locked
Client not downloading and installing windows update via wsus RRS feed

  • Question

  • Hello,  i have a WSUS upstream and downstream environment. The client machine are appearing in the upstream successfully.

    I am testing client machine on 2012 R2, but when i approve a update with a deadline, the updates is not downloading and installing automatically. I have approve the updates as i can see it via the client machine when i run Check For Updates, but i thought i don't need to do this. for the WSUS registry, i have the following settings on the client side

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]

    "NoAutoUpdate"=dword:00000000
    "AUOptions"=dword:00000004
    "ScheduledInstallDay"=dword:00000000
    "ScheduledInstallTime"=dword:00000000
    "UseWUServer"=dword:00000001

    1- Download critical and security update, approve them then send to them to the computers on the networks 

    2- For every other updates, I want my client to open his windows update client, the client will connect to our server to check if there are updates needed. At that time, the downloads and installation will start. Please help

    I think that if the updates are approved, they will be sent straight to our clients, i don't want that I want my client  to ask for updates. 

    Please help. I want to follow the approve update procedure with deadline set against the approval updates


    • Edited by Darker007 Wednesday, June 22, 2016 8:16 AM
    Wednesday, June 22, 2016 8:13 AM

Answers

  • 1- Download critical and security update, approve them then send to them to the computers on the networks 

    2- For every other updates, I want my client to open his windows update client, the client will connect to our server to check if there are updates needed. At that time, the downloads and installation will start. Please help


    You can only instruct windows update how to handle available updates, there is no mechanism to separate out the different types of update and treat them differently.

    Also WSUS does not "send" anything, it's the client which connects to WSUS and then downloads available updates. Anything approved is classed as available.

    What you may wish to do, is just to have critical and security updates controlled via WSUS with the options to install those as they are recieved. Then when the client wants other updates, they can click on the "Check for updates form Microsoft Update," option for all other updates. You won't be able to control which updates the clients evevntually get using this method, but it does meet your other requirements.

    Please remember that WSUS is a very basic updating solution, if you want more control then there are various 3rd party paid for solution that can do this for you.


    Wednesday, June 22, 2016 1:58 PM