is very flexible, allowing you to choose different days, and times, or to trigger the backup job at specific events such as log off, computer lock, or when you attach the backup target.
Select the best time to back up your computer (daily or based on user activity via backup events) and click Apply. You’re almost finish.
You can run the job immediately after pressing Finish on the Summary tab. If you leave the check box unchecked, the backup job will run as scheduled. That’s all. The backup job has been configure successfully.
Restore
I assure you that you are safe because your files are back on your recovery media. But first, let’s look at how you can actually restore some files.
Select Restore > Individual files from the menu that appears when you right-click the Veeam Agent for Microsoft Windows icon in the system tray.
The file-level restore window appears, and you must select the desired restore point.
Next, click. The Backup Browser is launched, from which you can restore entire folders or individual files.
I mistakenly removed one of the Digests from the Veeam Community Forums, and now I need it back. No worries. The email file was in the Work folder, which Veeam Agent for Microsoft Windows backs up for me every day at 12:30 a.m., so I’ll simply recover it from there.
To restore an object, right-click the file or folder of interest and select:
Overwrite to replace the original file on your computer with the backup file. Keep the restored file from the backup and the original file on your computer. In order to save the file to a different location, the restored object’s name will have the RESTORED- prefix.
Copy To… to save the file in a different location. Because the file had vanished from my computer, I chose the Overwrite option to save it to the original location.
You can also use Windows Explorer to access your backup files. Your backup files are stored on the USB flash drive in the VeeamBackup folder.
There are two types of files here:vbk — full backups — and. vib — incremental backups. When Veeam Agent for Microsoft Windows runs the first backup job session, it copies all data that you chose to back up to the target place – this is a full backup recorded as a.vbk file.
Incremental backup files
Vibs happen between full backups and only copy data that has changed or been added since the last backup job session.
The restore procedure can also be initiated from the Status tab of Veeam Agent for Microsoft Windows, where your backup timeline is displayed. Choose the backup you wish to restore and then click Restore Files.
Conclusion
I hope this step-by-step advice will assist you in properly backing up your PC and safeguarding your data. Veeam Agent for Microsoft Windows FREE is a program that requires no significant technical knowledge and takes only a few minutes to configure. If you have any questions about Veeam Agent for Microsoft Windows, please leave them in the comments below, and I will gladly answer them.
Let’s have a look at how to backup active directory Windows server 2022. Maintaining the probity of the information is something that every Windows Server system administrator must take into account.
There are different methods to create backups, but one of the most useful is to make use of Active Directory backups since it is where domain objects are managed. For this, the correct way is, hardware at the disk level where the information is stored and the software that performs the task, the VSS (Volume Shadow Copy Service) is used, this work is to coordinate all the essential actions to create an operational snapshot on the system.
Let’s see how to Validate Switch Enabled Teaming Configurations while validating a two-node clustering. I am testing two-node failover clustering in my virtual lab. NIC Teaming testing is failing for Microsoft Failover Cluster in Windows Server 2022 at the initial configuration of the Failover Cluster.
Note: Please don’t apply to a physical server, this solution is applicable to only Virtual Environments. Problem Getting this error “NIC Teaming feature test is failing for Failover Cluster” in Windows Server 2022.
Error Message An error occurred while executing the test Unable to connect to “node1.domain.local via WMI This may be due to “networking issues” or a “firewall configuration” Workaround Launch Failover Cluster Manager on any of the Windows Server 2022 nodes. Click on Validate Configuration under the action menu.
Select the browse button to select the required Windows Server 2022 nodes.
Enter the name of your server nodes and then click ok.
Click next when done.
The first option select Run all tests (recommended) or choose Run only tests I select to perform all the tests or only the network-related tests respectively.
Expand the Network section and then clear the Validate Switched enabled Teaming configuration option. This will exclude the test to be executed on the Windows Server nodes and will achieve all other tests on both the server nodes for Failover Cluster configuration. Select next for confirming the tests to run.
Select next and then click on the Finish button when the execution of the test is completed.
