Using WSUS when building MDT reference images.
Setting up WSUS with MDT and using Specific WSUS Targetgroup!
In this guide we will not only set up MDT to use our WSUS but also use specific Targetgroups. In this case the targetgroup “Test”
With MDT it’s not possible by default to specify the WSUS target group. However You CAN fix this by adding an extra TS Variable..
First we setup the Variable in the customsettings.ini file \”mdtshare”\Control\customsettings.ini
In
-----------
[Default]
TargetGroup=Terminal Servers
WSUSServer=http://"url to internal wsus server"
----------- (Also remember to insert URL to your WSUS server!)
Now We need to edit the Windows update script \”mdtshare”\Scripts\ZTIWindowsUpdate.wsf.
(We’re going to set up the specific target group in registry)
Go to the Section “Configure Windows Update settings” and insert the following “If” statement:
If oEnvironment.Item("TargetGroup") <> "" then
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroup", oEnvironment.Item("TargetGroup"), "REG_SZ"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroupEnabled", 00000001, "REG_DWORD"
End if
– at the bottom of the “WsusServer” “If” Statement:
'//----------------------------------------------------------------------------
'// Configure Windows Update settings
'//----------------------------------------------------------------------------
If oEnvironment.Item("WsusServer") <> "" then
' Configure the WSUS server in the registry. This needs to be a URL (e.g. http://myserver).
oLogging.CreateEntry "Configuring client to use WSUS server " & oEnvironment.Item("WsusServer"), LogTypeInfo
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\WUServer", oEnvironment.Item("WsusServer"), "REG_SZ"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\WUStatusServer", oEnvironment.Item("WsusServer"), "REG_SZ"
If oEnvironment.Item("TargetGroup") <> "" then
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroup", oEnvironment.Item("TargetGroup"), "REG_SZ"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroupEnabled", 00000001, "REG_DWORD"
End if
End if
Now all we need is to add the variable to our Task Sequence:
In the Task Sequence, select the top of the “State Restore” group
and select “add>”, “General>”, “Set Task Sequence Variable”
And you’re good to go!
If everything is set up right, after deploying an image you will see a new nonedomain entity in your selected Target group on the WSUS server. 🙂
Where do I insert the URL to the WSUS server? Could you please email me the complete settings for using WSUS (server 2012) during Reference Image creation in MDT. My reference image creation works just fine, however doesn’t pick up anything from my WSUS server.
These are the steps that I ran through to complete the WSUS Install:
1. Installed WSUS role using the Windows Internal DB.
2. Set the classifications and Product and Synced it up over the internet with Microsoft Updates.
3. Set the automatic approval rule settings. Also Approved all the wanted updates for all Computers including unassigned computers.
3. Enabled the WSUSServer property reference in the custom settings file.
Please help. Thanks in advance.
You must set
WSUSServer=http:// “Your WSUS servers FQDN”
AND enable Windows update in the MDT Task sequence,
That is all I did…