Use WSUS Target Groups with MDT Task Sequences

Configure MDT task sequences to set WSUS TargetGroup values by adding a custom variable and modifying ZTIWindowsUpdate.wsf so deployed computers join the

Useful external reference: Microsoft Learn.

  • This guide explains how to use WSUS Target Groups with MDT by adding a custom task sequence variable and modifying ZTIWindowsUpdate.wsf so deployed computers join the correct WSUS group.

    Useful external reference: Microsoft Learn.

    • In the task sequence, introduce a new variable named WSUSTargetGroup. By default, this variable is not handled by MDT.
      • In the task sequence, introduce a new variable named WSUSTargetGroup. By default, this variable is not handled by MDT.
      Use WSUS Target Groups with MDT Task Sequences screenshot
      • In my LAB setup, I’ve also incorporated the “WSUSServer” variable, which is familiar to those using MDT. Typically, this variable is set within the customSetting.ini. However, I chose not to do so to avoid affecting my other task sequences.
      Use WSUS Target Groups with MDT Task Sequences screenshot
      • To proceed, you’ll need to modify the ZTIWindowsUpdate.wsf script, which can be found in the “script” directory of your deployment share. If the environment item “WSUSTargetGroup” is not empty, the script will write to the Windows registry, setting the WSUS Target Group accordingly.
      Use WSUS Target Groups with MDT Task Sequences screenshot
      If oEnvironment.Item("WSUSTargetGroup") <> "" then
    oShell.RegWrite "HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateTargetGroup", oEnvironment.Item("WSUSTargetGroup"), "REG_SZ"
    oShell.RegWrite "HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateTargetGroupEnabled", 00000001, "REG_DWORD"
End if

      WSUS Target Groups Overview