1

Is there an fairly easy way to find out how many workstations in my net that does not use wsus update? I have a feeling that many of my workstations does in fact not use wsus update, but instead choose to go online and download the updates.

I don't want to do this manually, there is about a thousand workstations.

Thanks in advance.

Maclovin

voretaq7
  • 79,345
  • 17
  • 128
  • 213
Maclovin
  • 249
  • 1
  • 2
  • 11

2 Answers2

4

If you know how many workstations you have, subtract the number of workstations listed in WSUS. You then have the number of workstations that are either updating directly from the Internet or not updating at all.

For a network with 1000+ machines you almost certainly have a domain. You can use Group Policy to enforce a WSUS policy, and ensure machines connect to your WSUS server and receive regular updates.

Chris Thorpe
  • 9,903
  • 22
  • 32
  • What I forgot to mention is the slight fact that things are not always what they seem. It is true that I have a domain, but it is also true that my bit of that domain is an OU. also, I am not totally sure of the number of computers. Can be 100 off perhaps. – Maclovin Dec 01 '10 at 09:45
  • Tricky. You can count the number of machines you have by doing a search in AD Users & Computers to find the total machines you have in a particular OU. If the WSUS server contains machines from other OUs that you don't control, you could potentially export a list of all machines from ADUC, then another list of machines from WSUS, and compare the lists in excel with a bit of find/replace tidyup work. – Chris Thorpe Dec 01 '10 at 09:56
  • Well, U can query domain for any machine in it (outside ur UO too), so to complement cris, extract the list, compare and the difference query Domain. – Carlos Garcia Dec 01 '10 at 15:41
1

As Chris has stated, you can look at the computers that have "registered" with the WSUS server in the WSUS console and compare that to the computers in ADUC. The WSUS console has several computer related reports that you can run and save to an Excel spreadsheet. In ADUC you can create a query that finds all computers where the computer name has a value, which will list all of the computers in the domain regardless of their location (OU), the query results can then be exported as a tab or comma delimited file and can be opened in Excel and compared to the WSUS computer report.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171