Help setting up WSUS on windows small business server 2003

By davids
Dec 7, 2006
  1. Is there anyone who has experience of WSUS and would help me to get it set up?

    many thanks in advance
  3. davids

    thanks for the reply zephead.

    I have looked at the prerequisites and I have downloaded everything necesary I think - although I better check the version of iis I have.

    At the moment there is the server, 1 perminent computer and 1 laptop (for testing) on the network but I work in a computer shop and the plan is to add various computers to the network for the purposes of updating them.

    It is also running exchange - which is really just for testing purposes.

    WSUS is installed and I have syncronised it with microsoft, so it has downloaded updates.

    But I am having trouble getting the WSUS control panel to pick up the other computers on the network. In exchange I have created a container called updates then I have created a policy object for that container to tell it to get updates from the server, then I have put the two client computer objects inside that container, is that right so far?
    Does it work the other way around? Can the clients get updates from the server instead of Windows Update site?
    i have configured the clients to pick up updates from the server-but when i go into the wsus control panel it wont pick up any of the client computers. it only picks up the server itself. i have followed all the inSTRUCTIONS to set up the clients via active directory, and it says the wsus should pick them up within 20 minutes. but it doesnt. all the basics like dns are working fine.
    do the machines have any firewalls? you might need to create exceptions so that WSUS can freely communicate over the network.

    just to be clear, the clients do have a working connection to the server, right? (clients can access shared directories, printers, etc.)
    Yes the clients do have a good connection I have set up shared folders etc and they all communicate with no problems.

    Good idea about the firewall, I should imagine the clients have got windows firewall on, but I havnt checked it - I will do that first and then report back.

    thanks for all the help so far...
    Hi zephead,

    I had another look at the setup today.

    I am running IIS v6, and I today disabled the firewall on the client computer, and this hasnt helped.

    also have sql running - I dont know if this is vital, but it installed with the WSUS, it is running the service: //servername/wsus

    Any other ideas?
    I can't remember doing anything special when I set up WSUS on one 2003 Server & XP clients some months ago.

    You can refresh the server policies manually from command prompt with gpupdate command so that you don't need to wait for any changes to take effect.

    Does Event Viewer reveal anything about the problem?

    By the way, I didn't touch any firewall settings on clients.
    I did force the policy to update with that command, and in the instructions it said it would take 20 minutes after doing so for everything to kick in. But it didnt.

    I will have a look in event viewer tomorrow and see if that reveals anything. failing that I will uninstall it all and start from scratch.

    One slightly odd thing I did notice today was that on the BT router, it is set up to use dhcp (but obviously I have given the server (and the client) a fixed ip address - but I cant find anything in the BT router where I can declare static clients. And although I have DNS set up on the server and the router, maybe this is causing a problem??

    Anyway, I will post back here if I have any joy:)
    just to be clear...your server is also functioning as the network's DHCP server, right?
    I "think" I have got it up and running now:

    The main problem was that in the gpo settings under update source I had left out the port number (8390 or whatever it is). Now I have done that I did get one successful update today! And I have left tonight with WSUS downloading 2.5gb of update files!! So hopefully come monday it will all be working smoothly.

    Ps the server isnt running dhcp. at the moment the router is running dhcp, but all the computers on the network and on fixed addresses - because im sort of messing around and learning as I go along at the moment.

    Thanks for all your help guys
    your server (serving as a domain controller and dns server) should be the DHCP server as well, assigning addresses to all client PCs.
    I know Zephead.

    The server and network have only been up and ruinning for a week or so - and it is at the computer shop where I work, so I didnt want to disable the router dhcp until I had it all running smoothly - But I will do that on Monday.

    When I go in a will double check that the WSUS is working and if it is I will setup the dhcp server as well.
    Ive come across a hurdle:

    Does anyone know if it is possible to connect a windows xp home computer to use WSUS?
    i believe that WSUS can de deployed on xp home as easily as on pro, but to be honest i have never installed it on anything except xp pro and server 03. you could probably find out quickly in the microsoft site.
    thanks zephead.

    Im reading up on it now. Apparently you have to configure xp home through the registry (as it cant connect to the domain and therefore cant be controlled through AD).

    I am now installing server 2003 and xp home on virtual PC from home, to test it out.

    Will post back the results
    WSUS for XP home computers

    Just thought Id report back here with the results:

    I have now got the XP home computers updating ok:

    In the end I had to patch the registry to make it except updates from the server then run a vbs script to make the client pick up the updates, and also had to follow the instructions below:

    """To resolve this problem, you must have the following minimum permissions on the C:\Program Files\Update Service\SelfUpdate directory. Group Permissions
    Administrators Full Control
    System Full Control
    Domain/Users or Local/Users Read&Execute, Read, List Folders
    IUSR_ComputerName Read&Execute, Read, List Folders
    Note IUSR_ComputerName represents the host name of the server that is running IIS where WSUS is installed. If this account is a member of the Users group, you do not have to explicitly define these permissions."""
