Automating WSUS To Download Updates More Than 7 Days Old In Prod Only RRS feed

  • Question

  • Hello

    I am trying to coordinate our QA testing with our app and Windows updates.  Before when updates came out on Tuesday it was easy to coordinate.  Now that updates come out every day there could be new updates that were not QA'd as they came out after the cycle.  

    As a result, I thought a easy solution that meets compliance and doesn't add complexity to the other teams is to install all patches over 1 week old on Prod, as we QA once or 2x a week.

    It seems the main way to do this without 3rd party apps is to use our main WSUS server which is set to 'download nightly' and have that go downstream to a different WSUS server that is set to 'download weekly'.  

    With some testing and coordinating we could make this usable.  I was looking at batchpatch but I don't think that has what I need.

    Ultimate goal is to use posh-wsus or just the wsus cmdlets inside a deployment tool like Octopus to co-ordinate patching across the Windows servers in the back office. 

    Any feedback is appreciated!  Thank you.

    Tuesday, August 4, 2015 8:51 PM