This post will cover how to upgrade Active Directory 2019 to Server 2022. I will perform an in-place upgrade of an active directory domain controller running on Windows Server 2019. When we upgrade the domain controller, it permits us to go from an older operating system to a newer operating system, while keeping our settings, server roles, and data intact. This guide will be used to fulfill an in-place upgrade of an active directory running on Windows Server 2019 to Windows Server 2022.
Visit Microsoft Website to Upgrade Domain Controller to a newer version.
Table of Contents
In-Place Upgrade Windows Server 2022 Paths Pre-requisites for Upgrading Domain Controller Check the AD Schema Version Run Adprep /ForestPrep Run Adprep /DomainPrep
Upgrade Domain Controller from Windows Server 2019 to Server 2022
Steps to Upgrade Domain Controller
In-Place Upgrade Windows Server 2022 Paths
When you plan to upgrade the active directory domain controller on Windows Server, first, you need to check the upgrade paths. For instance, when you wish to do an in-place upgrade of Windows Server 2109 to Server 2022, you first need to check if it is a supported upgrade path. You can visit the Microsoft Website for an Overview of Windows Server upgrades. Microsoft has not yet updated in-place upgrade paths for Windows Server 2022. You do not need to worry as upgrading an active directory domain controller from Server 2019 to Server 2022 is supported.
Pre-requisites for Upgrading Domain Controller
The below steps will cover a few prerequisites before you upgrade the domain controller from Server 2019 to Server 2022. Backup the Server before upgrading – You need to backup included virtual machines apps and operating system before you upgrade the domain controller. Verify the system requirements – it is important, to check the hardware requirements. Make sure Applicthe ation compatibility. Download Windows Server 2022
First, check the AD Schema Version
Open the Windows PowerShell and then run the below command to determine the current AD Schema version.
When you run the adprep /forestprep command to upgrade the schema on a domain controller that is running Windows Server 2019, you see the following. Forest-wide information has already been updated. [Status/Consequence] Adprep did not attempt to rerun this operation
Run Adprep /DomainPrep
When you run the adprep /domain command to upgrade the schema on a domain controller that is running Windows Server 2019, you see the following. Domain-wide information has already been updated The Adprep did not attempt to rerun this operation It means you don’t have to upgrade the schema as it is on lathe test version.
Steps to Upgrade Domain Controller
To upgrade the domain controller, you need the Windows Server CD/DVD or Bootable USB Media. Windows Server 2022 setup media, double click to run the setup.exe.
Install the Windows Server window, and click on next.
To upgrade to Windows Server 2022, type the product key and then click Next.
On the Select Image window, choose the correct operating system image and then click Next.
Accept the license terms.
On the Choose what to keep window, choose to Keep files, settings, and apps and then click next.
Getting updates
Click the Install button to start the Windows Server domain controller upgrade.
The server will restart sometimes during the upgrade.
The domain controller upgrade often takes time to complete. There are a number of factors that confine the time required to upgrade a domain controller. After some restarts, the Windows Server 2019 domain controller will be upgraded to Windows Server 2022.
Open about My PC to verify the Windows Server edition and also you can check the folder named (Windows.
After the WSUS installation, we can configure the Windows Server Update Services WSUS server through WSUS Server configuration wizard. This is a one-time configuration where we will configure some important WSUS options.
Configure Windows Server Update Services
1- Select Tools and then select WSUS Server Configuration wizard.
Note – Before you begin the configuration of WSUS, some important points.
Make sure the server firewall allows the clients to access the WSUS server. If clients have issues connecting to WSUS server, updates wouldn’t be downloaded from server. The WSUS downloads the updates from upstream server which is Microsoft update in our case. So please ensure that the firewall allows the WSUS server to connect to Microsoft Update. In case if there is a proxy server in your organization, you should type the credentials for proxy server while configuring WSUS.
2- Click Next.
3- Click Next.
Choose WSUS Upstream Server
This is the important section where we select the upstream server. You get two options.
Synchronize from Microsoft Update – After Selecting this option will download the updates from Microsoft update. Synchronize from another Windows Server Update Services server – Select this option if you want this WSUS server to download updates from already existing WSUS server. We should specify the server name & the port number (8530) by default. If you want to select the option to use SSL during updates synchronization, make sure that upstream WSUS server is also configured to support SSL.
