fstinc
asked on
WSUS for reporting only
I have 1 WSUS server approving updates and a 2 WSUS server that I am trying to set up to only report updates and not install/approve or have anything to do with the actual installation of updates. However, I am having trouble doing so. Not all computers are showing up on the 2 WSUS server, the only computers that show up on there are the computers that are assigned to it on GP and all unassigned computers. I need all of the computers to show up, even if there getting the updates from WSUS server 1. I am currently able to do it with only assigned computers. Would a downstream or replica architecture work?
In short, no. You can only associate a client with one WSUS server at a time.
Long answer, you are correct, a downstream setup would work for you, the master/upstream server would be used to approve updates and run reports. The downstream servers would then be used for update application.
Remember that WSUS has a hard coded software limitation of 30000 clients per WSUS server.
Long answer, you are correct, a downstream setup would work for you, the master/upstream server would be used to approve updates and run reports. The downstream servers would then be used for update application.
Remember that WSUS has a hard coded software limitation of 30000 clients per WSUS server.
I would recommend changing your reporting tool. As it was mentioned. Clients can only have one WSUS server at the time. Download free MBSA (Microsoft Baseline Security Analyzer) from Microsoft at
http://technet.microsoft.com/en-us/security/cc184924
and use it for reporting (WSUS updates, and other security features)
Regards,
Krzysztof
http://technet.microsoft.com/en-us/security/cc184924
and use it for reporting (WSUS updates, and other security features)
Regards,
Krzysztof
ASKER
OK,
As I was looking through GP, I thought that this might work. Configuring these remote users to grab the updates from SERVER1 and report updates to SERVER2STATS. However, I am not sure if a downstream structure would still be needed to have all the computers show up. I attached a pictures.
ScreenShot083.jpg
As I was looking through GP, I thought that this might work. Configuring these remote users to grab the updates from SERVER1 and report updates to SERVER2STATS. However, I am not sure if a downstream structure would still be needed to have all the computers show up. I attached a pictures.
ScreenShot083.jpg
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Basically, for remote users I want to(Actually my boss) have remote users connect to WSUS. Once there, The WSUS STATS serve will get updates from Microsoft but not store them locally, and the laptops will also get the updates from Microsoft. The WSUS SERVER is used on LAN workstations and actually stores updates locally and manages all of the clients. Only the remote users are getting them by Microsoft. But, from the looks of it, I configured it correctly. I have done alot of research on the same forums everyone posted, but this seems to work. Once GPUPDATE /FORCE scripts ran, the computers started showing up WSUS Stats. Thanks for the help. . .
http://www.wsuswiki.com/AUClient