Articles in this section

See more

Endpoint and JetPatch Configuration for WSUS

Todd Kirkland
  • Updated
Follow

Endpoint Configuration for WSUS

  • Verify that the ports 8530/8531 are open on the WSUS server for the endpoints to register
  • Verify that IPV6 is disabled on all Windows endpoints and the WSUS server
  • Verify that no Windows endpoints have duplicative SusClientId
  • Register the endpoints to the WSUS server (this can be done either by domain policy or local policy). In order to register endpoints to WSUS:
    • Open the group policy of the endpoint (start->run->gpedit.msc)
    • Configure Updates by going to Computer Configuration -> Administrative Templates -> Windows Components -> Windows Updates ->
      • Configure Automatic Updates -> Enabled and set to “notify for download and notify for install”
      • Specify intranet Microsoft update service location -> Enabled and set both URL’s to http://wsusserverip:8530 (if using SSL use https and  8531)
    • Enable PowerShell execution policy to run scripts
  • Open Command Prompt and run the following commands to use the new policy and to register it on WSUS
    • gpupdate /force
    • Windows version is less then 10/2019 -
      • wuauclt /resetauthorization /detectnow /reportnow
    • Windows version is 10/2019 or later - 
      • USOClient.exe RefreshSettings
      • USOClient.exe StartScan
    • Note1: if the machine is still not reporting to WSUS, open windows update agent, check for updates, and verify if that is working.  If not, troubleshoot.  If it does work, go back to WSUS, refresh, and see if the endpoint is now reporting.

JetPatch Configuration for WSUS

Recommendation: Have all endpoints registered and reporting to the WSUS server (as per the above steps). It is also suggested to have the endpoints in WSUS groups before using JetPatch.

Do the following in order (note: the connector must be deployed on the WSUS server before it can be added as a discovery source)

  1. Add the WSUS server to JetPatch
  2. Add and assign an administrative account to the WSUS server
  3. Deploy the JetPatch connector on the WSUS server
  4. Add the WSUS discovery source

Note: You can only add one WSUS server as discovery source to JetPatch. For more WSUS servers use a primary-replica or primary-autonomous setup.

wsus2.green.local

Source Type: WSUS Server

Related Articles 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.