2016 TESTLAB 3 : Implement WSUS in SERVER 2016 first time, everytime!
Articles,  Blog

2016 TESTLAB 3 : Implement WSUS in SERVER 2016 first time, everytime!


hey guys and welcome to the video today i’m going to be bringing you the most exciting video of them all we’re going to be looking at SUS software update services so for those that don’t know what SUS is a break it down for you quick style services the way of bringing windows update on prep and that’s about it it just basically just reduce your bandwidth and stops you from hammering microsoft all the time for all of the update and to be honest it’s the most interesting video I’ve ever done sorry nodded off there so some services seems to be an elusive subject for so many people now if you’re going to use the windows internal database it works fine but if you want to use MS SQL then the post configuration tends to fail and I’ve never got it working really without using powershell so I’ve used a full SQL before in the past and it worked fine I for this particular video i attempted to use SQL Express 2016 still failed got database connectivity issues wasn’t working so I still have to revert back to using the full version of SQL 2016 so we’re going to be using powershell and we’re going to be doing in just two commands just two commands guys and it works so we’ll we’ll be installing full sequel and then get it working so let’s first of all just shrink myself into the corner abit, hang on whats happening? joke ok so when we look as drives we just go C drive here and I’m going to need a drive for the SQL content and i’m going to also need a drive force equal yourself you could probably mix the source code attend with sequel but i like to split off and the reason why i like to split off is lay down the line if I’ve got disk space issues or I’ve got our performance issues on the sand out all server that you’ve it you’ve installed on you can movie HD is around to different locations as if we split out wanting to sequel one into into sus content it gives you that flexibility so I’m just going to quickly add in two discs here this is a generation to vm so i can add the discs in while the drive is running chuck it in there and i’m just going to call this sequel be good w sauce they called eBay copy that for future next and sequel databases and going to be too big so i’ll leave it at the default is dynamically expanding anyway so it’s only going to use what he uses apply that and then also create a drive for the sauce content itself will do the same thing again same location wsus content so it makes sense to us when you’re looking at a higher level source can be particularly huge so I’m going to say this a 356 gig okay and swing back over to his vm now obviously the drives have appeared because we haven’t initialize them so go over to start menu right click and bring up disk management and with the bill look there’s two drives their so bring them online and initialize them format them equal DB do the same thing for the source content format the drive ok so now we got her two additional discs now next thing to do is to install sequel with the iso here run setup now as such uses see cool it doesn’t really need any maintenance from you i’m going to keep a lot of the settings from default so i’m not going to use like domain credentials and things for service accounts i’m just going to keep it as the local account so we go with the installation and we’ll do a new sequel standalone and if you want to access the database you’re going to have to install secret management tools sequel 16 does not have management tools included anymore you can’t select them you got to install them separately so if you go to the main page here and click on that it’ll take you to the web length on where to download so it will accept the license we’re going to do an update for setup we always get warning on firewall and always make sure everything else is past hit next now the only things that we are interested in to get this working is database engine full text search and reporting if you don’t install the reporting you may have issues during hit next and just so that i know from a database level purely for like backups and things like that i always I always add the name to the end of the instance because if you just stick to ms sequel server and you’re looking at this on life say for example DPM server and you’re backing up just the database you just going to see sequel you might have to look at the computer name to workout is this actually was it solves it coming out so i just add that onto the end hit next ok so for all of these the only thing I’m going to change is the service starts up agent not sure on the collection I’ve always changed it and I can’t remember doing any testing just leaving a default but i’m going to set it’s a sequel Latin from memory CIS diligo it next ok so again for access give rarely ever gonna after access unless you got any source database problems but i would add in basic your sequel admins group if you’ve got one always add in a domain admin because that way i want to help yourself I’m if you got it if you lock yourself out of the database you always make sure that domain admins got access to it now did directories tab this is where we redirect the database to our sequel drive we’ve got it on he drive so we’re just going to change that to e and you come back up to see as well hit next install and configure if you want to make another configurations if you want to be duplicating this on other servers that force I don’t really see why you would ever won but that is where your configuration file is kept to copy that dump it somewhere else hit install now sequel is going to go through its installation so while that is installing because that takes about in previous runs lab done is taken about 11 minutes so i am going to install the sauce services role while sequel is installing well now if we launched powershell in admin mode this is the command you put in I put in the description anyway it will save you so much time that’s it seriously that’s it so always saying is install update services and we’re going to be using a DB and include all the tools that’s it off it goes now if you want to do it through server manager you load up your server manager go over to manage go to add roles hit next and next and next go down to Update Services particular box and then it will show you everything that is going to be installing and then you say add features and then hit next and then you would configure it through here and this is where you say I i want the internal database or I want sequel and then you tell it where to put the content and blood are black crop of all the river to be honest all I’m gonna do is configure it with another right so there we go so we’ve got the feature installed with that one command and the command that we’re going to use to configure it i’m not going to run it just yet sequels not finished just have a look to see where your drive is in our cases f2b you need to browse to program files updated services and tools in there there is a societal XE and that is what we’re going to be running to configure cells from command line and the command really is so so simple so simple guys that’s it will resume in resume in yeah ok sauce you to XC post-install sequel instance name when that when you put your server name so in my case it is album dash W so one and then content directory F that’s where we’re going out to death there is and that’s it it work and we’ll show you it works in just a minute so here we go we’ve got sequel has fully successfully installed so now is time to run the command will it work will it not what and you know what I’m going to take a snapshot just in case I’m that confident now is just really in case it goes hideously wrong and then i have to edit the video and because these things happen right three two one go post install is started now if you’re really that interested you can go have a look at the log file which we can go look out if you browse to your folder that you are installed in that you have to install logged in with and bring up app data and going to local temp the log file will be ec 37 or whatever your profile is is there is ZERO the moment because it’s building it there you go that’s the first time has successfully completed so let’s have a look at the log file I did sell keep it interesting so i’m not going to go through the log file but here you go is created it it creates the databases created is a thousand million and one tables and there you go post-install completed two guy took two guys to Commandant’s that’s it really is that simple off the internet just crashing to this video right now ok so let’s close that down what we’ll do is we’ll go to the console now this is where it starts getting really really slow with lots of video editing so here next can do not bothered you want to join the update improvement program you can because it’s the first server we’re going to synchronize with microsoft update themselves not using a proxy and then start connecting this bit takes 4ever you’re looking at well on my particular link a good 25 minutes of just going back come back come fault so I’m going to start editing now I’m going to cut this bit out so see in a second finally that’s actually can did so that’s taken a lot longer than expected it was well over an hour so let’s move on Joey so hit next now we need selects languages so we’re gonna go use English now when it comes to product microsoft selects a load for you I don’t want to use their selections so I’m going to take all and then one take everything just to make sure the only things i’m going to download just for time really is server 16 i’ll add some more later for the videos but just for now we’re just going to do service 16 hit next I’m going to do all classifications because i want it to update everything to hit next I’m going to synchronize manually first time around but then after that how they move up the automatic up we just do one a day to synchronize during the night but for now we just do manually and then begin the initial sync and then hit finish so here we can see is started synchronization there and what we need to do now is set group policy so that everything on our lab as she pulls down the updates from this particular server sooo we do is going to jump over to our demand control we still on 2012 r2 Fordham and i’ll do a video on an upgrade of people are interested so we’ll go over to group policy not actually my start menu so we need to do is we’ll create a new GPS we’re going to call this 16 sauce edits it now we need to drill down what drill down on the tree on what you what you need to configure so we’re going to do computer policies admin templates windows components and then at the bottom there should be windows up there is now the settings that we need coffee automatic updates so we’re going to enable that just for my test lab and i’m going to schedule the install install during maintenance you can do everyday if you want and then i’m going to wind the clock back bash i’m going to install a one o’clock in the morning the next setting is the way you actually tell it what server so in our case we’re going to set our dash debrief sauce it was a one woman 01 and we’re going to put a pot on the end curl on a 530 do the same thing for the statistics now so we’re now synchronized because obviously services not many patches of the moment so let’s go to others options and we’re going to set the synchronize nation schedule now to automatic and i’m going to say first scheduled at one o’clock in the morning and we’ll do one a day automatic approvals i’m going to say yes and I’m going to say automatically approve everything on all the computers are picked up i’m going to run that we go 30 of those were approved so once the updates are approved then they get applied so I mean you can drill down and reject various ones if you wish but just for the lab I’m just going to say everything quickly now I’ve got nothing switched on the lab at the moment so nothing will be picked up but if i boot this server up here which is one of my SCCM boxes which is actually my next video eventually given time that machine will appear in here and it will give us a status on how many updates got and so on so that’s it on sus so remember guys just two commands to get it working and hope you found the video of interest remember to do like and subscribe and share they’re the video as well and it does help promote channel and thank you for watching until next time see you later

