Windows computers connection to WSUS server

Use group policy to define your WSUS server and how you want windows update to behave and it will propagate to all servers in the OU you apply the policy to.

http://technet.microsoft.com/en-us/library/cc720539%28v=ws.10%29.aspx

- Ok...I guess for all computers to report to WSUS , I need to link a GPO to the the domain and all I need in the Policy settings is to enable  "Specify Intranet Microsoft Update service Location" and type "Http://myWSUSserver.domainname.local"
Correct?

- Now after all computers show up in WSUS console in "All computers" I can move them to  specific groups (assuming I have already created groups in WSUS console).
correct ?

- Now how do I set up GPOs for each WSUS group from GPMC, since in our AD we have all servers  under OU named  ServerOU.?

- in My environment I need to deploy just OS related updates no application updates such as SQL or Exchange or Sharepoint. I know when you install WSUS server , the wizard will give you option to select which updates the WSUS will lookup for and download from Microsoft. In my case the WSUS server is already install, so how do I go back and select/deselect the updates that I want my WSUS server to lookup for ?

Thank you

Servers are already in one OU and have some other GPOs linked to that OU, this is why I do not want to put them in separate OUs that correspond to WSUS groups.


I do not understand what you said here:

<<if you have 1 OU and want multiple wsus groups to organize, then leave it blank and you can manage manually in the console>>

what should I leave blank ? and  how can I manage that manually in the WSUS console.?

If I understand you, I need to select an update and deploy it to a WSUS group, that might make sense, but how to schedule it and tell it restart after the updates have been installed at certain time without GPO?

Thanks

when you change the settings in the GPO, you are specifying all for that OU go in that one wsus group.  for example, if things were geographically dispersed and you had an OU for each physical site, you could match that in wsus by having corresponding groups then just define in the GPO for each site.  in your case they are all in one OU so specifying a group in wsus will put in the same group but you can move after.

or, just do it manually (easier if you don't have a lot to manage) by right clicking on a computer and move to a different group

I understand that I can move computers manually from "All Computers" group in WSUS console to specific groups in WSUS console.

However, if I want to set up specific GPOs settings for each group, then how can I do that in GPMC without creating separate OUs in AD that correspond to WSUS groups and create GPOs settings for MS Updates to be applied to computers in each OU.?

So , My plan is after creating separate groups in WSUS, for instance:

Sunday Reboot
Wednesday Reboot
...
...
etc..

How can I set up GPO when having all my servers in one OU in Active Directory ?

Thanks

Then how do you schedule your WSUS groups to download and install updates at different times.

for instance :
Group1 : schedule them to install updates/reboot on Saturday 3 am
Group2 : schedule them to install updates/reboot on sunday 2 am
etc...

GPO By security groups may do it...Thanks