4- This is the only WSUS server; I will choose Synchronize from Microsoft Update and then click Next.
Proxy Server
5- Specify Proxy server information if you have got one and then click Next.
6- Select Start Connecting button.
7- Once completed, click next.
Choose Languages for Updates
8- Select Download updates only in these languages options. Select the languages for which you want updates and then click next.
Choose Products
9- This is the window where we can select the products for which we want the updates. From the list of products, we can select individual products or product families for which we want our server to synchronize updates. In my case, I will select Windows Server 2019 and Windows 10 1903. Click Next.
Choose Update Classifications
10- Select the required classifications. I am going to select Critical Updates, Security Updates, and Update Rollups. Click Next.
Configure WSUS Synchronization Schedule
11- We should decide on how to perform WSUS sync. Select whether to perform synchronization manually or automatically. Click Next.
12- Select checkbox Begin initial synchronization and then click next.
13- Select Finish, this completes the steps to configure WSUS.
14- Here you can see synchronization status.
WSUS CONSOLE
15- The summary of updates.
16- We have not approved any updates yet, Select All updates.
17- Under source select any and then click refresh.
18- After hitting Refresh button and we will be able to see all updates.
19- Here in this list of all updates there is no way for me to kinda select update and say, deploy right now to machines that are not how WSUS works. What we need to do is approve the update by right-clicking the update and then select Approve.
20- We can’t see any computer/server listed here.
Create WSUS Groups
By default there are 2 WSUS groups.
All Computers: this group registers computer accounts when they contact to the WSUS server and this group you should not populate manually Unassigned computers: this group is not assigned to other groups by the WSUS Administrator.
1- Select options and then select Computers.
2- I will choose the second setting Use Group Policy or registry settings on computers.
3- To create a new group, right-click on All Computers and then select Add Computer Group.
4- I am going to create only one group Windows10 because I have only one Windows to test WSUS. You can create groups as per your requirements. You can type in whatever name you like and click Add.
5- Here you can see the group (Windows10)
WSUS Group Policy Management
It will give me the abilities to use group policy to assign the correct machines into this group. I am going to open GPO group policy management console in the domain controller and have a look at the different OU’s. I have moved one client machine with windows 10 in Windows10 OU.
1- Select Tools and then Group Policy Management.
2- Now we need to create a new GPO and then will link it to Windows10 OU. Right click on Windows10 OU and select Create a GPO in this domain…..
3- Type GPO name and click ok.
Here is the GPO, once it’s configured and attached, we need to edit the GPO so we can look at, first the specific group policy setting that we will go about configuring the client-side targeting here for WSUS.
14- We can also verify the intranet update service location on the client computers using Windows registry. In the client computer, open Registry Editor and open “HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate”. Here you can confirm WSUS values (WUServer and WUStatusServer)
15- Now go back to WSUS server console and press refresh button I will be able to see machines attached to my WSUS server (Windows10).
16- Select All updates, under status select failed or needed and then right click on update you want to install, select approve.
17- Under computer group, right click on your windows/server and then select approved for install.
18- Click ok.
19- The updates will now be made available, and then next time that client hits that maintenance interval we’ve configured in group policy, it’ll go about downloading, installing, and perhaps rebooting the PC in order to support the installation of this Windows update.
Configure Auto Approval Rules in WSUS
If you don’t want to approve updates manually, we can configure auto approval rule in Windows Server Update Services.
To configure Automatic Approvals in WSUS
1- WSUS Administration Console, choose Options and then select Automatic Approvals.
2- Here you can find the default automatic approval rule and if you want it you can edit it and use it. Select New Rule to create a new approval rule.
3- Select when an update is in a specific classification checkbox. Select the classifications. You can also permit the update for computers groups. I am going to choose Windows 10 as that is my test PC group. Last you can set a deadline for the update approval & specify auto approval rule name. After you configure the rule, click OK.
4- You may find the rule the one you have just created. Select Run Rule If you wish to run this rule.
WSUS Custom View, Reporting and Troubleshooting
Create Custom view
1- To create a new update view, right-click on updates and then select New Update View.
2- Here you can select what you want to include in the view. I am selecting Updates for a specific product. Step 2 Select any product.
