Share via

How to Install & Download Window Updates with the Microsoft Server

Seema Kanwal Gurmani 321 Reputation points
2024-05-15T06:30:57.3966667+00:00

Dear Community,

I have WSUS server in my organization and I have noticed that the updates are sometimes failing. I think it's better that I let my clients directly install updates from Microsoft updates Server. Please share what changes should I make in GPO to achieve that?

Regards,

SKG

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,555 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yanhong Liu 3,585 Reputation points Microsoft Vendor
    2024-05-15T07:50:21.85+00:00

    Hello,

    Thank you for posting in Q&A forum.

    Try going to Computer Configuration→Policies→Administrative Templates→Windows Components→Windows Update in the Group Policy Management Editor.

    Right-click the Configure automatic updates setting and select Edit.

    In the Configure Automatic Updates dialog box, select Enable.

    Under Options, select 3 - Automatic download and notification of installation from the Configure automatic updates list, and then select OK.

    For more details, please refer to the link: Deploy updates using Windows Server Update Services - Windows Deployment | Microsoft Learn

    I hope the information above is helpful.

    Best Regards,

    Yanhong Liu

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

     

    0 comments
  2. Seema Kanwal Gurmani 321 Reputation points
    2024-05-15T08:02:11.5633333+00:00

    ok. Let me go through these Settings & then get back to you.

    Thanks.

    0 comments
  3. Adam J. Marshall 9,041 Reputation points MVP
    2024-05-15T12:48:39.76+00:00

    If you want to figure out which method is right for you - WUfB or WSUS, see my article here

    https://www.ajtek.ca/blog/wufb-or-wsus-which-is-better/

    If you want to learn how to manage WSUS properly where it takes 5-15 minutes a month to approve the needed updates to both a testing group and then also into production, follow through my 8 part blog series on How to Install, Manage, and Maintain WSUS.

    https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-1-choosing-your-server-os/

    If you want to configure WUfB

    https://www.ajtek.ca/wsus/windows-update-for-business-why-should-i-choose-it/

    (Thanks for the reminder, I should add a new article with all the new settings for WUfB, especially with the new scan source policies).

    If you want to reset the WSUS GPO policies for testing - https://www.ajtek.ca/wsus/reset-windows-update-gpo-settings/

    Now, getting to your initial issue - your systems are having failed updates. Failed updates on installation will not be fixed by pointing to WUfB if the issues related to the failed updates are due to corruption on the client. If it's caused by missing updates (because you don't have the correct products selected in WSUS), then it would pick up the new updates and install them properly first, thereby allowing your failed updates to install successfully afterwards.

    Always first try and let Windows Self-Heal – run:

    sfc /scannow
DISM.exe /online /cleanup-image /restorehealth

    and in some cases where DISM fails, you may need the current version media and specify it:

    DISM.exe /Online /Cleanup-Image /RestoreHealth /Source:wim:E:\Sources\Install.wim:1 /limitaccess
    0 comments