How to create computer groups in WSUS

Create computer groups for WSUS

  1. Run the WSUS console.
  2. Go to Computer > All Computers, you will see one default computer group called Unassigned Computers. This group is where all computer objects will end up unless you specify otherwise. 
3. Right click on All Computers and select Add Computer Group. 

4. You will have two options  to specify which computer group a particular machine will be part of known as server side targeting or client side targeting.

  • Server Side Targeting: The WSUS console is used to create the computer groups as well as assign the computers that should be a member of the group. This may be a good option if you only have a small number of machines to manage that are not domain joined using WSUS as it’s all done manually.
  • Client Side Targeting: This is the option you’ll likely want to use in a larger environment. Group policy is used in an Active Directory based environment to automatically place specific machines into defined computer groups. The group policy option can be found under Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Update > Enable client-side targeting. Simply set it to enabled, and enter the group name that you created in the WSUS console. Once the policy has been applied when the client computer goes to perform an update, WSUS will automatically place it into the correct computer group. 

in our case, we select Use Group Policy or registry settings on computers. 

5. Click Apply to complete the configuration.

How to remove a computer from WSUS

 If for some reasons, you want to remove a computer from the WSUS, you may have these options.

Remove WSUS Settings via PowerShell

1.Click Start and open PowerShell as Administrator (Right Click > Run as Administrator).

2.Stop the Windows Update Service by entering the command Stop-Service -Name wuauserv.

3.Remove the Windows Update registry key by entering the command Remove-Item HKLM: \Software\Policies\Microsoft\Windows\WindowsUpdate -Recurse.

4.Finally, Start the Windows Update Service again by entering the command Start-Service -name wuauserv.

Remove WSUS Settings Manually

1.Click Start and type regedit into the start search box, then Right Click and Run as Administrator.

2.Navigate to HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\

3.Right Click and Delete the registry key WindowsUpdate, then close the registry editor.

4.Open the Services Console by entering services.msc in the start search box.5.Locate and Restart the Windows Update Service

Manage User’s Azure Security Verification

Situation: Normally, a user can manage his/her Azure Security Verification by login Office portal. However, in a case, the user change or losses his/her phone and can’t login Office, IT manage may help the user to change the Azure Security Verification contact info.

Here is how.

  1. Login Azure portal with admin account.

2. Go to Azure Active Directory>Users>All Users.

3. Find the user you want to manage, and click Edit. You will have these options: Identify, Contact info, Authentication contact info.



4. If Contact info is grayed out, you may change this info from your local AD.

5. If the Authentication contact info is grayed out, click Access Panel Profile. 



6. in the Profile, click Additional security verification.

Cisco ACI Review

Cisco Application Centric Infrastructure (ACI) is defined Cisco’s software-defined networking (SDN) offering for data center and cloud networks.

Cisco ACI offers

Automation and agility: Automate IT workflows and help organizations shorten app deployment from weeks to minutes.

 Open and programmable: Build programmable SDN fabrics leveraging open APIs and over 65 Cisco ACI global partner ecosystems.

Security and analytics: Secure applications through whitelist model, policy enforcement, and micro-segmentation.

 Workload mobility at scale: Deploy and migrate applications seamlessly across geographies with consistent policy.
People complaint:
1. Cisco ACI doesn’t work well with other network switch and firewall vendors.
2. It is expensive because Cisco ACI requires customers replace their existing hardware
3. Cisco ACI doesn’t deliver a true SDN solution
4. Migration to Cisco ACI is not easy

What’s Azure Active Directory conditional access

Azure Active Directory (Azure AD) conditional access is a Azure policy which can control how authorized users access your cloud apps. With this policy, you can define the response (“Then do this”) to the reason for triggering your policy (“When this happens”).

 

Windows Server 2019 preview production key

Windows Server 2019 LTSC Build 17623 is available in ISO format in 18 languages. This build and all future pre-release builds will require use of activation keys during setup. The following keys allow for unlimited activations:

Datacenter Edition  6XBNX-4JQGW-QX6QG-74P76-72V67
Standard Edition  MFY9F-XBN2F-TYFMP-CCV49-RMYVH