WHAT I S THE DI FFERENCE BETWEEN A

DOMAI N, A WORKGROUP, AND A

HOMEGROUP?
A
2HTFYHTRY YRRT

Domains, workgroups, and homegroups represent different methods for organizing computers in
networks. The main difference among them is how the computers and other resources on the
networks are managed.
Computers running Windows on a network must be part of a workgroup or a domain. Computers
running Windows on home networks can also be part of a homegroup, but it's not required.
Computers on home networks are usually part of a workgroup and possibly a homegroup, and
computers on workplace networks are usually part of a domain.

To find out if your computer is on a workgroup or domain
1. Open System by clicking the Start button , right-clicking Computer, and then clicking
Properties.
2. Under Computer name, domain, and workgroup settings, you will see either the word
Workgroup or Domain, followed by the name.
The Computer name, domain, and workgroup settings


IP Addresses
How to crimp a RJ45 cable?
The RJ45 cable is a standard cable which has four twisted pairs of colors. It is easy to crimp a
RJ45 cable and make it into a straight cable or cross the cable as required. To make a straight
cable, the ends must be crimped in the same way at each end. When making a crossover cable,
some wires of certain colors have to be reversed. Learning how to crimp a RJ45 cable and
making straight and cross cables prove to be useful as different types of wires of varied lengths
are required to build a network.

What you need?
A reasonable length FTP cable
Two RJ45 tips
A clip crimp

How to proceed?
Strip the cable to 2 cm at each end and separate the strands.

They are usually divided into 4 twisted pairs of colors:

Orange / orange-white
Green / green-white
Blue / white and blue
Brown / brown-white
Making a straight cable
To make a straight cable, the tips must be crimped typically the same way at each end by respecting the
twisted pair size.

In general, the code used is:

1) orange-white
2) orange
3) green-white
4) Blue
5) blue-white
6) Green
7) brown-white
8) brown
Making a crossover cable
For a crossover cable, swap 1 with 3, and 2 with 6, in the list above. This gives:

1) green-white
2) green
3) orange and white
4) Blue
5) blue-white
6) orange
7) brown-white
8) brown

.
Step 1: Open Manage Your Server and choose Add or remove a role.


Step 2: Make sure you have completed all Preliminary Steps.

Step 3: Wait for settings to be detected


Step 4: Choose Domain Controller (Active Directory) for the new Server Role.


Step 5: Choose Next at the next prompt and choose Next at the Welcome to the
Active Directory
Installation Wizard prompt.


Step 6: Choose to continue installing at the Operating System Compatibility prompt.

Step 7: Choose Domain controller for a new domain at the Domain Controller Type
prompt.

Step 8: Choose Domain in a new forest next.

Step 9: Enter the full DNS name of the new domain. (Ex. cslabs.sclab.clarkson.edu)

Step 10: Choose the NetBIOS name of the new domain. (Ex. CSLABS)

Step 11: Choose the location of your Database and Log Folders.

Step 12: Choose the location of your SYSVOL folder.

Step 13: If you receive a Diagnostic Failed at the DNS Registration Diagnostics
screen.
Choose to Install and configured the DNS server on this computer, and set this
computer to use this
DNS server as its preferred DNS server.


Step 14: Choose to have your domain permissions compatible only with Windows 2000
and newer
operating systems.

Step 15: Set the Directory Services Restore Mode Administrator Password.

Step 16: Review the Summary and choose Next to continue the installation.

Step 17: Wait for the installation to finish. Thats it, Active Directory is set up and ready
to use.


Setting up a DHCP Server
This will serve as a step-by-step guide on how to setup a DHCP server.
Installing the DHCP server is made quite easy in Windows 2003. By using the "Manage your
server" wizard, you are able to enter the details you require and have the wizard set the basics for
you. Open to "Manage your server" wizard, select the DHCP server option for the list of server
roles and press Next.
You will be asked to enter the name and description of your scope.

