Windows Server 2008 Thread, WSUS/Internet Updates Combination? in Technical; Hey guys, first off, new to the forums although you have been my main source of information for about 7 ...
30th September 2010, 12:22 PM #1
WSUS/Internet Updates Combination?
Hey guys, first off, new to the forums although you have been my main source of information for about 7 months, for some reason I never got round to registering, so no more excuses.
Anyway, straight to the point.
I am currently working in a college and we have some members of staff that take thier laptops everywhere which doesn't just include home and school but abroad as well, all work related.
Either way, I have been called in to help another technician and first on the list was to setup WSUS. Something I have done a plenty of times before, however the issue I foresee happening is that when a member of staff comes back from an extended holiday they are going to have a laptop that is going to require X amount of updates.
I am wondering if it is possible to set up the laptop to use WSUS when inside the college and on the network but also set it so it can recognise when its outside the network which will then trigger it to use windows updates from the internet as its second choice. Ensuring the laptop is always kept up-to-date.
The college has 6 main servers, one of which is dedicated for WSUS alone, all Server 2008 R2.
The setup is all group policy, no professional management systems.
So main question, is it possible to have a combination of WSUS and internet, or am I just speaking rubbish. Until someone tells me I am, I might be looking for something thats just not possible.
30th September 2010, 12:37 PM #2
We have remote access for our laptops via ISA server VLAN - when they connect to the school network the laptop downloads any WSUS updates it's been assigned. Users can connect to the VLAN even if they're logged onto the laptop using a non-domain user account.
19th October 2010, 07:56 PM #3
Set up a reverse proxy on a public facing IP to the WSUS server so a url something like
Apache, Squid or MS ISA/TMG can be used for this.
Then set Group Policy for machines that leave site to use the public URL instead of the local one.
19th October 2010, 08:02 PM #4
I believe MS Licencing terms of WSUS forbid external access(i asked the question a month or so ago)
Originally Posted by psydii
although it seems using a VPN is an option.
21st October 2010, 10:57 AM #5
Ah, perhaps that's why I've always done it via VPN. Guess I must have 'known that' back when I last built a system...
If the machines are mostly not going to be connected to the lan then perhaps just letting (forcing) them to use Microsfot Update instead would be best?
WSUS & Remote Users
10th December 2010, 02:17 PM #6
You can create two different group policy's, specifying the windows updates settings in each - one to point to wsus and another to point to windows update. Then apply each gpo to seperate containers. This may involve re-organizing your AD computers a bit.
By cookie_monster in forum Windows
Last Post: 1st July 2008, 10:16 AM
By cookie_monster in forum Windows
Last Post: 25th June 2008, 07:41 PM
By RChilcott in forum Windows
Last Post: 24th January 2007, 03:48 PM
Last Post: 2nd December 2006, 11:58 AM
By ChrisH in forum Windows
Last Post: 13th September 2005, 11:55 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread