srvops
  • Server Ops
  • Linux
    • Network
      • Cisco
        • The 7 Layers of the OSI Model
        • LLDP
        • LACP
        • STP
        • multicast
        • config
        • Vlan
        • BGP
        • DPDK
      • Gateway
      • DHCP
    • Network Managment
      • FTP
      • Common
      • curl
      • finger
      • ping
      • wget
      • Transfer files
        • scp & sftp
        • ftp
      • ifconfig
      • ip
        • Route
      • DNS
      • tcpdump
      • iptables
      • LVS
    • Linux Fundamental
      • Kernel parameter tuning
      • kernel compilation
      • Kernel Upgrade
      • Performance
        • Links
        • Command for performance optimise
        • System performance test
        • CPU&Memory
        • Disk
        • raid
        • strace
        • truss strace ltrace
      • QA
      • Signs and Symbols
      • Disk management
      • File management
        • ls
        • Directory
        • cat & head/tail & more/less
        • chgrp
        • chmod-Permissions
        • chown
        • cp & mv
        • file & strings
        • find & locate
        • grep & egrep % fgrep
        • rename
        • vim
        • tr
        • sort
        • uniq
        • wc
        • diff - Compare Files
      • Disk management
        • dd
        • df
        • du
        • fdisk
        • format
        • free
        • mount
      • Process management
        • job & kill - Process and Job Control
        • ps
        • top
        • lsof
        • nohup
      • Basic Shell Command
        • xargs
        • awk
        • sed
        • cut
        • tar & gzip
        • wildcards
        • Input, Output, Redirection
        • Customizing the Shell Prompt
        • Aliases
        • export - Environment Variables
        • Cron
        • su & sudo -Switch User and running commands as others
        • history - shell history and Tab cpmpletion
        • yum & rpm - Installing software
        • LAMP & WordPress on Ubuntu
      • Keygen
      • Screen
      • Rsync
      • running level
      • Systemd
    • Open Source Application
      • Virtualization
        • VMware
          • Esxi- move management to another vSwitch
        • Vagrant
        • Vagrantfile
      • Kubernetes
      • Container
        • Docker
          • Install
          • Run
          • dockerfile
          • Docker Compose
          • Clean up docker on mac
          • Task
      • Cloud Foundry
      • Storage
      • consul
      • zookeeper
      • log
        • elasticsearch
      • version control
        • Git
        • SVN
    • Enterprise Application
      • Ansible
      • Terraform
      • Citrix
      • BlueKing
        • Architecture
        • Tecent develop
        • Data Storage
        • DB Migration Testing
      • Cobbler
  • ServerOps
    • MA_Scripts
      • Apply Server Patch For LIVE
      • Apply Server Patch For QA
      • PreServer_Patch
      • Get counter
      • Get Log
      • Service backup -local
      • Service backup -remote
      • Game Service Version
      • Stop/Start services on Live automation
      • encode&decode passwd string
      • CleanupLog
      • Firewall monitor
      • CheckGameServiceState-Monitoring
        • Create service for selenium
        • Config mail sender on centos
    • Security
      • Security Linux
        • CheckOutBound-Monitoring
      • Security Windows
        • Disable Disconnected Interface
        • Disable External Interface
        • Security policy apply
        • Windows Server Backup
        • Disable McAfee Agent
    • Normal Maintenance Procedure
    • Operation
      • auto create MA ticket
      • Check list for new server setup
      • Reduce core numbers on physical level
      • get server info
      • Setup Initialization - Windows Servers
        • 1.Install_saltminion
        • 2.Check_key&get_serialnumber
        • 3.Check_Windows_Update
        • 4.Windows_firewall_initial
        • 5.Normal Setting
        • 6.NTP
        • 7.OS_Harden
          • security_policy_command_check
          • security_policy_command.bat
          • security_policy_infchange.inf
        • 8.Install log collector
        • 9.Install anti virus - Mcafee
      • VMware
        • Revert Guest OS
    • Config
      • Common server configuration on Windows
        • registry windows service
        • Windows Firewall Command
      • Common server configuration on centos
        • Setup multiple saltmaster
        • Config mail sender on centos6
        • Install unrar on CentOS 6
    • Issue & solution
      • Centos6.* upgrade glibc
      • Use github pages build personal blog
  • Windows
    • Activity Directory
      • AD Database
      • Ports
  • DevOps
    • CI/CD
    • JAVA
      • spock
      • Maven
Powered by GitBook
On this page
  1. ServerOps
  2. Operation
  3. Setup Initialization - Windows Servers

3.Check_Windows_Update

####check&install
#check updates, get guid 
salt '*' win_wua.list_updates
#install updates
salt '*' win_wua.install_updates guid=['guid','guid']

####Set wsus server
#check enable wsus
REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer

#enable wsus
REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer /t REG_DWORD /d 1 /f

#Install options 
#3 = Automatically download and notify of installation
REG ADD HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v AUOptions /t REG_DWORD /d 3 /f

#check
REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v WUServer
REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v WUStatusServer

#set (http://10.**.**.**:8530 is an example)
REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v WUServer /t REG_SZ /d http://10.**.**.**:8530 /f
REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v WUStatusServer /t REG_SZ /d http://10.**.**.**:8530 /f

wuauclt /detectnow
option.bat
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v WUServer /t Reg_SZ /d http://10.**.**.**:8530 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v WUStatusServer /t Reg_SZ /d http://10.**.**.**:8530 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v AUOptions /t REG_DWORD /d 3 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v ScheduledInstallDay /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v ScheduledInstallTime /t REG_DWORD /d 3 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v UseWUServer /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v DetectionFrequencyEnabled /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v DetectionFrequency /t REG_DWORD /d 22 /f

sc stop wuauserv
sc start wuauserv

Previous2.Check_key&get_serialnumberNext4.Windows_firewall_initial

Last updated 6 years ago