Deep Dive How to Configure a Shared WSUS Database for Multiple SUPs in SCCM

preview_player
Показать описание

In this video guide, we will be covering how to use a shared WSUS database for multiple software update points in SCCM. Using a shared WSUS Database is generally considered a best practice in well-connected scenarios since this offloads the vast majority of network impact if a client were to switch SUPs in SCCM.

Topics in Video:

Add "\\" to the beginning of Physical path in IIS Content virtual directly

- Change Authentication for Anonymous Authentication to use WSUS Application Pool Identity instead of local IUSR account

Commands and Notes:

- Powershell command to see WSUS installed role services: Get-WindowsFeature -Name UpdateServices*

- Powershell command to remove WSUS WidDB: Remove-WindowsFeature -Name UpdateServices-WidDB

- Powershell command to install WSUS SQL Database Connectivity: Install-WindowsFeature -Name UpdateServices-DB

SQL_INSTANCE_NAME and CONTENT_DIR should be changed to for your environment details

Helpful Resources:

  1. Patch My PC
  2. WSUSUTIL
  3. WSUS Shared Database
  4. SCCM SUP WSUS
  5. SCCM Shared SUPs
  6. Share WSUS SCCM
Рекомендации по теме
Microsoft Endpoint Manager 0:56:42

Microsoft Endpoint Manager Configuration Manager Deep Dive

QoS Deep Dive 1:55:56

QoS Deep Dive

BGP Deep Dive 2:10:28

BGP Deep Dive

EIGRP Deep Dive 1:32:05

EIGRP Deep Dive

OSPF Deep Dive 2:26:28

OSPF Deep Dive

Deep Dive: unlock 0:47:03

Deep Dive: unlock design system scalability with variables - Luis Ouriach, Jacob Miller(Config 2023)

How To Set 0:08:10

How To Set Up Sidemount Regulators | Deep Dive

No Rules Or 0:07:46

No Rules Or Tapes! Precise Measurements With Setup Blocks | Deep Dive | Woodpeckers Tools

Take a deep-dive 0:00:24

Take a deep-dive into the pedals featured on the JJN 50 plugin in our new video series!

How To Assemble 0:06:47

How To Assemble A Twin Set | Deep Dive

GitHub Actions: Approvals, 0:13:43

GitHub Actions: Approvals, Environments and Visualization DEEP DIVE

Microsoft Azure Front 0:40:21

Microsoft Azure Front Door Deep Dive

ExpressRoute Deep Dive 1:19:19

ExpressRoute Deep Dive

How to do 0:37:16

How to do a Deep Dive using TC2000

AS-Interface - Safety 0:12:46

AS-Interface - Safety Deep Dive - Part 2

Flux 1.1 Deep 0:10:41

Flux 1.1 Deep Dive! The Best Gets Better!

Spanning Tree Protocol 2:02:10

Spanning Tree Protocol (STP) Deep Dive

AWS Auto Scaling 0:10:37

AWS Auto Scaling Deep Dive

Consul Service Mesh: 0:39:27

Consul Service Mesh: Deep Dive

Breakout Setup Qullamaggie 0:27:23

Breakout Setup Qullamaggie Style Deep Dive | 963 Breakouts Reviewed | Results

Lyngdorf TDAI-1120 - 0:25:50

Lyngdorf TDAI-1120 - feature deep dive

Power BI Dev 0:54:02

Power BI Dev Camp Session 18 - Developer Deep Dive into Row Level Security (RLS)

AWS re:Invent 2019: 0:55:00

AWS re:Invent 2019: Deep dive on DNS in the hybrid cloud (NET410)

Deep Dive into 0:36:23

Deep Dive into OSD Task Sequence Client Side Troubleshooting in Microsoft SCCM

Комментарии
Автор

Really appreciate the effort which you have put in for the community. Really liking the entire series.

ranvijaybharti
Автор

Great video. This video shows modification from existing SUPs in SCCM environment. what if I want to create new WSUS/SUP and shared database. What all things I need to keep in mind before proceeding.

rachnapandit
Автор

This is really very nice video. One question, We have setup one more SUP on our standalone primary site with shared wsus database. But now everytime the update souce in wsus options getting changed to the server itself. We need to manually change the update source to Microsoft update in wsus.

rahulgupta-gpnu
Автор

This is a great video. I have a question though, only because of dealing with this recently.

I was having an issue with the WSUS Cleanup Wizard not able to start when attempted to clean unneeded update files. I banged my head against the wall for a couple days before I called Microsoft. After we looked through everything, their takeaway was that since my WSUS was connecting to a network location for the WSUS content folder, that was why I was having the problem. They told me that the WSUS Cleanup Wizard is not designed to work with the content folder on a network share of any kind, it should be local. So, giving it the benefit of the doubt, I made the change to where we store that content. As soon as I put that folder local to the WSUS server, and it synchronized, the cleanup started and worked. Have you tested to see if WSUS Cleanup Wizard works to clean up unneeded update files with this configuration? I run a non-MS script for WSUS maintenance, but it still calls the Cleanup Wizard.

Zeingeist
Автор

Hi,
Couple of Queries:
1. Is there any difference between schedule sync and manual sync and
2. Will a schedule sync triggers a Full sync or Delta sync?

And once again, thanks a lot for sharing your experience with us...

ashwing
Автор

Do we need to set SUP2 as downstream server if using Shared SUSDB and Content? Thanks for sharing!

kevintran
Автор

Hey Justin, solid work as usual! Quick question for you... I'm setting up IBCM at a site (They're not ready for CMG yet :( ) and setting up the SUP role on the IBCM server, but want to configure it to share their existing WSUS SQL database on the primary site server which is running on Windows Server 2012. However, the IBCM server in the DMZ is running Windows Server 2016. Will there be an issue if I install the WSUS role on the IBCM server running Windows Server 2016? Thanks in advance for the assist!

jcc
Автор

If you wanted to use SSL is there anything that would need to be done differently? Do you need to set up SSL before or after, would it matter?

bITTERSWWWEET
Автор

We are planning to create one more SUP role, the server is 2019 OS and primary SUP is on 2012 R2 OS. We need to use the primary SUP as upstream server to new one and share the Same database. Should both server have same OS version. If not what would be the next step

mohananaidu
Автор

Might be worth noting that this cannot, and should not be done, on a Secondary Site SUP/WSUS - this will cause configuration issues

DaveDoes-Stuff