Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] 
"AcceptTrustedPublisherCerts"=dword:00000001 
"ElevateNonAdmins"=dword:00000001 
"TargetGroup"="Workstations" 
"TargetGroupEnabled"=dword:00000000 
"WUServer"="http://your-WSUS-server:port" 
"WUStatusServer"="http://your-WSUS-server:port"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] 
"AUOptions"=dword:00000004 
"AUPowerManagement"=dword:00000001 
"AutoInstallMinorUpdates"=dword:00000001 
"DetectionFrequency"=dword:0000000a 
"DetectionFrequencyEnabled"=dword:00000001 
"IncludeRecommendedUpdates"=dword:00000001 
"NoAUAsDefaultShutdownOption"=dword:00000001 
"NoAUShutdownOption"=dword:00000001 
"NoAutoRebootWithLoggedOnUsers"=dword:00000001 
"NoAutoUpdate"=dword:00000000 
"RebootRelaunchTimeout"=dword:0000000a 
"RebootRelaunchTimeoutEnabled"=dword:00000001 
"RescheduleWaitTime"=dword:0000000a 
"RescheduleWaitTimeEnabled"=dword:00000001 
"ScheduledInstallDay"=dword:00000000 
"ScheduledInstallTime"=dword:00000003 
"UseWUServer"=dword:00000001

- "WUServer"="http://your-WSUS-server:port"; and 
- "WUStatusServer"="http://your-WSUS-server:port"; 
to match the IP address (or FQDN) of your WSUS server. IMPORTANT: remove the ";" from the end of that lines!

Examples: 
"WUServer"=" http://WSUS.company.com:81 " 
"WUStatusServer"=" http://WSUS.company.com:81 "

"WUServer"=" http://192.168.0.1 " 
"WUStatusServer"=" http://192.168.0.1 "

"WUServer"=" http://intranet.local:8080 " 
"WUStatusServer"=" http://intranet.local:8080 "

The first key is named WUServer. This registry key holds a string value which should be entered as the WSUS server’s URL.

The other key that you will have to change is a string value named WUStatusServer. The idea behind this key is that the PC must report its status to a WSUS server so that the WSUS server knows which updates have been applied to the PC. The WUStatusServer key normally holds the exact same value as the WUServer key.

where the computers have access to it.

- double click on it from the client machine (admin rights required) 
OR 
- put in into the login script so it will be applied at every login

Here an example for using it in a Novell Login Script (Drive Z: is here the drive needed for the login):

IF OS = "WINNT" THEN 
#regedit.exe /s Z:\WSUS\wsus-client.reg 
@wuauclt.exe /resetauthorization /detectnow 
END

Here some links to get more informations about the options used in the *.reg file:

- http://technet.microsoft.com/en-us/library/cc708449%28WS.10%29.aspx 
- http://www.windowsnetworking.com/articles_tutorials/Registry-Keys-Tweaking-Windows-Update-Part1.html 
- http://www.windowsnetworking.com/articles_tutorials/Registry-Keys-Tweaking-Windows-Update-Part2.html 
- http://www.wsus.de/gpo (German - sorry) 
- http://smallvoid.com/article/winnt-automatic-updates-config.html 
- http://www.appdeploy.com/tips/detail.asp?id=103

Maybe it`s needed to remove that settings for various reasons. To get the default values in the registry, just follow the next step.

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]

where the computers have access to it.

- double click on it from the client machine (admin rights required)

That`s all. I don`t think it`s useful to add this in a login/logout script ;-) but it would work too.