wsus registry backup

hi ive backed up wsus 3.0 sometime ago as per a previous thread where i received advice:

2013-04-17 at 16:58:01ID28100400

the below is what i backed up:

I carried out a single backup on the following and saved backup also in the d: drive as below:

system state - which includes
- boot files
- com + class registry files
- registry files

- c:\program files\update services
- c:\program files\windowsupdate
 - & systemstate
- c:\windows\softwaredistribution

d:\wsus - which holds the following:

- updateservicesdbfiles
- updateservicespackages
- wsuscontent

note: although my database is located on my 2nd d: partition, it is large enough so i have located my backup there also at least temporarily

question1.  as i have configured my wsus 3.0 for port: 8530 i will now backup all of the above as i wish to temporarily install exchange 2003 to use port: 80 on same machine and then do another backup of both wsus & exchange.  but if i had an issue and i then wished to remove exchange 2003 completely, would i do the following in that order:    ?

-  1st uninstall exchange 2003
-  2nd complete a (restore) to rewind it back back to just using (wsus)
- 3rd check the explorer and registry for any residual items that may have not fully uninstalled completely

question 2.  i only have 1 current backup of all of the above located on my d:\backup folder, so if i do another backup shall i select (incremental) so it integrates and adds new changes/updates to the same old previous backup or shall i just delete it and add a fresh new backup or shall i choose (differential)  and shall i also select (verify data after backup  ?
mikey250Asked:
Who is Participating?
 
SandeshdubeySenior Server EngineerCommented:
It is not recommend to have WSUS role on exchange server.Instead you can have another member server to have exchange role.

If you want to use exiting server for exchange uninstall the wsus role and configure Exchange.You can install new wsus server on member server or move wsus to new server as this:http://blogs.technet.com/b/sus/archive/2009/07/02/how-to-move-wsus-from-one-server-to-another.aspx

I normally prefer creating replica server of wsus and remove the primary server from network and point replica server to microsoft for update to make it primary.http://technet.microsoft.com/en-us/library/cc708511(WS.10).aspx
0
 
mikey250Author Commented:
hi,

yes i have been told that it is preferred wsus & exchange should not be together but was advised if i do that i should use port: 8530 during wsus install and leave port: 80 free.

note: it is only a temporary measure due to not having a spare server to separate.

question 1.  so i just want to know if my steps are correct or am i missing something else  ?

note:  currently my single master wsus member server is pointing to microsoft windows update and have no multiple wsus to do replica  ?

question 2.

ive read the 'replica' url and assumed the below means i cannot create my own gpo folders  ?

"a wsus server running in replica mode inherits the update approvals and computer groups created on its parent wsus administration server."  ?
0
 
SandeshdubeySenior Server EngineerCommented:
Yes you can change wsus port see this:http://social.technet.microsoft.com/Forums/systemcenter/en-US/8907dd07-8cc2-4aec-b542-d52e4691ba1e/how-to-change-port-settings-in-wsus

Wsus server running in replica mode inherits the update approvals and computer groups created on its parent wsus administration server."  ?  The answer is yes

I will recommend to avoid wsus and exchange to be on same server evn for testing.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
mikey250Author Commented:
"  i normally prefer creating replica server of wsus and remove the primary server from network and point replica server to microsoft for update to make it primary.http://technet.microsoft.com/en-us/library/cc708511(WS.10).aspx

currently my wsus is setup with gpo:

domain controller
members servers
win7
xp
isa2006

my updates have been installed as the above names match the (ou) located on my win 2003 master domain controller/dns/dhcp server - successfully.

question 1.  so if i set my wsus domain member server to point to microsoft windows update, then "you say i inherit the approvals and computer groups created on its parent", so what happens to my above (ou names above) ?
meaning from the microsoft windows update site as my wsus will become the (replica), but what about my above (ou) as above describes ?

i think i mis-understand you..!!

i was told sometime ago that by making my wsus the master wsus it will speed up the download to other servers or clients machines as all updates that i specifically required are already saved on a separate partition.  i then assumed if i wish to have multiple wsus servers...then i would add the mutiple servers and configure as replicas, but obviously with individual ip addresses - thats my understanding..

keep separate exchange & wsus - ok.
0
 
SandeshdubeySenior Server EngineerCommented:
You need to keep exchange and WSUS server seperate.Regarding the OU it is created in OU AD you just need to modify the group policy of WSUS to point to new server.Also once the replica server has dowmloaded update from new server by p[ointing to microsoft means it will download pathces from MS as your old server was doing and you can remove old wsus server role.If you have created groups in WSUS the same will be inherited in new server.

For Wsus group polic see this:http://technet.microsoft.com/en-us/library/cc720539(ws.10).aspx
0
 
mikey250Author Commented:
morning sandeshdubey,  i will keep separate my exchange and wsus!!

ok thankyou for the advice about replica!!!

question 1.  i would like to ask 1 more question regarding how to configure wsus for ssl but i cannot afford a 3rd party certificate so wanting to know also if win 2003 platform can create one automatically for my single domain .  if you can assist let me know and i will create a new thread  ?

note:  i have looked on experts exchange and google and found some info, but (not how to create a certificate without a 3rd party (if possible)  currently i installed my (master wsus) on port: 8530, and wish to leave on this port!
0
 
mikey250Author Commented:
i never got the exact answer i wanted regarding backup steps for (wsus & exchange 2003)as advice was to not install together which i have agreed currently not to do.  although the only reason was because i have not got enough machines to go around at the moment.  either way good advice so will allocate points accordingly!!

much appreciated!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.