Scope: A scope is a collection of IP addresses for computers on a subnet that use DHCP.


The next window will ask you to define the range of addresses that the scope will distribute
across the network and the subnet mask for the IP address. Enter the appropriate details and click
next.

You are shown a window in which you must add any exclusions to the range of IP addresses you
specified in the previous window. If for example, the IP address 10.0.0.150 is that of the
company router then you won't want the DHCP server to be able to distribute that address as
well. In this example I have excluded a range of IP addresses, 10.0.0.100 to 10.0.0.110, and a
single address, 10.0.0.150. In this case, eleven IP's will be reserved and not distributed amongst
the network clients.

It is now time to set the lease duration for how long a client can use an IP address assigned to it
from this scope. It is recommended to add longer leases for a fixed network (in the office for
example) and shorter leases for remote connections or laptop computers. In this example I have
set a lease duration of twelve hours since the network clients would be a fixed desktop computer
in a local office and the usual working time is eight hours.

You are given a choice of whether or not you wish to configure the DHCP options for the scope
now or later. If you choose Yes then the upcoming screenshots will be of use to you. Choosing
No will allow you to configure these options at a later stage.

The router, or gateway, IP address may be entered in next. The client computers will then know
which router to use.


In the following window, the DNS and domain name settings can be entered. The DNS server IP
address will be distributed by the DHCP server and given to the client.

If you have WINS setup then here is where to enter the IP Address of the WINS server. You can
just input the server name into the appropriate box and press "Resolve" to allow it to find the IP
address itself.


The last step is to activate the scope - just press next when you see the window below. The
DHCP server will not work unless you do this.

The DHCP server has now been installed with the basic settings in place. The next stage is to
configure it to the needs of your network structure.
Configuring a DHCP server
Hereunder is a simple explanation of how to configure a DHCP server.
The address pool displays a list of IP ranges assigned for distribution and IP address exclusions.
You are able to add an exclusion by right clicking the address pool text on the left hand side of
the mmc window and selecting "new exclusion range". This will bring up a window (as seen
below) which will allow you to enter an address range to be added. Entering only the start IP will
add a single IP address.

DHCP servers permit you to reserve an IP address for a client. This means that the specific
network client will have the same IP for as long as you wanted it to. To do this you will have to
know the physical address (MAC) of each network card. Enter the reservation name, desired IP
address, MAC address and description - choose whether you want to support DHCP or BOOTP
and press add. The new reservation will be added to the list. As an example, I have reserved an
IP address (10.0.0.115) for a client computer called Andrew.

If you right click scope options and press "configure options" you will be taken to a window in
which you can configure more servers and their parameters. These settings will be distributed by
the DHCP server along with the IP address. Server options act as a default for all the scopes in
the DHCP server. However, scope options take preference over server options.
In my opinion, the DHCP server in Windows 2003 is excellent! It has been improved from the
Windows 2000 version and is classified as essential for large networks. Imagine having to
configure each and every client manually - it would take up a lot of time and require far more
troubleshooting if a problem was to arise. Before touching any settings related to DHCP, it is
best to make a plan of your network and think about the range of IPs to use for the computers.

Start Disk Management
Note You must be logged on as Administrator or a member of the Administrators group to use Disk
Management.
1. Click Start, point to Administrative Tools, and then click Computer Management.
2. In the console tree, click Disk Management.

The Disk Management window that appears displays your disks and volumes in a graphical view
or list view.

