Solved

WSUS question

Posted on 2013-06-20
9
292 Views
Last Modified: 2016-02-20
I administer 2 SBS 2008 networks for 2 different companies. These servers were installed about 2 years ago and are running ok. I noticed on one server that the c:\wsus folder has got about 45gigs of files in it and started looking into why this would be.

it's my inexperience, but I had never heard of WSUS and I have never been in there to configure anything. So now In the WSUS console I can see there are 1000's of updates that apparently need approving. I am confused by this because my client pcs are all installing updates and they are all listed in WSUS.

So I need to know if I need to do anything here? Do I need to approve these updates (many of which are listed as being superceeded). And if wsus doesn't deploy updates until they are approved, how come my clients install updates?
0
Comment
Question by:TownTalk
  • 6
  • 3
9 Comments
 
LVL 21

Expert Comment

by:Haresh Nikumbh
Comment Utility
unless you do not approve hotfix they will not get installed on the client machine.

if wsus folder size is reach mode than 30gb then you will face problem for cleaning up.
0
 
LVL 21

Expert Comment

by:Haresh Nikumbh
Comment Utility
if clients are getting updated without wsus that means they are downloading patches themself.. you need to verify if your clients are really pointing wsus server.. or they are really getting updated ?

check following registry key in client it will show wsus server name

HKLM\SOFTWARE\Policies\Windows\WindowsUpdate\WUServer and HKLM\SOFTWARE\Policies\Windows\WindowsUpdate\WUStatusServer
0
 
LVL 21

Expert Comment

by:Haresh Nikumbh
Comment Utility
0
 

Author Comment

by:TownTalk
Comment Utility
I checked 4 pc's and they all have http://SERVERNAME:8530 in those keys and the users all concur that they see updates being installed sometimes when they shut down. I have never approved an update. So what is happening here? and what do I do now? Do i need to approve all these updates?
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 21

Expert Comment

by:Haresh Nikumbh
Comment Utility
if they are pointing correct server then verify group policy for auto update..

what setting you have kept  for auto update?

http://technet.microsoft.com/en-us/library/cc720539%28v=ws.10%29.aspx
0
 

Author Comment

by:TownTalk
Comment Utility
Again, this is something I have never touched.....

In group policy the setting to "Specify intranet microsoft update service location" is not configured. and "Enabled client side targetting" is not configured. In fact the only option which is configured is to  configure automatic updates.

So I assume now that the client machines are ignoring those registry keys you initially mentioned, and are downloading updates for themselves. Actually I prefer it this way. I would rather not use WSUS. So what next?
0
 
LVL 21

Expert Comment

by:Haresh Nikumbh
Comment Utility
if you do not want to use WSUS then just remove that from network
0
 
LVL 21

Accepted Solution

by:
Haresh Nikumbh earned 500 total points
Comment Utility
0
 

Author Closing Comment

by:TownTalk
Comment Utility
Ok thanks for your help. I will get it sorted now.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now