WSUS question
I administer 2 SBS 2008 networks for 2 different companies. These servers were installed about 2 years ago and are running ok. I noticed on one server that the c:\wsus folder has got about 45gigs of files in it and started looking into why this would be.
it's my inexperience, but I had never heard of WSUS and I have never been in there to configure anything. So now In the WSUS console I can see there are 1000's of updates that apparently need approving. I am confused by this because my client pcs are all installing updates and they are all listed in WSUS.
So I need to know if I need to do anything here? Do I need to approve these updates (many of which are listed as being superceeded). And if wsus doesn't deploy updates until they are approved, how come my clients install updates?
it's my inexperience, but I had never heard of WSUS and I have never been in there to configure anything. So now In the WSUS console I can see there are 1000's of updates that apparently need approving. I am confused by this because my client pcs are all installing updates and they are all listed in WSUS.
So I need to know if I need to do anything here? Do I need to approve these updates (many of which are listed as being superceeded). And if wsus doesn't deploy updates until they are approved, how come my clients install updates?
if clients are getting updated without wsus that means they are downloading patches themself.. you need to verify if your clients are really pointing wsus server.. or they are really getting updated ?
check following registry key in client it will show wsus server name
HKLM\SOFTWARE\Policies\Win
check following registry key in client it will show wsus server name
HKLM\SOFTWARE\Policies\Win
for cleanup you can refer below link
https://www.experts-exchange.com/questions/28158988/WSUS-Update-folder-on-Server-2008-to-large.html
http://wsus.codeplex.com/releases/view/17612
https://www.experts-exchange.com/questions/28158988/WSUS-Update-folder-on-Server-2008-to-large.html
http://wsus.codeplex.com/releases/view/17612
ASKER
I checked 4 pc's and they all have http://SERVERNAME:8530 in those keys and the users all concur that they see updates being installed sometimes when they shut down. I have never approved an update. So what is happening here? and what do I do now? Do i need to approve all these updates?
if they are pointing correct server then verify group policy for auto update..
what setting you have kept for auto update?
http://technet.microsoft.com/en-us/library/cc720539%28v=ws.10%29.aspx
what setting you have kept for auto update?
http://technet.microsoft.com/en-us/library/cc720539%28v=ws.10%29.aspx
ASKER
Again, this is something I have never touched.....
In group policy the setting to "Specify intranet microsoft update service location" is not configured. and "Enabled client side targetting" is not configured. In fact the only option which is configured is to configure automatic updates.
So I assume now that the client machines are ignoring those registry keys you initially mentioned, and are downloading updates for themselves. Actually I prefer it this way. I would rather not use WSUS. So what next?
In group policy the setting to "Specify intranet microsoft update service location" is not configured. and "Enabled client side targetting" is not configured. In fact the only option which is configured is to configure automatic updates.
So I assume now that the client machines are ignoring those registry keys you initially mentioned, and are downloading updates for themselves. Actually I prefer it this way. I would rather not use WSUS. So what next?
if you do not want to use WSUS then just remove that from network
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok thanks for your help. I will get it sorted now.
if wsus folder size is reach mode than 30gb then you will face problem for cleaning up.