To customize whether you view your disks and volumes in the upper or lower pane of the
window, point to Top or Bottom on the View menu, and then click the view that you want.
Note Before a new, unpartitioned disk can be used in Windows (partitioned or upgraded to Dynamic
Disk), it must contain a disk signature. The first time that you run the Disk Management snap-in after a
new hard disk is installed, the Disk Signature and Upgrade Disk Wizard starts. If you cancel the wizard,
you may find that when you try to create a partition on the new hard disk, the Create Partition option is
unavailable (appears dimmed).
How to Manage Basic Disks
Basic disk storage supports partition-oriented disks. A basic disk is a physical disk that contains basic
volumes (primary partitions, extended partitions, or logical drives). On master boot record (MBR) disks,
you can create up to four primary partitions on a basic disk, or up to three primary partitions and one
extended partition. You can also use free space on an extended partition to create logical drives. On
GUID partition table (GPT) disks, you can create up to 128 primary partitions. Because you are not
limited to four partitions on GPT disks, you do not have to create extended partitions on logical drives.

Use basic disks, instead of dynamic disks, on computers that run Microsoft Windows XP Professional or a
member of Windows Server 2003 that are configured to dual-boot or multi-boot with Microsoft
Windows XP Home Edition, Microsoft Windows NT 4.0, Microsoft Windows Millennium Edition (Me),
Microsoft Windows 98 or earlier, or Microsoft MS-DOS. These operating systems cannot access data
that is stored on dynamic disks.

Note Windows Server 2003 operating systems and Windows XP Professional do not support multidisk
basic volumes (such as spanned, mirrored, stripe sets, or stripe sets with parity) that were created by
using Windows NT 4.0 or earlier.


Create a New Partition or Logical Drive
1. In the Disk Management window, do one of the following:
o To create a new partition, right-click unallocated space on the basic disk where you
want to create the partition, and then click New Partition.

-or-
o To create a new logical drive, right-click free space on an extended partition where you
want to create the logical drive, and then click New Logical Drive.
2. On the Welcome to the New Partition Wizard page, click Next.
3. On the Select Partition Type page, click the type of partition that you want to create, and then
click Next.
4. On the Specify Partition Size page, specify the size in megabytes (MB) of the partition that you
want to create, and then click Next.
5. On the Assign Drive Letter or Path page, enter a drive letter or drive path, and then click Next.
6. On the Format Partition page, specify the formatting options that you want, and then click
Next.
7. On the Completing the New Partition Wizard page, verify that the options that you selected are
correct, and then click Finish.
Disk Management creates the new partition or logical drive and displays it in the appropriate basic disk
in the Disk Management window. If you chose to format the partition in step 6, the format process now
starts.


Format a Partition or Logical Drive
1. In the Disk Management window, right-click the partition or logical drive that you want to
format, and then click Format.
2. Specify the formatting options that you want, and then click OK.
3. Click OK when you are prompted to confirm the formatting changes.
View the Properties of a Partition or Logical Drive
1. In the Disk Management window, right-click the partition or logical drive that you want to view
the properties of, and then click Properties.
2. Click the appropriate tab to view a property.
Delete a Partition or Logical Drive
1. In the Disk Management window, right-click the partition or logical drive that you want to
delete, and then click Delete Partition or Delete Logical Drive.
2. Click Yes when you are prompted to confirm the deletion.
Notes
When you delete a partition or logical drive, you delete all data on that partition or logical drive
and the partition or logical drive itself.
You cannot delete the system partition, the boot partition, or a partition that contains the active
paging (swap) file.
You cannot delete an extended partition unless the extended partition is empty. You must
delete all logical drives before you can delete the extended partition.
Change a Basic Disk to a Dynamic Disk
Before you change a basic disk to a dynamic disk, note the following:
You must have at least 1 megabyte (MB) of unallocated disk space available on any master boot
record (MBR) basic disk that you want to change to a dynamic disk.
When you change a basic disk to a dynamic disk, you change the existing partitions on the basic
disk to simple volumes on the dynamic disk.
After you change a basic disk to a dynamic disk, you cannot change the dynamic volumes back
to partitions. You must first delete all dynamic volumes on the disk, and then change the
dynamic disk back to a basic disk.
Windows Server 2003 operating systems, Windows XP Professional, and Windows 2000 support
dynamic disks. After you change a basic disk to a dynamic disk, you can only access the disk
locally from these operating systems.
To change a basic disk to a dynamic disk:
1. In the graphical view of the Disk Management window, right-click the basic disk that you want to
change, and then click Convert to Dynamic Disk.

