WSUS GPO issues
Hello Experts,
I have a client who is struggling with a GPO that pushes updates to computers from a WSUS server. They don’t have SCCM in place, and that is not an option now. They are using WSUS 3.0 SP2.
The WSUS GPO isn’t working. They checked the settings and were able to see the GPO settings by running gpedit.msc on the workstation and we saw that the enable client-side targeting didn’t change.
This GPO is linked to an OU named XXXX. The GPO has been forced to all computers. None of the computers is receiving the updates. After running GPOresult we can see that the GPO is being applied, but for some reason updates are not applied to workstations even if you force the GPO, and enable client-side targeting [is not accepting the changes]
Can someone please indicate step-by-step to resolve a GPO that involves a WSUS 3.0 SP2 server and laptops? Please provide instructions step-by-step from client side and server side
Forest/domain functional level is 2008 R2
Please see screenshot below
Screen-Shot-WSUSError.png
I have a client who is struggling with a GPO that pushes updates to computers from a WSUS server. They don’t have SCCM in place, and that is not an option now. They are using WSUS 3.0 SP2.
The WSUS GPO isn’t working. They checked the settings and were able to see the GPO settings by running gpedit.msc on the workstation and we saw that the enable client-side targeting didn’t change.
This GPO is linked to an OU named XXXX. The GPO has been forced to all computers. None of the computers is receiving the updates. After running GPOresult we can see that the GPO is being applied, but for some reason updates are not applied to workstations even if you force the GPO, and enable client-side targeting [is not accepting the changes]
Can someone please indicate step-by-step to resolve a GPO that involves a WSUS 3.0 SP2 server and laptops? Please provide instructions step-by-step from client side and server side
Forest/domain functional level is 2008 R2
Please see screenshot below
Screen-Shot-WSUSError.png
Cliff Galiher
Client side targeting requires that you set a group name via GPO *and* that you enable it in the WSUS console. Otherwise the WSUS server will simply ignore the group name that the client claims to be a member of.
Ensure you have correct configuration on GPO, not only client-side targeting. You must configure clients to use this WSUS instead of Windows update, how and when updates will applied...: http://technet.microsoft.com/en-us/library/cc720539(v=ws.10).aspx
According to your screenshot it looks like you are trying to configure from the "Local Computer Policy"
You should be using the "Group Policy Management" console
You should be using the "Group Policy Management" console
i agree with the comments above also are you sure all your PC's have different SSID?
ASKER
Hi Cliff,
Can you please provide additional information about your statement? Step-by-step instructions
Client side targeting requires that you set a group name via GPO *and* that you enable it in the WSUS console. Otherwise the WSUS server will simply ignore the group name that the client claims to be a member of.
Are you confident that by creating that group and enabling in the WSUS console will fix the issue?
Can you please send also instructions step by step to create the new GPO and distribute all patches via WSUS for a windows 2008 R2 domain?
Anyone, your feedback is highly appreciated
Can you please provide additional information about your statement? Step-by-step instructions
Client side targeting requires that you set a group name via GPO *and* that you enable it in the WSUS console. Otherwise the WSUS server will simply ignore the group name that the client claims to be a member of.
Are you confident that by creating that group and enabling in the WSUS console will fix the issue?
Can you please send also instructions step by step to create the new GPO and distribute all patches via WSUS for a windows 2008 R2 domain?
Anyone, your feedback is highly appreciated
ASKER
Any updates on my last question please? need a feedback ASAP
I don't give "step by step." I happily give advice, but I also do I.T as a career. If someone doesn't have some basic knowledge and needs more than advice, they should pay a skilled consultant. You'll find most experts here are similarly minded.
You also might want to respond to the other experts comments in this thread that are trying to help as well.
ASKER
Ok, let me rephrase my question,
Are you confident that by creating a group in AD and then enabling that group in the WSUS console will fix my issue?
No need to send step-by-step instructions. Thanks for your honesty.
Are you confident that by creating a group in AD and then enabling that group in the WSUS console will fix my issue?
No need to send step-by-step instructions. Thanks for your honesty.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.