After deploying the WSUS3.0 you will need to generate the report to see the status of desktops patched. This report can be detailed and summarized depends what you need, below is the summarized report which gives the details of each and every updates whether installed or needs to be installed on the computers.
When I did the deployment of WSUS I was having problem to push the patches to a particular user/group. I wanted to keep the desktops according department wise. By default it is not possible even though if you create a separate group in WSUS3.0. For this you need to makes changes to the Group Ploicy. What I did was that, AD –> OU –> Properties–> Group Policy –> Edit –> Administrative Templates –> Windows Components –> Windows Update –> Enable client-side targeting
I’ve deployed another WSUS3.0, thought to post about it. This setup is very simple and easy and you just need to do some tweaks with Group Policy to add the existing desktop on the WSUS List or if you want to the Desktop Targeting.
The above pictures show the list of update available to be pushed on the un-patched desktops on the network.
The step shows how simple it is to APRROVE the updates.
Once the updates are selected, you can decide for approval.
These updates are categorized into three i.e. Critical updates, Security updates and WSUS updates.
Note : You must run the WSUS Wizard to choose how you want to setup the WSUS. You can define the criteria of pushing the patches on your network. You can setup the synchronization time to update with Microsoft server to avoid bandwidth choking during the working hours.
In order to target the desktops to a particular group in the WSUS you need to some tweaks in the AD. I’ll try to write on this. cheers:)
