sivark14
asked on
WSUS configurations needed to setup downstream server
We have one upstream server and one downstream server configured. We use downstream server to update the patches for all desktop clients. Downstream server is configured to get the updates from upstream server which is configured to use proxy server for updates and we have enabled "Download update files to this server only when updates are approved" on both server. So If we apporve pathces on downstream server, will it look for updates only in the upstream server or if the updates are not available in the upstream server, will it intiate to download from internet in upstream server. How we can do the best configuration on both upstream and downstream server.
The upstream server is the sole-source for downstream servers. If the upstream server did not approve an update, it will not be available at the downstream server. The best flexibility you will get with a downstream is by not configuring it as a replica.
ASKER
Thanks for the response. We have not configured the downstream server as replica. So If we approve the patches in downstream server, how it will get download from upstream server since the updates are not available in upstream server or how we can configure downstream server to get updates from upstream server after we approve in downstream server.
What is your ultimate goal? Are you trying to alleviate bandwidth??
WSUS: How To Throttle BITS
http://blogs.technet.com/b/sus/archive/2008/06/30/wsus-how-to-throttle-bits.aspx
also look over
Best Practices with Windows Server Update Services 3.0
http://technet.microsoft.com/en-us/library/cc720525%28v=ws.10%29.aspx
WSUS: How To Throttle BITS
http://blogs.technet.com/b/sus/archive/2008/06/30/wsus-how-to-throttle-bits.aspx
also look over
Best Practices with Windows Server Update Services 3.0
http://technet.microsoft.com/en-us/library/cc720525%28v=ws.10%29.aspx
ASKER
We are going to reconfigure WSUS and want to confirm whether downstrem server will have the update download after the patches are approved in downstream server
1. Both servers are configured with the option "Download update files to this server only when updates are approved"
2. Downstream server is not configured as replica server.
I guess downstream server won't have download updates since upstream server won't have the updates until patches are approved in upstream server. So we have to uncheck the option "Download update files to this server only when updates are approved" in upstream server.
I just want which option should be enabled on both server.
1. Both servers are configured with the option "Download update files to this server only when updates are approved"
2. Downstream server is not configured as replica server.
I guess downstream server won't have download updates since upstream server won't have the updates until patches are approved in upstream server. So we have to uncheck the option "Download update files to this server only when updates are approved" in upstream server.
I just want which option should be enabled on both server.
Again, what is your main purpose of the second WSUS server? Bandwidth??
ASKER
We are going to use downstream server for only desktop patching and hand over to helpdesk team to do.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
^^ it wont matter if the upstream is configured to "Download update files to this server only when updates are approved" or not ^^
ASKER
It's correct.
What about unchecking the option "Download update files to this server only when updates are approved" in upstream server and configuring to synchronize the updates with upstream server..
Will it work ?
What about unchecking the option "Download update files to this server only when updates are approved" in upstream server and configuring to synchronize the updates with upstream server..
Will it work ?
· Download update files to this server only when updates are approved: If this is not checked then ALL updates which are synchronized are downloaded to the WSUS server. To minimize disk space requirements, this option should be checked. Note: Only use this option when you intend to approve all products and classifications that you have configured under Options – Products and Classifications.
http://blogs.technet.com/b/gborger/archive/2009/02/27/what-to-do-when-your-wsuscontent-folder-grows-too-large.aspx
http://blogs.technet.com/b/gborger/archive/2009/02/27/what-to-do-when-your-wsuscontent-folder-grows-too-large.aspx
so yes, it would work...just be sure to have ample space on upstream
ASKER
If this is the case, It's not a downstream server we can say and I can configure two seperate WSUS servers for servers and desktops..
Is it correct ?
Is it correct ?
Yes, or you could create "Target groups" <<Client side targeting and then use 2 group policies and 1(one) WSUS server