Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Saturday, November 13, 2010 10:43 PM
Is it possible to approve updates via WSUS (or another MS product such as SCOM) but configure the client to download the updates from Microsoft's Windows Update site? With 99% of users being remote, goal is to control the updates that are installed, but not use our corporate internet pipe for downloading updates.
Thanks!
All replies (5)
Monday, November 15, 2010 3:10 PM âś…Answered | 2 votes
Is it possible to approve updates via WSUS ... but configure the client to download the updates from Microsoft's Windows Update site?
Absolutely. This is a fundamental feature of WSUS. You achieve this by configuring the WSUS server to NOT have a local content store, and this forces the client systems to download content directly from Microsoft.
This is discussed in the section Determine Where to Store WSUS Updates in the WSUS Deployment Guide.
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2010)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com
Monday, November 15, 2010 4:46 PM
Thanks Lawrence!
Friday, February 5, 2016 10:11 PM
Is it possible to do both? I want some locations to utilise their local, fast Internet connections for the download, but other sites have to go through the WAN or are on the same site as the main WSUS server,and should just get their updates internally.
Can that be configured? Do I have to install another WSUS instance somewhere so I can point different sites/clients to each?
Saturday, February 6, 2016 6:14 AM | 1 vote
Is it possible to do both? I want some locations to utilise their local, fast Internet connections for the download, but other sites have to go through the WAN or are on the same site as the main WSUS server,and should just get their updates internally.
Can that be configured? Do I have to install another WSUS instance somewhere so I can point different sites/clients to each?
A single WSUS can only have one update-storage configuration. (i.e. you can't have some clients use get-from-WSUS and some clients get-from-web)
But, you can have a hierarchy of WSUS servers, and each server can have its own update-storage config.
In that scenario, you should be able to manage groups + approvals on the upstream server which would cascade down to the downstream server (if you have set the downstream server to be a replica server).
Then, all you need to do is to configure the clients at the remote sites with the relevant WUServer it should use.
Don [doesn't work for MSFT, and they're probably glad about that ;]
Saturday, February 6, 2016 7:28 PM
Thanks Don. That's what I figured. I'll see how that goes..