Link to home
Create AccountLog in
Avatar of fstinc
fstinc

asked on

WSUS for reporting only

I have 1 WSUS server approving updates and a 2 WSUS server that I am trying to set up to only report updates and not install/approve or have anything to do with the actual installation of updates. However, I am having trouble doing so. Not all computers are showing up on the 2 WSUS server, the only computers that show up on there are the computers that are assigned to it on GP and all unassigned computers. I need all of the computers to show up, even if there getting the updates from WSUS server 1. I am currently able to do it with only assigned computers. Would a downstream or replica architecture work?
Avatar of James
James
Flag of Ireland image

Have a look at the link below.

http://www.wsuswiki.com/AUClient
In short, no. You can only associate a client with one WSUS server at a time.

Long answer, you are correct, a downstream setup would work for you, the master/upstream server would be used to approve updates and run reports. The downstream servers would then be used for update application.

Remember that WSUS has a hard coded software limitation of 30000 clients per WSUS server.
I would recommend changing your reporting tool. As it was mentioned. Clients can only have one WSUS server at the time. Download free MBSA (Microsoft Baseline Security Analyzer) from Microsoft at

http://technet.microsoft.com/en-us/security/cc184924

and use it for reporting (WSUS updates, and other security features)

Regards,
Krzysztof
Avatar of fstinc
fstinc

ASKER

OK,

As I was looking through GP, I thought that this might work. Configuring these remote users to grab the updates from SERVER1 and report updates to SERVER2STATS. However, I am not sure if a downstream structure would still be needed to have all the computers show up. I attached a pictures.
ScreenShot083.jpg
SOLUTION
Avatar of Erik Pitti
Erik Pitti
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of fstinc

ASKER

Basically, for remote users I want to(Actually my boss) have remote users connect to WSUS. Once there, The WSUS STATS serve will get updates from Microsoft but not store them locally, and the laptops will also get the updates from Microsoft. The WSUS SERVER is used on LAN workstations and actually stores updates locally and manages all of the clients. Only the remote users are getting them by Microsoft. But, from the looks of it, I configured it correctly. I have done alot of research on the same forums everyone posted, but this seems to work. Once GPUPDATE /FORCE scripts ran, the computers started showing up WSUS Stats. Thanks for the help. . .