Note To right-click the basic disk, you must right-click the gray area that contains the disk title at
the left of the Disk Management details pane (for example, Disk 0).
2. Click to select the check box next to the disk that you want to change, and then click OK.
3. If you want to view the list of volumes in the disk, click Details in the Disks to Convert dialog
box.
4. Click Convert.
5. Click Yes when you are prompted to confirm the conversion, and then click OK.
How to Manage Dynamic Disks
Dynamic disk storage supports volume-oriented disks. A dynamic disk is a physical disk that contains
dynamic volumes. With dynamic disks, you can create simple volumes, volumes that span multiple disks
(spanned and striped volumes), and fault-tolerant volumes (mirrored and RAID-5 volumes). Dynamic
disks can contain an unlimited number of volumes.

Local access to dynamic disks (and the data that they contain) is limited to computers that run Windows
Server 2003 operating systems, Windows XP Professional, or Windows 2000. You cannot access or
create dynamic volumes on computers that are configured to dual-boot or multi-boot a Windows Server
2003, Windows XP Professional, or Windows 2000 and one or more of Windows XP Home Edition,
Windows NT 4.0 and earlier, Windows Millennium Edition, Windows 98 Second Edition and earlier, or
MS-DOS.

You create dynamic disks when you use the Convert to Dynamic Disk command in Disk Management to
change a basic disk.


Create a Simple Volume or Spanned Volume
1. In the Disk Management window, do one of the following:
o To create a simple volume, right-click unallocated space on the dynamic disk where you
want to create the simple volume, and then click New Volume.

-or-
o To create a spanned volume, right-click unallocated space on the dynamic disk where
you want to create the spanned volume, and then click New Volume.
2. On the Welcome to the New Volume Wizard page, click Next.
3. On the Select Volume Type page, click either Simple volume or Spanned volume, and then click
Next.
4. On the Select Disks page, do one of the following:
o If you are creating a simple volume, verify that the disk that you want to create a simple
volume on is listed in the Selected dynamic disks box.

-or-
o If you are creating a spanned volume, click to select the disks that you want under All
available dynamic disks, and then click Add.

Verify that the disks that you want to create a spanned volume on are listed in the
Selected dynamic disks box.
5. In the Size box, specify the size (in MB) that you want for the volume, and then click Next.
6. On the Assign Drive Letter or Path page, enter a drive letter or drive path, and then click Next.
7. On the Format Volume page, specify the formatting options that you want, and then click Next.
8. On the Completing the New Volume Wizard page, make sure that the options that you selected
are correct, and then click Finish.
Extend a Simple Volume or Spanned Volume
If you want to increase the size of a simple or spanned volume after you create it, you can extend it by
adding unallocated free space on the dynamic disk. To extend a simple or spanned volume:
1. In the Disk Management window, right-click the simple or spanned volume that you want to
extend, and then click Extend Volume.
2. On the Welcome to the Extend Volume Wizard page, click Next.
3. On the Select Disks page, click to select the disk or disks that you want to extend the volume on,
and then click Add.
4. Verify that the disks that you want to extend the volume on are listed in the Selected dynamic
disks box.
5. In the Size box, specify how much unallocated disk space (in MB) that you want to add, and then
Next.
6. On the Completing the Extend Volume Wizard page, make sure that the options that you
selected are correct, and then click Finish.
Notes
You can only extend NTFS volumes or volumes that do not yet contain a file system.
If you upgraded from Windows 2000 to Windows Server 2003 (or to Windows XP Professional),
you cannot extend a simple or spanned volume that you originally created as a basic volume and
then changed to a dynamic volume in Windows 2000.
You cannot extend the system or boot volume.
Create a RAID-5 Volume
A RAID-5 volume is a fault-tolerant volume in which data and parity is striped across three or more
physical disks. If part of one physical disk fails, you can recover the data on the failed disk by using the
data and parity information on the functioning disks.
Format a Dynamic Volume
1. In the Disk Management window, right-click the dynamic volume that you want to format, and
then click Format.
2. Specify the formatting options that you want, and then click OK.
3. Click OK when you are prompted to confirm the formatting changes.
View the Properties of a Dynamic Volume
1. In the Disk Management window, right-click the dynamic volume that you want to view the
properties of, and then click Properties.
2. Click the appropriate tab to view a property.
Delete a Dynamic Volume
1. In the Disk Management window, right-click the dynamic volume that you want to delete, and
then click Delete Volume.
2. Click Yes when you are prompted to confirm the deletion.
Notes
When you delete a volume, you delete all data on the volume and the volume itself.
You cannot delete the system volume, the boot volume, or any volume that contains the active
paging (swap) file.
Change a Dynamic Disk Back to a Basic Disk
Before you can change a dynamic disk back to a basic disk, you must delete all volumes from the
dynamic disk.

To change a dynamic disk back to a basic disk, right-click the dynamic disk that you want to change back
to a basic disk in the Disk Management window, and then click Convert to Basic Disk.

Note To right-click the disk, right-click the gray area that contains the disk title at the left of the Disk
Management details pane (for example, Disk 0).

Install Windows Server 2003 RIS
1. Click Start, point to Control Panel, and then click Add or Remove Programs.
2. Click Add/Remove Windows Components.
3. Click to select the Remote Installation Services check box, and then click Next.

NOTE: If you are prompted for the Windows Server 2003 installation files, put the Windows
Server 2003 CD-ROM in the CD-ROM drive, and then click OK. After you do so, you may receive a
message with options for upgrading the operating system. Click No.
4. Click Finish, and then click Yes to restart your computer.
Set Up RIS
1. Log on as a user with administrative privileges.
2. Click Start, click Run, type risetup.exe, and then click OK to start the RIS Setup Wizard.
3. When the "Welcome" screen appears, click Next.
4. Type the drive letter and folder in which the RIS files are stored, and then click Next. For
example, you might type E:\RemoteInstall, and then click Next.
5. After the RIS Setup Wizard copies the files, you are be prompted to enable or disable the RIS
service, and the options are:
o Respond to client computers requesting service. If you select this option, RIS is
enabled, and it will respond to client computers that are requesting service.
o Do not respond to unknown client computers. If you select this option, RIS only
responds to known client computers.
6. Click Respond to client computers requesting service, and then click Next.
7. You are then prompted for the location of the client operating system installation files. Put the
client operating system CD-ROM in the server CD-ROM drive, and then click Next.

NOTE: Microsoft only supports the use of Microsoft media when creating a client operating
system image. The use of non-Microsoft media is not supported.
8. Type the folder name for the client operating system installation files on the RIS server, and
then click Next.
9. Type a friendly description for the operating system image. This is displayed to users after they
start a remote client and run the Client Installation Wizard.
10. Click Next, click Finish, and then click Done.
Authorize RIS in Active Directory
After you install RIS, the RIS server must be authorized in Active Directory. Authorization determines
control of which RIS servers can serve client computers on the network. If the RIS server is not
authorized in Active Directory, client computers that request service cannot contact the RIS server.

NOTE: To authorize a RIS server in Active Directory, you must be logged on as an enterprise
administrator or a domain administrator of the root domain.
1. Click Start, point to Administrative Tools, and then click DHCP.
2. In the left pane, right-click DHCP, and then click Manage Authorized Servers.
3. If your server is not listed, click Authorize, type the name or the IP address of the RIS server, and
then click OK.

