4

I have following situation:

Production environment with SCCM and WSUS integrated so all software installs and patching is done via SCCM. Wsus server is windows 2012 and system center is 2012R2.

Test environment which doesn't have internet connectivity and has very limited connectivity to production enviorment. In this test environment I need to set up WSUS replica server which would pull aproved updates from production environment. Wsus server can be 2012 or 2012R2.

Is it possible to use WSUS from production environment as an upstream server for wsus replica server in test environment ? How are then approvals handled ?

Bostjan P
  • 41
  • 4

1 Answers1

1

I've never done this, but MS has documentation on the matter. Your WSUS test server would be considered a 'disconnected server', and MS gives instructions on how to import updates:

Automatic synchronization of software updates is not possible when the software update point at the central administration site or stand-alone primary site is disconnected from the Internet, or when an Internet-based software update point is disconnected from the active software update point for the site. To retrieve the latest software updates for a disconnected software update point, you must use the WSUSUtil tool to export the software updates metadata and the license terms files from a software update source, and then you must import the metadata and files to the disconnected software update point.

The 'software update source' would be your production WSUS server.

References:

https://technet.microsoft.com/en-us/library/gg712312.aspx

https://technet.microsoft.com/en-us/library/gg712312.aspx#BKMK_SyncDisconnected

MDMoore313
  • 5,531
  • 6
  • 34
  • 73
  • Hi, I know this but I don't want to manually copy files to WSUs server in test environment. WSUS server from test environment can connect to production WSUS (but not to internet), I just need to know if this will work since production wsus in integrated with sccm. – Bostjan P May 26 '15 at 18:53
  • haha, I understand you may not *want* to, but that's MS's process, and it's not a common thing. the best thing you can do is use WSUSUtil w/ Powershell, but that looks like it's the only way. – MDMoore313 May 26 '15 at 19:33
  • Still don't see reason why. It's not disconnected entirely. It has network connectivity to production environment and thus production WSUS. Only thing is that production WSUS is integrated into SCCM so updates are not managed and aproved via wsus management console but trough SCCM SUP. – Bostjan P May 26 '15 at 19:56