38 Comments

  • thrqureshi

    Thanks for updating Part 3
    I have been waiting for so long

    When are you going to upload Part 4 ( Advance Deployment of windows 10 through sccm)

  • Richard Smith

    please leave a comment on what video you want to see next. upcoming videos are sccm 1606 and windows 10 deployment. after that you decide

  • thrqureshi

    Dear Sir

    Could you please make a video (or tell me what to do) how to make kerberos enable to authenticate during windows deployment

    I have a VBscript which I am using it in sccm task sequence but it keep failing to get information. I know the script is right.

    There are
    2 dns server
    1 Sccm server which holding IIS as well

  • Jan Barmettler

    Hey Richard
    I apprechiate your Videos a lot!
    3 Questions:
    When is part 4 beeing released?
    Why did you dumped the database for the wsus on the same server and not on the previous setted up SQL?
    Didn`t you said in Vid 3, you have to apply the SCCM Configuration first, and WSUS later?
    Tanks a lot!
    Greez

  • BuckeyeNut74

    Excellent video, Richard! Thank you for the walk-through. I wanted to leave a comment with the only problem I ran in to, which was with SQL Express 2016. I received a fatal error message during the post install command:
    Fatal Error: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. (provider: Named Pipes Provider, error: 40 – Could not open a connection to SQL Server).

