Solved

WSUS question

Posted on 2013-06-20
9
296 Views
Last Modified: 2016-02-20
I administer 2 SBS 2008 networks for 2 different companies. These servers were installed about 2 years ago and are running ok. I noticed on one server that the c:\wsus folder has got about 45gigs of files in it and started looking into why this would be.

it's my inexperience, but I had never heard of WSUS and I have never been in there to configure anything. So now In the WSUS console I can see there are 1000's of updates that apparently need approving. I am confused by this because my client pcs are all installing updates and they are all listed in WSUS.

So I need to know if I need to do anything here? Do I need to approve these updates (many of which are listed as being superceeded). And if wsus doesn't deploy updates until they are approved, how come my clients install updates?
0
Comment
Question by:TownTalk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39262013
unless you do not approve hotfix they will not get installed on the client machine.

if wsus folder size is reach mode than 30gb then you will face problem for cleaning up.
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39262020
if clients are getting updated without wsus that means they are downloading patches themself.. you need to verify if your clients are really pointing wsus server.. or they are really getting updated ?

check following registry key in client it will show wsus server name

HKLM\SOFTWARE\Policies\Windows\WindowsUpdate\WUServer and HKLM\SOFTWARE\Policies\Windows\WindowsUpdate\WUStatusServer
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39262021
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:TownTalk
ID: 39262050
I checked 4 pc's and they all have http://SERVERNAME:8530 in those keys and the users all concur that they see updates being installed sometimes when they shut down. I have never approved an update. So what is happening here? and what do I do now? Do i need to approve all these updates?
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39262056
if they are pointing correct server then verify group policy for auto update..

what setting you have kept  for auto update?

http://technet.microsoft.com/en-us/library/cc720539%28v=ws.10%29.aspx
0
 

Author Comment

by:TownTalk
ID: 39262086
Again, this is something I have never touched.....

In group policy the setting to "Specify intranet microsoft update service location" is not configured. and "Enabled client side targetting" is not configured. In fact the only option which is configured is to  configure automatic updates.

So I assume now that the client machines are ignoring those registry keys you initially mentioned, and are downloading updates for themselves. Actually I prefer it this way. I would rather not use WSUS. So what next?
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39262095
if you do not want to use WSUS then just remove that from network
0
 
LVL 22

Accepted Solution

by:
Haresh Nikumbh earned 500 total points
ID: 39262100
0
 

Author Closing Comment

by:TownTalk
ID: 39262166
Ok thanks for your help. I will get it sorted now.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008. You will need the following: Exchange Best Practice Analyzer: http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-…
The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question