Creating a Windows Server Update on a LAN Network with WSUS

By creating a server that serves Windows updates and other products from Microsoft, you can save internet consumption and speed up the update process.

Windows Server Update Services (WSUS) is a feature of Windows Server to manage the distribution of updates released by Microsoft Update to computers on your network. WSUS will be very useful if you have to manage many computers.

Updates from Microsoft products can be hundreds of Megabytes in size, and can even reach a size of over one Gigabyte. If the number of computers in the network is large, it is certainly very inefficient if each computer has to download to Microsoft. Because this will burden internet usage and require a long download time.

By creating a Server that serves an update, a direct update to Microsoft is only performed by one Server computer. Meanwhile, computers in other networks will download updates to the server. In this scenario, the update process from the computer does not require internet access because it uses a local network (LAN) and, of course, the download speed is also very fast.

This article will use Windows Server 2019 as an example and you can also use this method on Windows Server 2012, 2012 R2. Both 2016 and Windows Server 2022.

Other Interesting Articles

Install WSUS on a Windows Server

  1. Open the “Server Manager“.
  2. In the Server Manager click “Manage” and then click “Add Roles and Features“.
add server role
  1. Next will open the Add Roles and Features Wizard window. And on “Before You Begin“, click “Next“.
  2. In “Installation Type“, select “Role-based or feature-based installation” and click “Next“.
  3. Click “Next” on “Server Selection“.
  4. Next on the “Server Roles“, check the option “Windows Server Update Services“. Once you have checked the option, a new window will open to confirm you all the features needed by WSUS to function correctly will also be installed. Click the “Add Features” button. Click “Next” to continue.
wsus add feature
  1. On the “Features” page, click “Next“.
  2. Then on the “WSUS“, click “Next“. And click the “Next” button again on the “Role Services“. And in “Content“, specify the directory you will store the update file. Click “Next” to get to the next step.
wsus content
  1. On the “Web Server Role (IIS)” page, click the “Next” button. And on the “Role Services“, leave the default options and click “Next“.
  2. In “Confirmation“, check the option “Restart the destination server automatically“. Then click the “Install” button to start the installation process.
wsus instal
  1. Windows Server will perform the installation process and will automatically restart if needed.
  2. After the WSUS installation process is complete, in the summary window, click “Launch Post-Installation tasks“. Wait until the configuration process is complete and then click “Close“.

Configuring WSUS on a Windows Server

After the installation process is complete, now is the time for you to set up the services you will provide on client computers in the network.

  1. Open “Server Manager > Tools > Windows Server Update Services“.
  2. You will be prompted to perform AWSUS configuration through the “WSUS Configuration Wizard“.
  3. On the “Before you begin” page, click “Next“.
  4. Then in “Join the Microsoft Update Improvement Program“, you can choose to join or not, and uncheck if you don’t want to join. Next click “Next“.
  5. Under “Choose Upstream Server“, leave it on the default option “Synchronize the updates with Microsoft Update“. Click “Next” to continue.
  6. Click “Next” on “Specify Proxy Server“, unless you are using a proxy for access to Microsoft Update.
  7. Then click “Start Connecting” to connect to “Upstream Server“. This process will take a long. Wait for it to complete.
wsus config upstream
  1. On the “Choose Language” page, the default selection is in English. You can select multiple languages to speak. Click “Next” to get to the next step.
  2. Next in “Choose Products“, select the product from Microsoft that you will serve on WSUS. Consider the storage capacity on your server in choosing the product you will serve. Click “Next” to get to the next step.
wsus config product
  1. Under “Choose Classifications“, select the updated classification you want to serve. Next click “Next“.
  2. Then on “Set Sync Schedule“, select the automatic schedule. Click “Next“.
  3. On the “Finished” page, check on “Begin initial synchronization“. Then click “Next“.
  4. After the synchronization process in step 12 is completed, click on the “Finish” button. WSUS will periodically download updates from Microsoft and distribute them on computers in the network.

PC Client Settings on LAN to Update to WSUS Server

To change computers in the network to update from Microsoft products to WSUS Server, you can do it through Group Policy.

Open the Group Policy Editor and navigate to:

Windows 10 and earlier

Computer Configuration > Administrative Templates > Windows Component > Windows Update > Specify intranet Microsoft update service location

gpo update win 10

Windows 11

Computer Configuration > Administrative Templates > Windows Component > Windows Update > Manage updates offered from Windows Server Update Service > Specify intranet Microsoft update service location

gpo update win 11

Then double click to open it and set the configuration to “Enable“. Next, provide the URL address of the WSUS Server as follows.

gpo update value

If you use a domain in the network you are using, you can simply set it up through Group Policy Management on the Domain Server. You can follow our other articles on how to use a GPO on a Domain Server. User GPO

Latest Articles

Related Articles