One of the virtually of import things in every Windows based domains are updates. You`ll probably want to suit updating via Domain Group Policy since people oftentimes forget/postpone Windows Updates.

This LAB assumes y'all already have domain configuration in identify.

Here is how to do it on Windows Server 2022 R2:

On your domain controller open search (or run) and type in gpmc.msc | Click on gpmc

gp_windowsupdate_1

!!!! Piffling side annotation–  In this case, I don`t want same Windows Update policy for my servers and clients. It would be inappropriate for product servers to update and restart let'south say at Monday 13 hours. Merely information technology would be very good time for clients since everybody is at lunch at that time.

Anyway, it is good practise to create dissimilar Organizational Units for unlike types of computers and users in your environment so you tin fine tune your grouping policy and permissions also.

You can create new organization unit in Active Directory Users and Computers | right click on domain name | New – Organizational Unit

Let's get on with the LAB

Expand forest |Domains | right click on your OU (organizational unit) that you want this policy to apply (in my instance TestPCs OU) | Create a GPO in this domain, and Link it hither

gp_windowsupdate_2

We need to proper name New GPO. I`ll proper noun mine Windows_Update | Leave None nether Source Starter GPO | OK

gp_windowsupdate_3

New Policy is created (in my case) under TestPCs OU and it will apply to all PCs that are part of TestPCs OU.

Select created Windows_Update GPO (grouping policy object) and click on Settings tab on the right part of the screen

gp_windowsupdate_4

Right click on Computer Configuration |Edit

gp_windowsupdate_5

Click on Computer Configuration | Policies | Administrative Templates | Windows Components | Windows Update

gp_windowsupdate_6

Double click on Configure Automatic Updates |Enabled | under Options ascertain how you would like your updates to work. I choose following

Configure automated updating: 4 – Auto download and schedule the install

Schedule install twenty-four hour period:  2 – Every Monday at 13:00h

Apply |OK

gp_windowsupdate_7

In order to ostend that this setting is working nosotros need to test on one of the PCs that are affected by this policy.

Log on onto the PC – command prompt with administrative privileges (run as administrator)

              gpupdate /force

gp_windowsupdate_8

After that if we check under Control Panel | Windows Update | Change settings (right office of the screen) we see that update settings are changed

gp_windowsupdate_9

Other Windows Updates options worth mentioning:

Turn on recommended updates via Automated Updates

With this enabled you`ll get optional updates for windows components.

gp_windowsupdate_10

No auto-restart with logged on users for scheduled automatic updates installations is as well good option.

Determination

We did some Group Policy and enabled automatic Windows Update for our domain PCs.

Disclaimer