Hi @SYS ADM ,
Thanks for your posting on Q&A.
Please help reconfirmation. The computers pointed to the WSUS02 to get the approved updates in your environment. Am I right?
A WSUS server running in replica mode inherits the update approvals and computer groups created on an administration server. So we have to approve the required updates on the WSUS01 first and then the WSUS02 could sync approved updates from WSUS01 successfully.
According to the configuration of the group policies, the computers will scan updates from WSUS02 and download and install the required updates from the Internet.
Please review this link to know more about the WSUS in Replica mode. Please ignore it if you have already known.
Here are some comments for your questions:
Is this configuration correct?
Depends on your needs. Please choose a deployment that works for your environment.
Why do I get updates in the updates tab of WSUS02? Nothing should appear if the WSUS01 does that task, right?
In fact, there are two types of the update files when we use the WSUS server to deploy updates for the clients, metadata(shown on the WSUS console) and Binary update files(use to install on the clients). We have to approve the metadata and then we could get the Binary update files. But the replica WSUS server could not approve updates. So we have to approve the updates on the upstream WSUS and then sync the approved updaets on the downstream WSUS.
Please don't hesitate to inform me if you have any questions.
Regards,
Rita
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.