Solved

A few WSUS questions

Posted on 2006-07-18
4
221 Views
Last Modified: 2010-04-18
Hi Guys,

i've got round to setting up WSUS on our network, and i just have a few questions about it. I have created a test container with all the standard settings that WSUS needs to get it to work. I can see the computer in WSUS and it says that there are updates that it needs, but just says "!status - needed" and on the client machine, it says that there are new updates ready to install. Is there anyway to automate this? Are there other GP settings that i need to change/modify?

another query i have is about approving updates. I've selected what components i want WSUS to download, but is there a rule when it comes to approving them? or should i just approve them all!

I am going round the whole company and rebuilding each machine, then putting them into this new container with WSUS. Is this the right way to go about it.

Thanks for all your help.

Gavin
0
Comment
Question by:Gavin5511
  • 3
4 Comments
 
LVL 23

Accepted Solution

by:
TheCleaner earned 500 total points
ID: 17130346
There are Group policy settings under the computer configuration portions of GPOs that will need to be set.  They are under the Windows Updates section.  This will allow automatic updates to happen through the WSUS server.  See here:  http://technet2.microsoft.com/WindowsServer/en/Library/51c8a814-6665-4d50-a0d8-2ae27e69ca7c1033.mspx?mfr=true

I would approve critical updates, but any other updates I personally don't approve unless I've tested them and have a reason for adding them.

As far as WSUS "containers" go...I create one for each type of OS, then one for "testing".  But that's up to you.
0
 
LVL 1

Author Comment

by:Gavin5511
ID: 17130797
Excellent, thanks for that! we only use one operating system in the company, but thats a great idea creating a "test" OU for it.

will that website teach me how to make updates invisible to the user? will it be in this section where you can prevent users from being able to accept or decline the installtion of updates, and the ability to access the "windows update" option on the start menu?
0
 
LVL 23

Expert Comment

by:TheCleaner
ID: 17132067
Well, it's not a test "OU" it is a test container INSIDE wsus (computer groups in the admin webpage).

Yes...that's correct...on the GPO settings all is listed on that page.  For making updates invisible...it will install them invisibly but may need a reboot, in which case you can set the option in group policy to either reboot it or ask the user to reboot.  The users cannot "decline" the installation of the update...you will set that in WSUS console and that's what they'll get.  And the bottom option on that page shows how to disable them from access Windows Update on their own.
0
 
LVL 23

Expert Comment

by:TheCleaner
ID: 17137982
Thank you for the points!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question