    I did two things to correct this problem. First, I enabled the Named Pipes protocol in the SQL Server Configuration Manager, under SQL Server Network Configuration > Protocols for SQLEXPRESS. Secondly, I changed the SQL Instance Name in the command from just my server name, to "MY_SERVER_NAMEMY_SQL_INSTANCE_NAME".
    For instance: SQL_INSTANCE_NAME="WSUS-SRV1SQLEXPRESS"
    This corrected the problem, and the post install procedure completed, installing WSUS with SQL Server Express 2016. Thanks again, Richard!

  • bill westrup

    The 2nd powershell command failed with: "Fatal Error: Failed to start and configure the WSUS service"

    The logs shows:
    2017-05-09 09:34:07 Importing Exchange2000Server.xml…
    2017-05-09 09:36:38 ImportDefaultDetectoids failed. Exception: System.Data.SqlClient.SqlException (0x80131904): Execution Timeout Expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
    Warning: The join order has been enforced because a local join hint is used. —> System.ComponentModel.Win32Exception (0x80004005): The wait operation timed out
    at Microsoft.UpdateServices.DatabaseAccess.DBConnection.DrainObsoleteConnections(SqlException e)
    at Microsoft.UpdateServices.DatabaseAccess.DBConnection.ExecuteCommandNoResult()
    at Microsoft.UpdateServices.Internal.DatabaseAccess.CommonDataAccess.ExecuteSPImportUpdate(Int32 upstreamServerLocalId, String xmlUpdateBlob, Byte[] xmlUpdateBlobCompressed, Int32& localRevisionId)
    at Microsoft.UpdateServices.Internal.DatabaseAccess.CommonDataAccess.ImportUpdate(Int32 ussRevLocalId, String xmlUpdateBlob, Byte[] xmlUpdateBlobCompressed, String xmlSdpBlob, Int32& localRevisionId)
    at Microsoft.UpdateServices.Internal.DatabaseAccess.CommonDataAccess.ImportUpdate(Int32 ussRevLocalId, String xmlUpdateBlob, Byte[] xmlUpdateBlobCompressed)
    at Microsoft.UpdateServices.Setup.StartServer.StartServer.ImportDefaultDetectoids()
    ClientConnectionId:cd444b42-5bda-4a25-8f14-b5e409c24fb0
    Error Number:-2,State:0,Class:11
    2017-05-09 09:36:38 StartServer encountered errors. Exception=Execution Timeout Expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
    Warning: The join order has been enforced because a local join hint is used.
    2017-05-09 09:36:38 Microsoft.UpdateServices.Administration.CommandException: Failed to start and configure the WSUS service
    at Microsoft.UpdateServices.Administration.PostInstall.Run()
    at Microsoft.UpdateServices.Administration.PostInstall.Execute(String[] arguments)

  • Prasad Vangala

    Hi,I created two group polices one USB disable policy for computer configuration  & second  WSUS policy  for computer configuration now I cant apply both policy's at time. any one of the  policy working .please give some solution.

  • Richard Bangoura

    I did it but this is the error blocking me, Setup cannot create the database on the sql server. Contact your sql admin. Need help guys. Thanks

  • Richard Bangoura

    Hi Richard, sorry bother you but I just updated my Windows 10 Pro and my VMs can no longer to talk to each other and no internet too, default switch is giving a headache ( unidentified network). Please help if you can. Thanks

  • Count Zero

    looks awsome Richard. Running Windows 2016 Datacenter on my HP DL380G6 (home server)
    I host a few websites for people. and have some Game Servers under Hyper-V.
    Playing with Wsus and Win2k16 Domain. I know people are going to say why buy Datacenter for a Home network.
    But it was only $15 (ebay) so not a big issue. + i want to upgrade to 2x Hex Core CPU's

    Keep up the good work.. and Happy New Year from New Zealand.

  • madhukar satav

    Hi Richard Smith
    i am getting below error please help me to fix this error i did all step as per your video please do the needful
    Content file download failed.
    Reason: The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.

    Source File: /c/msdownload/eula/useterms_t1c_2r_ed_client_volume_1_sr-latn-rs-3f1fdf72-bc81-4d02-a6f3-757486731983.txt
    Destination File: D:WSUSWsusContent305C8C48C00477683C0C9D45E073224B0E9305A630.txt

  • Dmitry Medvedev

    btw, WSUS is a piece of shit, MS tell us that "Windows 10 is a service, which means it gets better through periodic software updates.
    " and at the same time WSUS incorrectly detects Windows 10 builds. Thread in Russian, you can use Google Translate http://forum.oszone.net/thread-327089-2.html

  • Matthew Reece

    Thanks for this! Had to do a WSUS server before rolling out MDT and 50 new workstations, made the update process so much faster by going over lan!

  • Durikke2

    Can you please not have the video be so blurry, Thanks 1999 called they want there resolution back,
    Jokes aside thanks for the video it's great, just too blurry

Leave a Reply

Your email address will not be published. Required fields are marked *