Setup Offline WSUS Server 2012 R2

-

dear all,

encounter problem during deployment hope here can give me pointers.

first let me explain whole setup. there 3 wsus servers. 2 db servers 1 downstream server.

all these server don't have internet access @ all. server been harden due security reason. port 8530 allow updates.

1. both wsus_db1 , wsus_db2 is a cluster server. both installation option choose was using wis database , services.

2. downstream sever (wsus_downstream)

question (setup layout)

- should wsus_db1 consider upstream server to wsus_db2 has downstream server? using synchronize windows server update services server?

- how import offline update database the new wsus server database?

- must use sql database?

-where can download offline update database?

problem encounter (during setup)

- when wsus_downstream synchronize windows server update services server, have selected following "this replica of upstream server" when click next don't seem able connect. there error massage.

- missing product classification windows xp , server 2000 only. how can update latest product classification list.

hope can give me advise , pointer in installation.

thank & regards

melvin c






hi there

it has been while since you've posted nevertheless, let me summarise experience problem far.

we have regular lan internet access, , network isolated, not connected other networks or internet. here short version how deploy updates in our disconnected network:

prepare regular network (setup export server)

  1. setup standalone wsus server in regular network using default values
  2. specify products, languages , classifications want download
  3. under 'update files , laugages', uncheck option "download update files server when updates approved"
  4. let server synchronise , download updates (takes 1 night , requires 320 gb of storage)

then prepare disconnected network (setup import server)

  1. setup standalone wsus server cancel initial setup wizard. make sure has same amout of diskspace 1 in regular network
  2. configure 'update files , languages', same settings regular wsus server.
  3. under 'update source , proxy server', leave option @ "synchronize microsoft update"
  4. set synchronisation schedule 'synchronize manually'

now more interessting part:
how products , update database disconnected server

when install wsus server role, tool 'wsusutil.exe' installed within path:
c:\program files\update services\tools\wsusutil.exe

note: facing issues cab files got big after adding lot of products, had install kb2828185 on our win2008r2 wsus 3.0 servers, allowed change cab xml.gz files

this tool allows export metadata export server in regular network:

"c:\program files\update services\tools\wsusutil.exe" export "%destination%\export.xml.gz" "%destination%\export.log"


now import metadata on import server

"c:\program files\update services\tools\wsusutil.exe" import "%source%\export.xml.gz" "%source%\export.log


after first synchronisation, can configure products , classifications. make sure both wsus servers configured same way, might 'unable download' messages if configure different settings

you ready synchronize whole wsus content (update files) , according update-metadata. , synchronize, talking exporting usb disk, , import whole thing on disconnected server.

first synchronisation takes ages 300 gb update files have copied twice, differentials take around 45 minutes export , longer imports. copyjobs easy robocopy /mir command. installed wsus on d:\ drive, leaves me little script:

set datasource=d:\wsus\wsuscontent set destination=\\exportcomputer\usbdisk$\wsustransfer  robocopy "%datasource%" "%destination%\wsusdata" /mir /r:1 /w:1 "c:\program files\update services\tools\wsusutil.exe" export "%destination%\metadata\export.xml.gz" "%destination%\metadata\export.log"

and same thing on other side, import files , metadata disk import wsus server.

be aware - might take 24 hours, until wsus mysteriously progressed metadata , checked if files available. until then, many updates might show download status of 'the file being downloaded'.

i hope people might profit summary. feel free improve post.

good luck!

stefan gabriel



Windows Server  >  WSUS



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more