3- In the step 2, we can click on any product link and select which product we need to include. I will choose Windows 10, click ok.
4- Specify a name and select ok.
5- The new view is available in the list under Updates. Select it and change the status to any you will be able to see only updates for Windows 10.
Server Cleanup Wizard
1- Select options and select Server Cleanup Wizard.
2- Here we can select what to remove. I will choose everything click next.
3- Begin the process.
4- Click finish.
Configure Windows Server Update Services REPORTING
1- Double click on any update.
2- We need to install Microsoft Report Viewer, here you can find the link to download and install Microsoft Report viewer.
In this two-part series, I will cover step by step to install and configure WSUS Role on Windows Server 2019. This guide must help you if you decide to install and configure WSUS from scratch. In this post, I have selected Windows Server 2019 to install and configure WSUS.
What are Windows Updates
Let’s talk about some basics. When we install an operating system, software, or image a machine, we always ensure it is patched with latest updates. Not only operating system but also every software that we use needs to be constantly updated. Windows updates are released to fix security issues, fix bugs, issues in operating system, and to add new features to OS. The Windows Updates are relying on Windows Update service which is set to start automatically by default. Windows Update service will downloads & installs recommended and important updates automatically. Microsoft updates can be classified into following categories:-
Critical Updates
Security Updates
Definition Updates
Drivers
Update Rollups
Service Packs
Tools
Feature Packs
Updates
Introduction to Windows Server Update Services
WSUS enables the administrators to install the latest Microsoft product updates. WSUS is a Microsoft Windows Server role and when we install it, you can efficiently manage & deploy the updates. One of the highly important tasks of system administrators is to keep client pc and servers updated with the latest security updates and Windows software patches. Without WSUS it could be really hard to manage the Windows updates. When you have a single WSUS server in our environment, the Windows updates are downloaded directly from Microsoft Update. Rather than downloading updates directly from internet letting to multiple computers. We can setup WSUS server and allow the clients to download all the updates from a WSUS server. With WSUS we can save Internet bandwidth and also speed up the Windows update process.
Windows Server Update Services Lab Setup
In the first place let me cover about WSUS lab setup. I consider that the best way to master WSUS is to deploy and configure it in the test or lab setup first. Then we can start working on it and try several things. I have created 3 virtual machines in my lab.
Server Name
Operating System
Role Installed
DC2019.test.local
Windows Server 2019 Standard
Active Directory, DNS, DHCP
WSUS.test.local
Windows Server 2019 Standard
WSUS
Windows10.test.local
Windows 10 Professional
Windows 10
WSUS System Requirements
When we have decided to implement WSUS in our setup, First we must first look into WSUS requirements. Please visit Microsoft. It will cover all the information required for WSUS requirements.
WSUS Firewall Ports / Exceptions
It is important that the WSUS server connects to Microsoft Update to download updates. If there a corporate firewall between Internet and WSUS server, we might have to configure that firewall to ensure WSUS can acquire updates. To gain updates from Microsoft, the WSUS usage port 443 for HTTPS protocol. You should allow Internet access from WSUS to the following list of URLs.
Deploy WSUS Role on Windows Server 2019
Log in to your Windows 2019 server on which you want to install the WSUS server role using an account that has an admin rights.
1- Launch Server Manager, click dashboard and then click add Roles and Features.
2- Click Next.
3- Click Next.
4- On the Server Selection page, verify the server name and then click next.
Server Roles – Windows Server Update Services
5- Select the role “Windows Server Update Services“.
6- Select Add Features.
7- Click next.
8- Leave Default and then click next.
9- Click Next.
WSUS Database Type – Role Services
10- Role services / Database type to install for Windows Server Update services. Select WID Connectivity / WSUS Services and then click Next.
WSUS Content Location
11- Specify a location where you want to store the updates. I would strongly recommend save the updates on another drive and not on C: drive. Click Next.
12- Web Server Role (IIS) window, click next.
13- Default settings click Next.
14- Please review the final confirmation before you install WSUS and then click Install.
15- The WSUS installation is complete, select Launch Post-Installation tasks.
16- Please wait for the message Configuration successfully completed and then click Close.
Watch Video: How to install Windows Server Update Service.