locked
Rolling out WSUS updates in chunks? RRS feed

  • Question

  • Hi guys,

    My organization had a WSUS server that haven't been maintained at all and I was given the task to take over. The problem is that thousands of updates are unapproved and there are several hundreds of computers that need to be patched. I am thinking it is not a good idea to approve many updates all at once since it can slow down the network and client computers. What would you guys suggest I do in terms of making sure all updates are approved and pushed to client computers in timely manner?

    Thank you :)

    Steve


    Thursday, October 29, 2015 4:46 PM

Answers

  • 1. Start with cleaning. I mean management of updates that are no m ore needed.

    2. Look into logs and solve errors and warnings.

    3. Analyze WindowsUpdate.log

    4. Read WSUS operational guides.

    M.

    • Marked as answer by loss4words83 Friday, October 30, 2015 1:21 PM
    Thursday, October 29, 2015 6:08 PM
  • wsus may present all the outstanding updates to your clients but the windows update agent will not try to install them all at once. it will do as many as possible until reboots and other update dependencies get in the way, at which point the next batch will address them

    in terms of performance, downloading all those updates once you approve them will surely take a toll on your internet connection to the wsus server, but distributing the updates to the clients should not cause major network issues as BITS will try to do this in the background at low-peak times

    • Marked as answer by loss4words83 Friday, October 30, 2015 1:21 PM
    Friday, October 30, 2015 12:46 PM

All replies

  • 1. Start with cleaning. I mean management of updates that are no m ore needed.

    2. Look into logs and solve errors and warnings.

    3. Analyze WindowsUpdate.log

    4. Read WSUS operational guides.

    M.

    • Marked as answer by loss4words83 Friday, October 30, 2015 1:21 PM
    Thursday, October 29, 2015 6:08 PM
  • wsus may present all the outstanding updates to your clients but the windows update agent will not try to install them all at once. it will do as many as possible until reboots and other update dependencies get in the way, at which point the next batch will address them

    in terms of performance, downloading all those updates once you approve them will surely take a toll on your internet connection to the wsus server, but distributing the updates to the clients should not cause major network issues as BITS will try to do this in the background at low-peak times

    • Marked as answer by loss4words83 Friday, October 30, 2015 1:21 PM
    Friday, October 30, 2015 12:46 PM
  • Thanks guys :)
    Friday, October 30, 2015 1:21 PM