I have a question on WSUS and GPOs
Created servers –OU and desktop OU
Created two GPO for server and desktop and link them to each OU.
For the server- to download but not reboot the server.
For the desktop- download and install
Went into WSUS
Use group policy
Does this do the job, I do not see serversOU and desktop OUs in the wsus.
Only see all computers and unassigned computers. I expect the servers and Desktop OUs to populate in the WSUS so I can approve the patches.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ivano ViolaSystem AdministratorCommented:
You need to create the groups in WSUS. Right-click on All Computers and select "Add computer group".

These are the settings you need to look at in Group Policy. Target Group Name is where you link it to the WSUS group.

Hope this helps.

GP Settings
pdsmicroAuthor Commented:
thank you for your help .i did create  a group in WSUS and it did not come to AD .
Ivano ViolaSystem AdministratorCommented:

I just want to confirm when you say "...and it did not come to AD". The computers should already be in an OU in AD. You apply the two group policies to the respective OUs.
Server OU should contain the server computers
Desktop OU should contain the desktops
Now on the Server OU (and desktop OU) you should have a group policy applied. The settings contained in the GP should be set under Computer Configuration, not User.
Target group name for this computer should match the computer group you created in WSUS. This is where the computers will added to.

Groups WSUS
If you make any changes to the GP you will need to run gpupdate /force from the command line for the computer to update.

10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

You need to have Client-side targeting enabled and in that option you specify the target group you created in WSUS.  If this is not configured or if the name doesn't match exactly to the group name this will not work.
Ivano ViolaSystem AdministratorCommented:
Yep, exactly as shown in the policy image above.

pdsmicroAuthor Commented:
Sorry guys, I am bit slow of understand anything.
I create OU on AD called server
Then move all server to that
Create GP and link to that
Come to WSUS
Create a computer group called server exactly same name as in the AD.
Enable client side targeting for group
Am I correct?
Yes you are.
Your GPO needs to have client side targeting enabled, in addition to need to have Specify an intranet Microsoft update service location enabled, and that needs to point to your WSUS server in the format http://wsusServerName.  This will tell your servers what WSUS server they are supposed to connect to and what group to go into when they connect to that server.

My WSUS GPO looks like this when editing it.
You could always manually assign the computers to a group, bearing in mind that you only need one group in wsus, because GP controls the download/installation schedules

the only reason for separating in WSUS is to assign some updates to one group and not to another, and even then they are separated to some extent by the SKU of the OS

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pdsmicroAuthor Commented:
Thank you all
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.