I have Windows 2003 Servers and a mix of XP and Windows 7 clients.
I've just set up Wsus and want to create teh follwoing set up.
1 server, 1 XP client and 1 Win7 client get all approved updates automatically after patch tuesday. then one week later the remainder of the PCs and servers get the patchs.
as it stands I have a GPO set up as follows:
I have the following for Servers
I have creates an OU within teh Computers OU and placed one XP client and 1 Win7 clinet into it and teh same for teh Member Servers OU in AD.
I've then linked the PC GPO to the Test Pc OU and the Server GPO to the Test Server OU.
My understanding is then Every thursday at 17:00 my test PCs and Server will go to my sus server and download any approved updates approved for that group within SUS.
What I'm looking to do is create two more GPOs one for the remainder of my PCs and one for the remainder of my Servers that runs a week later. is it just a case of setting on up the test group for Wednesday night thus being the first to get the patches after patch tuesday and set a second GPO to schedule a download on say monday so they dont get the patches til almost a week later?
also how do you ensure that users cant keep defering reboots