We have Windows Server Update Services (WSUS) set up in our domain environment. It is configured and working correctly. We run into an issue every once in a where Windows Update will lose/forget the setting and go out get updates online overnight. We countered this by disabling Windows Update through a registry change:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /t REG_DWORD /d 1 /f
This stopped Windows Update from running automatically if it loses policy.
We have since added this to our New PC batch file that we run on all new PCs. We've noticed that those new computers are not reporting to the WSUS server. It seems like if I go on the computer and manually kick off a Windows Update it will find the server and do it's thing.
Is there a way I can somehow make all the PCs "Check for Updates" so they all get reported on our WSUS server and start receiving updates?
Thanks!
Best Answer
You may find it more effective and convenient to set the appropriate WSUS server using Group Policy; you can create a Group Policy Object with the settings under
Computer Configuration > Administrative Templates > Windows Components > Windows Update, primarilySpecify intranet Microsoft update service location, but also any other options within the Windows Update section you wish, such as when to install updates if scheduled, etc - have a look through them as applicable.The benefits of this are;
You may then set the security settings of this GPO such that all it applies to all computers (this is the default for new GPOs), and link it within your AD structure such that it will apply to all computers which you wish to use the WSUS server in question.