When you configure the Group Policy settings for WSUS, use a Group Policy object (GPO) linked to an Active Directory container. The container contains the computers for which the updates are to be deployed.
In Client side targeting you use Group Policy objects (GPOs) to add computers to computer groups. Most of all client side targeting in WSUS is required when you might have multiple GPOs linked to several organizational units (OUs). This enables you to have different WSUS policy settings applied to different types of computers.
If you have already have an OU to which you want to apply the policy, you can use that OU. First of all on the Domain Controller, we will create a OU called Workstations. We will then move a client computer called CLIENT into the OU.
Login to the WSUS server. Launch the WSUS Console.
Click on Computers. A new windows pops up, under General Tab choose “Use Group Policy or registry settings on computers“. Click Apply and OK.
How to Configure Client Side Targeting in WSUS
Now we will enable the client side targeting through the group policy. Right click the domain and create a policy called WSUS Update Policy. Right click the WSUS Update Policy, click Edit.
Note – You can create multiple GPO’s if required. In case you have several OU’s and you want to apply different WSUS settings, you will need to create separate GPO’s for each, define the windows update settings and apply the policies on desired OU’s.
On the Group policy management editor, click on Computer Configuration > Policies > Administrative templates > Windows Component > Windows Update.
Double Click Configure Automatic Updates. Click Enabled to enable the policy. Under Options, for Configure automatic updating – select option 4 – Auto download and schedule the install. Set Schedule install day as Everyday and Schedule install time as 10:00. Click Apply and OK.
Double the policy Specify intranet Microsoft Update service location and specify the name of WSUS server (http://wsus.prajwal.local) for both intranet update service for detecting updates and intranet statistics server. click Apply and OK.
Right click Enable Client-side targeting and click Edit.
On the Enable Client-side targeting page, Click on Enabled to enable the policy. For the Target group name for this computer, type the name of the OU that you have created in Active Directory. click Apply and OK.
By default, Group Policy refreshes in the background every 90 minutes, with a random offset of 0 to 30 minutes. However if you want to refresh Group Policy sooner, you can go to a command prompt on the client computer and type: gpupdate /force.