NOTE: If you are prompted to confirm the RIS server, verify the name and IP address, and then
click OK.
4. Click Close, and then quit the DHCP console.
Set User Permissions
With RIS, clients can install their own client operating system. The users must also be granted
permissions for creating computer accounts in the domain. To make it possible for users to create
computer accounts anywhere in the domain:
1. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
2. In the left pane, right-click your domain name, and then click Delegate Control.
3. In the Delegation of Control Wizard, click Next.
4. Click Add.
5. Type the name of the group that requires permission to add computer accounts to the domain,
and then click OK.
6. Click Next.
7. Click to select the Join a computer to the domain check box, and then click Next.
8. Click Finish.
Install Clients By Using RIS
This section describes how to install a client operating system on a computer that contains a network
adapter that supports PXE DHCP-based boot ROM. To install a client operating system:
1. Make sure that the network adapter is set as the primary boot device in the computer BIOS.
2. Restart the client computer from the network adapter.
3. When you are prompted to do so, press F12 to start the download of the Client Installation
Wizard.
4. At the "Welcome" screen, press ENTER.
5. Type a user name that has permissions to add computer accounts to the domain, and then type
the domain name and password for this user.
6. Press ENTER.
7. When you receive a warning message that states that all data on the client computer hard disk
will be deleted, press ENTER.
8. A computer account and a global unique ID for this workstation are displayed. Press ENTER to
start Setup.
9. If you are prompted to do so, follow the instructions on the screen to complete the client
operating system installation.
Remote Installation Boot Disk Option
You can use the remote installation boot disk with computers that do not contain a network adapter
that supports PXE DHCP-based boot ROM. The boot disk is designed to simulate the PXE startup process.

Rbfg.exe is a utility for creating network installation disks, and it is located in the RemoteInstall\Admin
folder on every RIS server.


Creating a Boot Disk By Using the Windows Remote Boot Disk Generator
To create a remote installation boot disk:
1. Locate the drive:\RemoteInstall\Admin\I386 folder on the RIS server, where drive is the drive on
which RIS is installed.
2. Double-click the Rbfg.exe file.
3. Put a floppy disk in the floppy disk drive, and then click Create Disk.
4. When you prompted to create another disk, click No, and then click Close.
NOTE: To view a list of supported network adapters, click Adapter List. You cannot add network
adapters to this list.

