Microsoft Windows ServerWindows Server 2022

How to Install WSUS Role on Server 2019

Photo of Jamil Parvez Jamil Parvez Follow on X Send an email 09/01/2021
0 97 3 minutes read
install wsus server

In this two-part series, I will cover step by step to install and configure WSUS Role on Windows Server 2019. This guide must help you if you decide to install and configure WSUS from scratch. In this post, I have selected Windows Server 2019 to install and configure WSUS.

What are Windows Updates

Let’s talk about some basics. When we install an operating system, software, or image a machine, we always ensure it is patched with latest updates. Not only operating system but also every software that we use needs to be constantly updated.
Windows updates are released to fix security issues, fix bugs, issues in operating system, and to add new features to OS. The Windows Updates are relying on Windows Update service which is set to start automatically by default.
Windows Update service will downloads & installs recommended and important updates automatically. Microsoft updates can be classified into following categories:-

  1. Critical Updates
  2. Security Updates
  3. Definition Updates
  4. Drivers
  5. Update Rollups
  6. Service Packs
  7. Tools
  8. Feature Packs
  9. Updates

Introduction to Windows Server Update Services

WSUS enables the administrators to install the latest Microsoft product updates. WSUS is a Microsoft Windows Server role and when we install it, you can efficiently manage & deploy the updates.
One of the highly important tasks of system administrators is to keep client pc and servers updated with the latest security updates and Windows software patches. Without WSUS it could be really hard to manage the Windows updates.
When you have a single WSUS server in our environment, the Windows updates are downloaded directly from Microsoft Update. Rather than downloading updates directly from internet letting to multiple computers. We can setup WSUS server and allow the clients to download all the updates from a WSUS server. With WSUS we can save Internet bandwidth and also speed up the Windows update process.

Windows Server Update Services Lab Setup

In the first place let me cover about WSUS lab setup. I consider that the best way to master WSUS is to deploy and configure it in the test or lab setup first. Then we can start working on it and try several things.
I have created 3 virtual machines in my lab.

Server NameOperating SystemRole Installed
DC2019.test.localWindows Server 2019 StandardActive Directory, DNS, DHCP
WSUS.test.localWindows Server 2019 StandardWSUS
Windows10.test.localWindows 10 ProfessionalWindows 10

WSUS System Requirements

When we have decided to implement WSUS in our setup, First we must first look into WSUS requirements. Please visit Microsoft. It will cover all the information required for WSUS requirements.

WSUS Firewall Ports / Exceptions

It is important that the WSUS server connects to Microsoft Update to download updates. If there a corporate firewall between Internet and WSUS server, we might have to configure that firewall to ensure WSUS can acquire updates.
To gain updates from Microsoft, the WSUS usage port 443 for HTTPS protocol. You should allow Internet access from WSUS to the following list of URLs.

windows updates wsus

Deploy WSUS Role on Windows Server 2019

Log in to your Windows 2019 server on which you want to install the WSUS server role using an account that has an admin rights.

1- Launch Server Manager, click dashboard and then click add Roles and Features.

server manager dashboard

2- Click Next.

add roles and feature wizard

3- Click Next.

Select Role based or feature based installation

4- On the Server Selection page, verify the server name and then click next.

Select the server to install WSUS

Server Roles – Windows Server Update Services

5- Select the role “Windows Server Update Services“.

add roles and feature wizard roles

6- Select Add Features.

add features that are required

7- Click next.

Select Windows Server Update Services role

8- Leave Default and then click next.

add roles and feature wizard features

9- Click Next.

windows server update services role

WSUS Database Type – Role Services

10- Role services / Database type to install for Windows Server Update services. Select WID Connectivity / WSUS Services and then click Next.

Select WID Connectivity and WSUS Services

WSUS Content Location

11- Specify a location where you want to store the updates. I would strongly recommend save the updates on another drive and not on C: drive. Click Next.

WSUS Content Location

12- Web Server Role (IIS) window, click next.

web server rule (iis) wizard

13- Default settings click Next.

select service role

14- Please review the final confirmation before you install WSUS and then click Install.

confirm installation selections

15- The WSUS installation is complete, select Launch Post-Installation tasks.

Launch WSUS Post Installation tasks

16- Please wait for the message Configuration successfully completed and then click Close.

WSUS configuration completed successfully

Watch Video: How to install Windows Server Update Service.

Photo of Jamil Parvez Jamil Parvez Follow on X Send an email 09/01/2021
0 97 3 minutes read
Photo of Jamil Parvez

Jamil Parvez

Jamil Pervez works as a Network Administrator, based in Kuwait with a Primary focus on Microsoft technologies. Microsoft Certified MCSE, MCTP, MCITP, CCNP, CCIP, CCVP with 20 years of experience in administering Windows Servers, Exchange, VMWare, Veeam B&R, Veritas BackupExec.

Related Articles

Setup Remote Desktop Gateway

How To Setup Remote Desktop Gateway on Windows Server

16/09/2024
Change Time Zone on Windows Server

How to Change Time Zone on Windows Server 2022

10/09/2024

Windows Server Maintenance Checklist step by step

02/09/2024
Configure Folder Redirection with Group Policy

How to Configure Folder Redirection with Group Policy

31/08/2024

Leave a Reply

Back to top button