This script is designed to quickly configure Windows update service for computers running outside the Active Directory domain. Before use, update the values for your organization.
@ECHO OFF
VER |>NUL FIND /v "5." && IF "%~1"=="" (
ECHO CreateObject^("Shell.Application"^).ShellExecute WScript.Arguments^(0^),"1","","runas",1 >"%temp%\Elevating.vbs"
cscript.exe //nologo "%temp%\Elevating.vbs" "%~f0"& GOTO :EOF
)
DEL /s /q /f "%temp%\Elevating.vbs" > nul 2>&1
ECHO.
ECHO Do you want to configure Windows Update service on your computer for WSUS server?
ECHO.
SET /P AREYOUSURE=Are you sure (Y/[N])?
IF /I "%AREYOUSURE%" NEQ "Y" GOTO :EOF
ECHO.
ECHO 1. Stopping Windows Update Services...
bitsadmin /reset
sc config bits start=disabled
net stop bits
ECHO Checking the Background Intelligent Transfer Service status.
sc query bits | findstr /I /C:"STOPPED"
IF NOT %errorlevel%==0 (
ECHO Failed to stop the Background Intelligent Transfer Service.
sc config bits start=delayed-auto
PAUSE
GOTO :EOF
)
sc config wuauserv start=disabled
net stop wuauserv
ECHO Checking the Windows Update AutoUpdate Service status.
sc query wuauserv | findstr /I /C:"STOPPED"
IF NOT %errorlevel%==0 (
ECHO Failed to stop the Windows Update AutoUpdate Service.
sc config bits start=delayed-auto
sc config wuauserv start=demand
PAUSE
GOTO :EOF
)
ECHO.
ECHO 2. Setup WSUS client settings...
rem Specify intranet Microsoft update service location
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v WUServer /t REG_SZ /d http://wsus.mycompany.com:8530
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v WUStatusServer /t REG_SZ /d http://wsus.mycompany.com:8530
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v UpdateServiceUrlAlternate /t REG_SZ /d ""
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v UseWUServer /t REG_DWORD /d 1
rem Configure Automatic Updates
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v AUOptions /t REG_DWORD /d 4
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v NoAutoUpdate /t REG_DWORD /d 0
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v ScheduledInstallDay /t REG_DWORD /d 0
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v ScheduledInstallEveryWeek /t REG_DWORD /d 1
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v ScheduledInstallTime /t REG_DWORD /d 11
rem Install updates for other Microsoft products
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v AllowMUUpdateService /t REG_DWORD /d 1
rem Turn on recommended updates via Automatic Updates
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v IncludeRecommendedUpdates /t REG_DWORD /d 1
rem Delay Restart for scheduled installations
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v RebootWarningTimeoutEnabled /t REG_DWORD /d 1
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v RebootWarningTimeout /t REG_DWORD /d 30
rem Do not include drivers with Windows Updates
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v ExcludeWUDriversInQualityUpdate /t REG_DWORD /d 1
rem Do not connect to any Windows Update Internet locations
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v DoNotConnectToWindowsUpdateInternetLocations /t REG_DWORD /d 1
rem Allow Automatic Updates immediate installation
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v AutoInstallMinorUpdates /t REG_DWORD /d 1
rem Allow signed updates from an intranet Microsoft update service location
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v AcceptTrustedPublisherCerts /t REG_DWORD /d 1
rem Automatic Updates detection frequency
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v DetectionFrequencyEnabled /t REG_DWORD /d 1
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v DetectionFrequency /t REG_DWORD /d 8
rem Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v NoAUShutdownOption /t REG_DWORD /d 1
rem No auto-restart with logged on users for scheduled automatic updates installations
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /f /v NoAutoRebootWithLoggedOnUsers /t REG_DWORD /d 1
ECHO.
ECHO 3. Starting Windows Update Services...
sc config bits start=delayed-auto
sc config wuauserv start=demand
net start bits
net start wuauserv
ECHO.
ECHO 4. Forcing discovery updates...
wuauclt /detectnow
ECHO.
ECHO Task completed sucessfully! Press any key to exit...
PAUSE >NUL
No comments:
Post a Comment