Share via

WSUS - group policy - mutiple downstream servers

steck35 81 Reputation points
2022-08-08T13:50:57.367+00:00

I am interested in getting a WSUS server set up for my organization. My organization is spread out over an entire state so I probably need to have a couple downstream servers that point to the upstream server. What is the best way to handle multiple downstream servers within Group Policy? Would OU's based off region be the route to go so that clients point to the nearest server?

Windows for business | Windows Server | User experience | Other
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments
Accepted answer
  1. Philippe Levesque 5,836 Reputation points
    2022-08-08T14:16:49.4+00:00

    The simpliest mode is by configuring GPO to target the site the user is in currently. As we know user can move, so that way the server the user will use will be always the nearest for him.

    At your head office you use a WSUS server for downloading the patch and approval, and in other site, where needed, you use WSUS server in replica mode.

    To have that work in Active Directory and Site make sure all your site are configured. After that you link the correct server by site. See there for an example

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,931 Reputation points
    2022-08-09T07:28:52.547+00:00

    Hi there,

    WSUS should run on a dedicated server, meaning the server will not run any other applications except IIS, which is required.

    After you install the Windows Server Update Services (WSUS) server role on your server, you need to properly configure it. You also need to configure your client computers to receive their updates from the WSUS server.

    This article walks you through the following procedures: Configure WSUS https://learn.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus

    -------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments
  2. Amandayou-MSFT 11,156 Reputation points
    2022-08-09T09:10:07.343+00:00

    Hi @steck35 ,

    As per my experience, there might not be the suitable method that clients point to the nearest server autmatically in WSUS, unless we could change the GPO automatically.

    It is recommended that we use SCCM to realize it. It could use boundary group to automatic site assignment, here is the related article, just for reference:
    https://learn.microsoft.com/en-us/mem/configmgr/core/servers/deploy/configure/boundary-groups

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.