Install Windows Server Update Service (WSUS)

About

A WSUS server provides features that you can use to manage and distribute updates through a management console. A WSUS server can also be the update source for other WSUS servers within the organization. The WSUS server that acts as an update source is called an upstream server. In a WSUS implementation, at least one WSUS server on your network must be able to connect to Microsoft Update to get available update information.

Article Covers:

WSUS prerequisites
Install Windows Server Update Service
WSUS Configuration

WSUS Prerequisites

Before you enable the WSUS server role, confirm that the server meets the system requirements and confirm that you have the necessary permissions to complete the installation.

The minimum hardware requirements for WSUS are:

Processor: 1.4 gigahertz (GHz) x64 processor (2 Ghz or faster is recommended)
Memory: WSUS requires an additional 2 GB of RAM more than what is required by the server and all other services or software.
Available disk space: 10 GB (40 GB or greater is recommended)
Network adapter: 100 megabits per second (Mbps) or greater

Software Requirements:

For viewing reports, WSUS requires the Microsoft Report Viewer Redistributable 2008. On Windows Server 2016, WSUS requires Microsoft Report Viewer Runtime 2012
If you install roles or software updates that require you to restart the server when installation is complete, restart the server before you enable the WSUS server role.
Microsoft .NET Framework 4.0 must be installed on the server where the WSUS server role will be installed.
The NT Authority\Network Service account must have Full Control permissions for the following folders so that WSUS Administration snap-in displays correctly:
- %windir%\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files
- %windir%\Temp
Confirm that the account you plan to use to install WSUS is a member of the Local Administrators group.

Install Windows Server Update Service

Log on to the server on which you plan to install the WSUS server role by using an account that is a member of the Local Administrators group.
Open the Server Manager -> Add Roles and features.
Add the Windows Server Update Services Role -> Click Next.

We will be prompted to install additional features. Click on Add Features.
Click Next on Select features wizard.
Click Next on Windows Server Update Services wizard.
So now we have two options either we can install WSUS on Windows Internal Database or SQL.
- For Windows Internal Database (WID), select below options:
  - WID Database
  - WSUS Services
- For SQL, select options,
  - WSUS Services
  - Database

On Content Location Selection, specify the location used for storing WSUS updates. Click Next.

You can review the installation selections and click Install.
WSUS Role and Feature installation is successful. Click Close.

Now we have to initiate Post-Deployment Configuration (Post-Install). Open Server Manager and Click on Notification Flag and then click on “Launch Post-Installation tasks”.

It will configure WSUS in background and you can verify the Post Installation steps in logs created under c:\users\AppData\Local\Temp.
Post Installation is completed now.

If you are using SCCM Software Update Point Role for managing Software Updates then perform the below configuration through Software Update Point Role Installation. Refer