Windows Server Update Services
There are many benefits to using WSUS for deploying updates. One such benefit is that it gives
administrators an opportunity to download updates to a specific server on the network and use
them within a test environment before approving them for installation in the production
environment. If you have ever installed updates, you are probably aware that installing them does
not always produce positive results. So this gives administrators a chance to install the update
before they are installed on production servers and workstations.
There are two different components to a software update infrastructure that uses WSUS. You
have at least one server on the network running SUS and you have your automatic update clients
as outlined below.
Windows Server Update Services server
This component is installed on a computer running Windows 2000 or Windows Server 2003.
Whenever updates are available on the Windows Update Site, the WSUS server can
automatically download them (or they can be downloaded manually by an administrator). The
updates can then be tested, published for users, and installed on workstations configured to use
WSUS.
Automatic Update Clients
This component is installed on all servers and workstations running Windows Server 2003,
Windows 2000, and Windows XP so they can connect to the server on the internal network
running WSUS.
Pre-installation tasks
Before you attempt to install WSUS on a server, there are some pre-installation tasks that you
need to be completed. This will ensure that the server meets all the configuration requirements
needed to install WSUS.
Disk requirements
The system partition and the partition that WSUS will be installed on must both be formatted
with NTFS. The system partition requires at least 1 GB of free space and the volume that will be
used to store WSUS content requires a minimum of 6 GB of free space. Finally, the volume that
will host the Windows SQL Server 2000 Desktop Engine (WMSDE) requires a minimum of 2
GB of free space.
Hardware requirements
The server requirements do not stop there. Along with a specific disk configuration, the server
must also meet specific hardware requirements. As you can see from the list below, the hardware
requirements for WSUS are dependent on the number of clients on the network.
For networks with less than 500 clients:
750 MHz Pentium III processor; 1 GHz Pentium III or higher recommended.
Microsoft Windows Server 2003 Standard or Enterprise Edition; Microsoft Windows 2000 Server
or Advanced Server with SP4 or later
512 MB of RAM; 1 GB or more recommended
CD-ROM or DVD-ROM drive; VGA or higher-resolution monitor; keyboard and Microsoft Mouse
or compatible pointing device
For networks with more than 500 clients:
1 GHz Pentium III processor or higher; 3 GHz Pentium IV or higher recommended
Microsoft Windows Server 2003 Standard or Enterprise Edition; Microsoft Windows 2000 Server
or Advanced Server with SP4 or later
1 GB of RAM or more
CD-ROM or DVD-ROM drive; VGA or higher-resolution monitor; keyboard and Microsoft Mouse
or compatible pointing device
Software requirements
The software requirements vary depending on what platform WSUS is being installed on. When
installing WSUS on Windows Server 2003, the software requirements that must be met includes:
Microsoft Internet Information Services (IIS) 6.0
Microsoft .NET Framework 1.1 Service Pack 1 for Windows Server 2003
Background Intelligent Transfer Service (BITS) 2.0
Firewall requirements
The firewall requirements are only applicable to those WSUS servers that are located behind a
corporate firewall. In such cases, the corporate firewall may have to be configured to allow the
WSUS server to obtain updates. WSUS requires port 80 for protocol and port 443 for HTTPS
protocol. Alternatively, instead of opening those ports and protocols to all addresses, access can
be restricted to the domains listed below:
http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://wustat.windows.com
http://ntservicepack.microsoft.com
Installing WSUS
Once your server meets the requirements outlined in the previous section, you should be ready to
install WSUS. The process is straightforward and the steps are outlined below. Keep in mind that
you must log on with a user account that is a member of the local Administrators group on the
server in order to install WSUS.
1. Double click WSUSSetup.exe (this is the file downloaded from Microsoft).
2. Click Next when the Welcome screen appears.
3. Click I accept the terms of the License Agreement and then click Next.
4. From the Select Update Source, click Store updates locally and select the location on the server
where the updates will be stored as shown in the Figure A. Click Next.
Figure A

WSUS setup requires you to specify where updates will be stored.
5. On the Database Options screen, click Next to accept the default. This will install the WMSDE on
the server.
6. From the Web Site Selection screen shown in Figure B, specify the Web site that will be used by
WSUS. The bottom of the screen will also list the URL that WSUS clients will obtain updates from
and the URL for the WSUS console. Click Next.
Figure B

