OU group for computers in Active Directory not getting policy for WSUS updates

lawsupport
lawsupport used Ask the Experts™
on
I have some OU groups in active directory for diffrent types of operating systems in our network. Upon coming to this company there was a OU for vista and windows 7 workstations. I created an OU for windows 7 64bit and added workstations to that group. I went into group policy management on the DC and added a security group called Windows 7 64bit that has all my win 7 64 bit work stations to the WSUS group policy. Basically I copied the same settings from the vista and win 7 32bit groups. However the windows 7 64bit group will not get their updates from the WSUS server and instead continue to go to the internet for them. Any suggestions? Do i need to look at the WSUS server for some additional configuration?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
I have ran the Wuauclt /detectnow command several times.
remmett70Network Manager

Commented:
First, is there a reason to separate the 64bit from 32bit Win 7 machines by OU?  One good practice with AD is simplicity.  Don't make extra OU's without a good reason.


Have you verified, that the GPO that is applying the update settings is linked to the Win7 64 OU?  Why did you add a security group with the computers?
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Author

Commented:
I dont know if I have a good reason. lol Its just we have one for every OS in our environment. Maybe I just wondered if in the future I would have a issue if for some reason I had to isolate the 64bit work stations. I believe I had a security group set up since i saw a security group in all the other OU's.
remmett70Network Manager

Commented:
Is client side targeting configured in the GPOs?  If not a single GPO linked to all OU's containing computers should work.
Found the problem was that i did not have the correct gpo linked to that OU AND the reason for the security groups was we did not have authenticated users added to the policy security. Now that we added the authenticated users we do not need the security group membership. Do not know why it was setup like that, so i just went along with it. And for the record we needed the two seperate OU containers since we have drivers pushed out for 64 bit systems for dictation hardware.

Author

Commented:
Solved problem with the help of microsoft support call.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial