locked
Autonomous downstream server benefits RRS feed

  • Question

  • We have implemented a WSUS server which does not locally store update files.

    A customer now wants to implement an autonomous downstream server, using our server as its upstream server.

    I am struggling to see any benefit in this scenario over them just implementing their own upstream server. Am I missing something?

    Friday, July 20, 2018 2:53 PM

All replies

  • Nope, no benefit that I see. A Single/Upstream server is what they should do.

    Adam Marshall, MCSE: Security
    https://www.ajtek.ca
    Microsoft MVP - Windows and Devices for IT


    Friday, July 20, 2018 6:00 PM
  • Hi,

    There is no benefit in this scenario. The customer can only control the upstream WSUS console by implementing their own upstream server. The customer can select the products and classification, and also check the report status.

    Hope it helps. Please feel free to contact me if there is any problem.

    Best regards,
    Johnson

    =====================
    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
    Monday, July 23, 2018 1:22 AM
  • And, more than it being of no benefit, is it also not practical? Have I misunderstood how Synchronization works, or is the following scenario possible?

    Upstream server had updates available and approved for Windows Embedded but now all clients have installed these. As they are no longer needed, will WAM delete the updates? If so, when the downstream server subsequently synchronizes, will it miss out on these updates which are actually needed by its clients?

    Monday, August 6, 2018 9:30 AM
  • WAM will only decline Superseded, Expired, Preview, and Itanium updates by default. If you enable the Embedded option, then it would remove the Embedded updates entirely.

    Using a replica system would literally replicate what is on the upstream to the downstream. If there are products missing on the upstream that clients on the downstream need, then the downstream clients are out of luck as they'll never know that they exist even if they are needed.

    If I recall correctly, using an autonomous system gives more control for the downstream server. It can select the appropriate products, and if a product does not exist on the upstream server but is selected on the downstream server, then the upstream server on next sync will get this information. The upstream server will then add it to the list of updates to sync with Microsoft and on the next Microsoft sync, it will sync the new products from the category needed by the downstream server. On the next downstream server sync thereafter, it will sync those new updates from the upstream server.


    Adam Marshall, MCSE: Security
    https://www.ajtek.ca
    Microsoft MVP - Windows and Devices for IT

    Monday, August 6, 2018 1:32 PM
  • Hi,

    As far as I know, the downstream WSUS server must synchronize updates from an upstream server. It is designed that the products on downstream server can't be modified.
    Here is the details about the modes of server:
    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd939820(v=ws.10)

    From the autonomous mode, we can see that the upstream server sychronize from Microsoft, and then the downstream WSUS server synchronize updates from the upstream server. The sychronized updates depend on the products and classfication slected in the upstream server. 

    Therefore, you should select the appropriate productions and classfication in the upstream server. In the customer sutiation, they can not choose the product and  classfication.

    Best regards,
    Johnson

    =====================
    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
    Tuesday, August 7, 2018 6:56 AM
  • I stand corrected - autonomous mode is for distributed administration. It's been a long weekend and my mind is groggy.

    Adam Marshall, MCSE: Security
    https://www.ajtek.ca
    Microsoft MVP - Windows and Devices for IT

    Wednesday, August 8, 2018 3:21 AM
  • I have an autonomous downstream server setup (use to be its own server but now gets its updates from an upstream server).  In autonomous mode I'm supposed to be able to select a subset of the products/classifications from what is approved on the upstream WSUS server.  However, I can't.

    This message is shown in 'Products and Classifications':

    "This server is configured to synchronize from an upstream Windows Server Update Services server.  The products and classification can only be configured on the upstream server."

    On the upstream server, my downstream server is listed and the mode is autonomous.  There is no way to modify what products the downstream server updates.

    From everything I read, on an autonomous downstream server I should be able to select my products and classifications.

    Any ideas or do I not understand?  I've tried the replica server option and it is as it sounds - replicates everything from the upstream server.  The servers are in different domains but the domains have a trust between them.

    The downstream server's hard drive gets filled by numerous necessary update files.

    Tuesday, April 9, 2019 8:43 PM
  • The downstream autonomous mode only allows you to approve the updates differently from the upstream server. All products and classifications are taken from the upstream server.

    Remember that by default only approved updates are downloaded.


    Adam Marshall, MCSE: Security
    https://www.ajtek.ca
    Microsoft MVP - Windows and Devices for IT

    Tuesday, April 9, 2019 11:45 PM