Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

WSUS Server Setup

Posted on 2014-03-25
3
Medium Priority
?
405 Views
Last Modified: 2016-02-20
I have WSUS server (WSUS01) at our data center. it works nice as far as having the member servers report to the WSUS server. currently, no patches are being deployed by this system. Group policy is configured on the our domain to point the member servers to WSUS01 but to not download/install any patches.

I would like to setup a patch management which is to manage updates by environment according to a regular schedule. Patches would need to be successfully tested in DEV environment before it gets approved for UAT, and then needs to be successfully tested in UAT before it gets approved for PROD.

I am not sure at all that how it is possible, as this may require some of the GPO Profiles for each division. Also, we need to setup the process for approving updates for Each division via WSUS.


Can anyone please help me get step by step guide to accomplish this or in case any Free 3rd Party application is available which can meet my requirement, i wouldn't mind to give it a try.
0
Comment
Question by:Vikas Shah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 18

Accepted Solution

by:
Sushil Sonawane earned 501 total points
ID: 39952942
You have create a UAT environment for windows patches testing then deploy on proudcation environment.

OR

1) Create a UAT OU in your AD and add 2 machine from every department in UAT OU.
2) Step up another UAT WSUS server in you producation  environment.
3) Configured group policy pointing  to new WSUS  for windows patches for UAT OU.
4) After testing your patches UAT OU machine then download as per your requirement patches on your live WSUS server and deploy on producation environment.
0
 
LVL 3

Assisted Solution

by:SandeepWalve
SandeepWalve earned 501 total points
ID: 39952947
1 You can manually create groups in the WSUS like DEV, UAT and PROD to add servers manually in it by yourself.

2 You can create three different GPO each pointing to add system in above Groups at WSUS Level, but the decision on policy apply need to be done through OU. So you have to create OU and put them servers in correct OU where proper policy is applied etc.

Later you can approve the patches on DEV first. Do patching, if successful then approve same level of patches on UAT, do application testing. And finally approve it for PROD and finish it through.
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 498 total points
ID: 39953588
You would be configuring what's called Client Side Targeting.

Good Example here

http://prajwaldesai.com/how-to-configure-client-side-targeting-in-wsus/
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question