Server 2016 not updating from wsus
Windows 10 feature updates (denoted by the “Upgrades” classification in WSUS) are staged in encrypted packages to Windows Update several days prior to the actual go-live date.This is to ensure that we can release to all regions simultaneously.The update will be installed by default on Windows Server 2016 releases.The WSUS update that botched WSUS servers a couple weeks ago has been released under a new KB number.This, Microsoft hopes, will eliminate some of the problems that have been plaguing recent WSUS channel upgrades for Windows 10 machines delivered through Windows Server 2012/R2 with the KB3148812 patch.Microsoft says that WSUS machines had been unable to properly decrypt the upgrade files which in turn caused problems when the upgrades were pushed out to the end users.These upgrades are not your simple monthly updates or combined cumulative updates.
We already have all of our computer objects stored within the same organizational unit (OU) called “Servers” in this example, so this is where we will apply our GPO to.
The manual steps are contained in the knowledge base article, but Microsoft also lays them out in the blog post announcing today’s fixed update: The long-term fix for KB3148812 issues.
Microsoft goes on to explain why this update is critical…
In this post we will show you how to use group policy to configure computers within an Active Directory domain to perform automatic Windows updates from either the Internet or a WSUS server that you manage.
Automating updates will save you a lot of administration time and speed the patching process up in the long run.
Microsoft has a released a fix to address problems with its Windows Server Update Services (WSUS) tool.