Solved

Windows Updates throuh GPO

Posted on 2013-06-26
4
273 Views
Last Modified: 2013-08-07
We have a GPO configure which points to our WSUS Server for clients to receive updates on there computers ...

How do i configure my GPO so that if a Computer cannot contact the WSUS Server, then it should directly download the updates from Microsoft.

This is for our remote users who are out of office usually months a t a time
0
Comment
Question by:oasisuk
4 Comments
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 39278730
You would have to configure a second WSUS server that is configured to *NOT* store updates locally.  Then point these clients to that WSUS server. Then when they are connected to the network they will get their approvals and will always download from Microsoft.
0
 
LVL 17

Expert Comment

by:Mike T
ID: 39282952
Hi,

For WSUS 3 only you can configure the following GPO as described here.
The down-side is I think it would be an all or nothing affair with no control over approvals, i.e. what patches get installed.

A workaround as the expert mentions, is to configure another WSUS but it's then two servers to manage and could get messy.


Note, for WSUS 2 I will quote Lawrence Garvin a WSUS MVP
"There is no facility for either/or, or a 'fallback' scenario in WSUS v2.

 The best you can do is disable the policy "Specify intranet Microsoft update
 service location", which will force those clients to use "Automatic Updates"
 for the duration of their absence. In that scenario, they will obtain and
 install ALL critical and security updates. You will have no ability to choose
 which updates are installed."

Mike
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Add users from one Domain to Security Group in different Domain 8 62
question about Wallet Ramsomware Plus administrative Tools 4 32
SpaceMonger Issue 4 32
BgInfo help 5 54
Normally after a failure of Domain Controller, when promoting new DC the DC is renamed, we will discuss the options in Dcpromo to re-create the DC with the same name. Scenario: You are a small IT shop with two Domain Controllers (Domain Contr…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question