I have SUS running in our AD. I've configured SUS correctly so far, and
clients are getting their updates successfully.
I have one problem, however - the main servers are getting these updates,
even though I do not want them to. I want to patch them manually.
Here's what I did to exclude them, but it's not working - can anyone tell me
I created a security group and put all the server machines in it. I called
it "No SUS".
I went to the properties of the current GP that uses SUS and added "No SUS"
to it with implicit Deny rights on "Apply Group Policy".
What did I do wrong?