Solved

wsus registry backup

Posted on 2013-11-11
7
392 Views
Last Modified: 2016-02-20
hi ive backed up wsus 3.0 sometime ago as per a previous thread where i received advice:

2013-04-17 at 16:58:01ID28100400

the below is what i backed up:

I carried out a single backup on the following and saved backup also in the d: drive as below:

system state - which includes
- boot files
- com + class registry files
- registry files

- c:\program files\update services
- c:\program files\windowsupdate
 - & systemstate
- c:\windows\softwaredistribution

d:\wsus - which holds the following:

- updateservicesdbfiles
- updateservicespackages
- wsuscontent

note: although my database is located on my 2nd d: partition, it is large enough so i have located my backup there also at least temporarily

question1.  as i have configured my wsus 3.0 for port: 8530 i will now backup all of the above as i wish to temporarily install exchange 2003 to use port: 80 on same machine and then do another backup of both wsus & exchange.  but if i had an issue and i then wished to remove exchange 2003 completely, would i do the following in that order:    ?

-  1st uninstall exchange 2003
-  2nd complete a (restore) to rewind it back back to just using (wsus)
- 3rd check the explorer and registry for any residual items that may have not fully uninstalled completely

question 2.  i only have 1 current backup of all of the above located on my d:\backup folder, so if i do another backup shall i select (incremental) so it integrates and adds new changes/updates to the same old previous backup or shall i just delete it and add a fresh new backup or shall i choose (differential)  and shall i also select (verify data after backup  ?
0
Comment
Question by:mikey250
  • 4
  • 3
7 Comments
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
Comment Utility
It is not recommend to have WSUS role on exchange server.Instead you can have another member server to have exchange role.

If you want to use exiting server for exchange uninstall the wsus role and configure Exchange.You can install new wsus server on member server or move wsus to new server as this:http://blogs.technet.com/b/sus/archive/2009/07/02/how-to-move-wsus-from-one-server-to-another.aspx

I normally prefer creating replica server of wsus and remove the primary server from network and point replica server to microsoft for update to make it primary.http://technet.microsoft.com/en-us/library/cc708511(WS.10).aspx
0
 

Author Comment

by:mikey250
Comment Utility
hi,

yes i have been told that it is preferred wsus & exchange should not be together but was advised if i do that i should use port: 8530 during wsus install and leave port: 80 free.

note: it is only a temporary measure due to not having a spare server to separate.

question 1.  so i just want to know if my steps are correct or am i missing something else  ?

note:  currently my single master wsus member server is pointing to microsoft windows update and have no multiple wsus to do replica  ?

question 2.

ive read the 'replica' url and assumed the below means i cannot create my own gpo folders  ?

"a wsus server running in replica mode inherits the update approvals and computer groups created on its parent wsus administration server."  ?
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 500 total points
Comment Utility
Yes you can change wsus port see this:http://social.technet.microsoft.com/Forums/systemcenter/en-US/8907dd07-8cc2-4aec-b542-d52e4691ba1e/how-to-change-port-settings-in-wsus

Wsus server running in replica mode inherits the update approvals and computer groups created on its parent wsus administration server."  ?  The answer is yes

I will recommend to avoid wsus and exchange to be on same server evn for testing.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:mikey250
Comment Utility
"  i normally prefer creating replica server of wsus and remove the primary server from network and point replica server to microsoft for update to make it primary.http://technet.microsoft.com/en-us/library/cc708511(WS.10).aspx "

currently my wsus is setup with gpo:

domain controller
members servers
win7
xp
isa2006

my updates have been installed as the above names match the (ou) located on my win 2003 master domain controller/dns/dhcp server - successfully.

question 1.  so if i set my wsus domain member server to point to microsoft windows update, then "you say i inherit the approvals and computer groups created on its parent", so what happens to my above (ou names above) ?
meaning from the microsoft windows update site as my wsus will become the (replica), but what about my above (ou) as above describes ?

i think i mis-understand you..!!

i was told sometime ago that by making my wsus the master wsus it will speed up the download to other servers or clients machines as all updates that i specifically required are already saved on a separate partition.  i then assumed if i wish to have multiple wsus servers...then i would add the mutiple servers and configure as replicas, but obviously with individual ip addresses - thats my understanding..

keep separate exchange & wsus - ok.
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 500 total points
Comment Utility
You need to keep exchange and WSUS server seperate.Regarding the OU it is created in OU AD you just need to modify the group policy of WSUS to point to new server.Also once the replica server has dowmloaded update from new server by p[ointing to microsoft means it will download pathces from MS as your old server was doing and you can remove old wsus server role.If you have created groups in WSUS the same will be inherited in new server.

For Wsus group polic see this:http://technet.microsoft.com/en-us/library/cc720539(ws.10).aspx
0
 

Author Comment

by:mikey250
Comment Utility
morning sandeshdubey,  i will keep separate my exchange and wsus!!

ok thankyou for the advice about replica!!!

question 1.  i would like to ask 1 more question regarding how to configure wsus for ssl but i cannot afford a 3rd party certificate so wanting to know also if win 2003 platform can create one automatically for my single domain .  if you can assist let me know and i will create a new thread  ?

note:  i have looked on experts exchange and google and found some info, but (not how to create a certificate without a 3rd party (if possible)  currently i installed my (master wsus) on port: 8530, and wish to leave on this port!
0
 

Author Closing Comment

by:mikey250
Comment Utility
i never got the exact answer i wanted regarding backup steps for (wsus & exchange 2003)as advice was to not install together which i have agreed currently not to do.  although the only reason was because i have not got enough machines to go around at the moment.  either way good advice so will allocate points accordingly!!

much appreciated!!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now