Hello staypuft-3072,
Thank you for posting on Q&A.
In order to for me research further, please help to provide the following information:
- The 1% servers are disconnected to the Internet. Is it right?
- Did the 1% servers joined in the domain? Whether the 1% servers are connected to the WSUS Server or not.
In my opinion, the 1% servers which want to get updates from WSUS have to be pointed to the WSUS Server. We could apply the following policy on the 1% to point to the WSUS server.
(Policy Path: Group Policy Management Editor\Policies\Administrative Templates\Windows Components\Windows Update)
If the 1% are in the domain, we could apply the domain Group Policy to points the servers to the WSUS server.
If the 1% are in the workgroup, we could apply the local Group Policy to point the servers to the WSUS server.
In addition, we could use the SSMS tool to connect to the database and manage the database. If the tool not be installed on your environment, it is recommended to install it first. Here is a link for your reference to download this tool.
Regards,
Rita
If the response is helpful, please click "Accept Answer" and upvote it.