WSUS setup allows you to specify the Web site to use for the administration tool
7. From the Mirror Update Settings screen, click Next to accept the default.
8. Review the settings on the Ready to Install Windows Server Update Services screen and click
Next.
9. Click Finish.
Now that the software is installed, you are ready to begin configuring WSUS. The installation of
WSUS includes an administrative component that is used to configure the server. You can access
the WSUS console in one of two ways. You can open your Web browser and type in the address
to the admin site (http://<yourservername:portnumber>/WSUSAdmin). Conversely, you can
click Start, point to Administrative Tools, and select Microsoft Windows Server Update
Services.
Configuring WSUS
You can obtain updates from the Microsoft Update Web site through synchronization. However,
if the WSUS server is behind a proxy server, you must first configure the network connection so
it can access the Internet.
Configuring proxy settings
By default, WSUS will be configured to obtain updates from Microsoft Update. If the server is
behind a proxy server, you will need to use the WSUS console to configure the required proxy
settings as outlined below.
1. Click Start, point to All Programs | Administrative Tools | Microsoft Windows Server Update
Services.
2. On the toolbar, click Options.
3. Click Synchronization Options.
4. Click the Use a proxy server when synchronizing option and type in the proxy server name and
port number.
5. If credentials are required to connect through the proxy server, click Use user credentials to
connect to the proxy server option and specify the username and password the WSUS server
will use.
6. Click the Save Settings option under Tasks.
7. Click Ok to confirm your actions.
Configure products and update to download
At this point you are ready to identify the products and the types of updates you want the WSUS
server to download. For example, the WSUS server can be configured to only download updates
in a specific language.
To configure which products and classifications the WSUS server should download during
synchronizations:
1. Within the WSUS administrative console, click Options, and click Synchronization Options.
2. Click Change from the Products and Classification box.
3. From Add/Remove Products, click the products that are pertinent to your network.
4. Click OK.
5. Click Change under Update classifications.
6. From Add/Remove Classifications, click the classifications for the updates that should be
downloaded by the WSUS server.
7. Click OK.
Perform synchronization
Once the WSUS server is able to access the Internet, you can obtain updates from the Microsoft
Update Web site. As already mentioned, this is done through synchronization. You can initiate
synchronization within the WSUS console. On the toolbar, click Options and then
Synchronization Options. Under the list of tasks, click Synchronize Now.
During this process, the WSUS server will connect to Microsoft Update to determine if there are
any new updates available since the last synchronization took place. However, since the WSUS
server is accessing Microsoft Update for the first time, all the updates will be available.
Advanced options
Along with the basic options outlined above, you can also configured advanced synchronization
options on the WSUS server. These options are used to control things such as bandwidth usage
and where the updates are stored. Advanced options include:
Storage options
Deferred downloads options
Filtering Updates options
Express installation options
Storage options
As you saw during the installation of WSUS, by default, updates are downloaded and stored
locally on the WSUS server. Alternatively, you can force clients to obtain updates from the
Microsoft Update Web site instead of storing the updates on the WSUS server. Using this option
instead of the default is useful in situations where clients have high speed Internet connections
but the connection to the WSUS is slow. This configuration still allows you to approve updates;
it only alters where clients download them from.
You can change where updates are stored by selecting Synchronization Options within the
WSUS administrative console. Click the Advanced option under Update Files and Languages
and click OK to accept the warning message. From Advanced Synchronization Options under
Update Files, click one of the following options:
Store update files locally on this server
Do not store updates locally; clients install updates from Microsoft Update
Deferred downloads options
The Deferred Downloads Options allows you to configure when the updates should be
downloaded. Updates can be downloaded in full during the synchronization process. Or, the
download of all updates can be deferred until they are approved. This means that all the files
required to install an update are not downloaded until they are approved by an administrator.
This allows you to use available bandwidth more efficiently.
You can configure this option from the From Advanced Synchronization Options under Update
Files. Select the Download updates to this server only when updates are approved option to defer
downloads.
Filtering updates options
Another way that you can optimize bandwidth is to limit the download of updates to specific
languages, products, and update type. The default behavior of WSUS is to download all updates
for all products in all languages. Chances are many of the updates will not be applicable to your
network clients. To better optimize bandwidth, you should limit the download of updates to only
those that you require.
You can configure this option from the From Advanced Synchronization Options under Update
Files. Select from one of the options outlined below:
Download only those updates that match the local of this server (Locale) - Only those updates
that match the locale of the WSUS server are downloaded
Download updates in all languages, including new languages - All languages are downloaded
regardless of the locale of the WSUS server
Download updates only in the selected languages - Only updates in the language/languages
you have selected are downloaded
Express installation options
This option is used to specifically optimize the bandwidth on the local network between the
WSUS server and clients. Keep in mind though that there is a downside of using this option
because downloading the express installation files to the WSUS requires more bandwidth than
just downloading the updates themselves. However, installing the updates on the clients requires
less bandwidth when using the express installation files.
You can enable this option from the Advanced Synchronization Options under Update Files by
clicking Download express installation options.
Up to date and ready to go
As you can see, Windows Server Update Services offers a secure, efficient solution for
deploying Microsoft updates to servers and workstations. Once the service is installed, the
service can be customized to meet varying needs and requirements, thereby making it an update-
solution that can be utilized in different environments.