1

Is it possible to set a secondary/backup Windows Update server in case a WSUS server get down for whatever reason, purely client side ? If yes, how ?

I have set up a WSUS server on a small business to save bandwidth, but in case of problem the server can stay down for a prolonged time. Current configuration auto approve non optional security updates, it is strictly to save bandwidth on WAN so there would be no problem putting Microsoft's servers as secondary as there's no validation process required, and that's my goal as secondary WSUS server.

Solutions can include registry or additional software or anything your imagination can find but should not rely only on AD specific GPO as it needs to be applicable out of AD networks, each clients should rely on themselves for the task.

Documentation I found explain how to do this

not what i need

Or this

enter image description here

But what i'm looking for is this

failover to Microsoft's servers

Or this (any WSUS server on a list, can include Microsoft's server with clients trying each from first to last until one works)

I have searched for "backup WSUS server" but only found how to make an actual backup of a server hosting the update service

I have searched for "secondary WSUS server" but only found how to sync WSUS between them or how to cluster them server side

any server from a list, possibly include microsoft's servers

Zulgrib
  • 353
  • 5
  • 17
  • 1
    Please show your research efforts so far. – BlueCompute Feb 02 '15 at 11:20
  • SBS server means that you have a single domain controller.. if that single server fails then your clients will have much larger issues at hand than not being able to run windows update.. – pauska Feb 02 '15 at 13:21
  • pauska : As i'm looking for solutions that doesn't require AD, having an AD server down isn't a problem, there's none in the first place. BlueCompute : I crawled through Microsoft technet website (https://technet.microsoft.com/en-us/library/dd939844%28v=ws.10%29.aspx) and didn't found more than that for my related question. There's no clear way to do that with registry or 3rd tools from Microsoft's official documentation from my link. Looking for "backup wsus server" or "secndary' on Google didn't yeld results other than how to make a backup of your actual WSUS server or replica of WSUS – Zulgrib Feb 02 '15 at 16:44
  • `1.` How is the windows-7 tag relevant to this question? `2.` Have you read this?: https://technet.microsoft.com/en-us/library/dd939896(v=ws.10).aspx – joeqwerty Feb 02 '15 at 16:59
  • I didn't, but the update servers require to share a database and I doubt Microsoft will share their or use mine. I know I edited the question around the same time you replied, but it was specified before edit, maybe not precisely enough that I intended to make the client connect to Microsoft's update server directly in case of problems. If the question is not precise enough i'm better off closing this one and rewrite it. – Zulgrib Feb 02 '15 at 17:09
  • 1
    Sounds like you want to do what was asked here. http://serverfault.com/questions/351829/configuring-location-based-gpo-for-wsus-updates-but-only-for-some-clients Non-GPO work around toward the end. – Clayton Feb 02 '15 at 17:20
  • @Craig620 Indeed the script and the tool (both combined together) seems to be a valid pure client side solution, please make a full answer with credits to the posts you will borrow information to allow me to mark as answer. – Zulgrib Feb 02 '15 at 17:44

1 Answers1

1

Sounds like you want to do what was asked here. Non-GPO work around toward the end.

Community
  • 1
Clayton
  • 4,483
  • 16
  • 24