Cache Windows Update on Windows Server 2003

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Software

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

Q and A Cache Windows Update on Windows Server 2003, Help

views

sanjayws	Jan 13 2009, 04:56 PM Return to original view \| Post #1
J@Y Junior Member 359 posts Joined: Jun 2008 From: Selangor	QUOTE(vNistelrooy @ Jan 13 2009, 11:12 AM) ok Dark8870, i already installed WSUS on the server..but im having some problems adding the client computers..from MMC help: "You can configure one or more computers by including them in a Group Policy object (GPO). Microsoft recommends that you create a new GPO that contains only Windows Server Update Services (WSUS) settings. Link this WSUS GPO to an Active Directory container appropriate for your environment. In a simple environment, you link a single WSUS GPO to the domain. In a more complex environment, you might link multiple WSUS GPOs to different organizational units (OUs)." i started gpedit.msc on d server, but the domain ctlr is on another server..dats y i suppose it says "Link this WSUS GPO to an Active Directory container appropriate for your environment" Is it? Your clients would need to be configured as WSUS clients, check this out...http://technet.microsoft.com/en-us/library/cc720520.aspx IMHO, WSUS is a fairly bloated and complex solution to "cache" WU downloads...
Card PM	Report Top Like Quote Reply

sanjayws	Jan 14 2009, 01:17 PM Return to original view \| Post #2
J@Y Junior Member 359 posts Joined: Jun 2008 From: Selangor	QUOTE(vNistelrooy @ Jan 14 2009, 10:42 AM) ok thanks sanjayws, i will read it..one q, if clients have been configured to check on updates on a local server, what happens when they go outside..any special config required? Several options: 1. VPN back into your HQ where the WSUS is at 2. Publish your WSUS through the internet (you must configure split head dns <--google that) so that from inside the network and outside the network the name is the same 3. Tell them to regularly run update.microsoft.com Cheers
Card PM	Report Top Like Quote Reply

sanjayws	Jan 15 2009, 01:32 AM Return to original view \| Post #3
J@Y Junior Member 359 posts Joined: Jun 2008 From: Selangor	QUOTE(ah_chak @ Jan 15 2009, 01:20 AM) I've tried WSUS, it's pretty much a complicated procedure. I ended up using ISA as my main router and enable cache for the updates in the built-in proxy in the ISA Server. No configurations need to be done from the client side. That's the beauty of it. Yes yes yes, ISA Server 2004 and UP has this...cool...you should post screenies of what you've done for the benefit of the question. Sanjay Added on January 15, 2009, 1:37 am QUOTE(vNistelrooy @ Jan 14 2009, 03:02 PM) i already have point2point vpn, guess that shud work..i look into it afterwards.. rite now my clients wont appear in d wsus computer list.. d wsus is installed on a separate server than dc, so on the gpo, i used d one on d dc..in d gpo, Specify "intranet Microsoft update service location: i entered wsus ip.. also forced the policy to refresh, then run a force client detection "wuauclt.exe /detectnow" still not detected on d wsus server..any suggestions? Please send us your windowsupdate.log in the clients that fails. I suspect your GPO settings are not correct, also post them here. Also, play around with this tool and see if it helps Its a WSUS client diagnostic tool.: http://download.microsoft.com/download/9/7...stic%20Tool.EXE This post has been edited by sanjayws: Jan 15 2009, 01:40 AM
Card PM	Report Top Like Quote Reply

sanjayws	Jan 17 2009, 11:59 AM Return to original view \| Post #4
J@Y Junior Member 359 posts Joined: Jun 2008 From: Selangor	Good to know things are working out. Yes you can use IP but i encourage name as IP becomes difficult to muck around incase you change design/ip or use within VPN etc.. Fine tuning can be accessed here: http://technet.microsoft.com/en-us/library/cc720525.aspx ISA Server 2004/2006 is microsoft's offering for an application layer firewall and proxy. One of the features includes caching Windows Update (and that's right off ISA 2006). It can replace your firewall today or act as secondary or proxy server within your network, suggest you check out http://www.microsoft.com/forefront/edgesec...us/default.aspx. IMHO, ISA Server is one of the most secure pieces of codes that came outta Redmond ...ole ISA!... Good luck J QUOTE(vNistelrooy @ Jan 15 2009, 10:56 AM) ok sanjay, will post it later.. Added on January 16, 2009, 10:38 amsanjay, after running the wsus diag on my pc, i got the following error: VerifyWUServerURL() failed with hr=0x80072ee6 The URL does not use a recognized protocol after googled the above, found that i have to include the entire domain name for wsus gpo.. after refreshing the policy and forced detection on my pc, here's d result: UseWuServer is enabled. . . . . . . . . . . . . . . . . PASS WUServer & WUStatusServer do not Match. . . . . . . . . FAIL Connection to server. . . . . . . . . . . . . . . . . . PASS SelfUpdate folder is present. . . . . . . . . . . . . . PASS and now alot of computers showing up in d update services console.. i used ip for intranet update service and server name for intranet update statistics..is this ok? Added on January 16, 2009, 5:45 pmthink i solved it, by giving the same name on WUserver and WUstatusserver.. now i have to do some fine tuning..any advice is appreciated.. and also can you elaborate on the ISA svr 2004?
Card PM	Report Top Like Quote Reply

« Next Oldest · Software · Next Newest »

Add Reply Options

Change to:

0.0155sec

0.81

6 queries

GZIP Disabled
Time is now: 24th December 2025 - 01:45 PM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.