Question : SUS and WSUS --- Best practice and set up and configuration

I have a current SUS server running on an old machine, which is pushing out Windows Updates on all server and client machines. I have set up a new WSUS server on a virtual machine, planning to replace the SUS server. Here are some questions:
1. On the SUS server, how could I remove all the servers from being managed by the SUS server?
2. On the WSUS server, what are the step-by-step instructions on how to push out updates to a specific group of computers via AD group policy?
3. How do you verify that the client machines within the group have received the updates from WSUS quickly?
Thanks.

Answer : SUS and WSUS --- Best practice and set up and configuration

I went throught the same replacement a couple of years ago. If you don't have to much custom approvals or decline of certain updates. Just stop using the SUS on the old machine. If you do upgrade etc, you could run into issue and wasting time and eventually ended up start from scratch with a new WSUS. It would be very stratight forward to setup WSUS, particularly on a VM is the best way to go.

You don't have to do anything on your SUS server other than shutting it down. Or you can leave it up running until you've setup your WSUS and tested with a different GPO and confirm working. This means you leave the current GPO of your SUS the way it is and leave your SUS server running as is. Set up your WSUS and with a new GPO to point to http://NewWSUS in the GPO. Apply this GPO to a test OU with 1 or 2 sever or workstations. If working, unlink your old GPO for the SUS and link your new GPO to the same OU where your old GOP was applied to.

When you first setup your WSUS, nothing will be showing on your WSUS server. You need to create a new GPO(as suggested above) and direct it to http://NeWSUS and link the GPO to the computer OU. THen the computer(server or workstation) will appear in the WSUS server under unassigned computers. You should create groups in your WSUS server to organize the machines in the similar way you have for your AD or your SMS, if you have one. This will allow you more flexibility what group of machine you want to test and approve updates.

To verify if the client machines are receving the GPO and talking to the WSUS, follow the steps for the clent machines:
1. Force a group policy update (if client machine is in a domain): type gpupdate /force
2. You may run gpresults at the command prompt to verify if the GPO did get applied.
3. Force a detection: type wuauclt.exe /resetauthorization /detectnow, wait 10 minutes for a detection cycle to finish before verification.

More helful info:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q-23891922-Computers-are-Unable-to-contact-WSUS-on-a-2008-server.html
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23837767.html

Random Solutions

validating parameters in batch file

sql to copy data from table 1 to table 2 in sep databases

how do I change the default name in a comment box in Excel 2007?

Creative SB0460 - Windows 7

How to recover moved files and deleted files from Windows machine

SharePoint: Error Moving File or Folder Cannot Read from Source File or Disk

SQL datetime issue: The following 2 sections of code produce different results.

How do I programmatically set the recordsource in a subreport?

Automatically rename an Excel worksheet with previous days date, excluding weekends

ASP.Net asynchronous sql execution