The following blog runs through the procedure that is required to install a remote SUP in your environment. This could be to off-load site roles from the site server or to scale out.

Note that the installation has taken place on a Windows 2008 R2 server and that the site server is not going to be used as a SUP. For remote WSUS configuration on Server 2012 see here.

Install the WSUS Console on the site server

Download WSUS 3.0 SP2 from here.

Click Next in the WSUS install wizard.

remoteWSUS-05

When prompted choose to install the console only. Click Next.

remoteWSUSExtra-01

Accept the licence agreement and click Next.

remoteWSUS-06

One the install is complete click Finish.

remoteWSUS-13

Install MS KB’s 2720211 and 2734608

Go to http://support.microsoft.com/kb/2720211/en-ushttp://support.microsoft.com/kb/2734608/en-us respectively and install the WSUS 3.0 SP2 update patches, in no particular order.

Install IIS role on the remote SUP server

Connect to your remote server allocated for the WSUS role and load Server Manager. Choose Add Role. Select Web Server (IIS) and click Next.

remoteWSUS-17

Click Next.

remoteWSUS-18

Add the following IIS components

Common HTTP Features

Static Content

Default Document

Directory Browsing

HTTP Errors

Application Development

ASP.NET

.NET Extensibility

ISAPI Extensions

ISAPI Filters

Health and Diagnostics

HTTP logging

Request Monitor

Security

Windows Authentication

Request Filtering

Performance

Static Content Compression

Management Tools

IIS Management Console

IIS 6 Management Compatibility

IIS 6 Metabase Compatibility

 Click Install.

remoteWSUS-19

remoteWSUS-20

Once installation of the IIS role is complete click Close.

remoteWSUS-21

Install Report Viewer 2008 on the remote SUP server

Download Report Viewer 2008 from http://www.microsoft.com/en-us/download/details.aspx?id=6576

Run the Reportviewer.exe file. Click Next.

remoteWSUS-22

Accept the licence terms and click Install.

remoteWSUS-23

Once complete click Finish.

remoteWSUS-24

Install WSUS on the remote SUP server

Follow the procedure to install WSUS on the remote SUP server as outlined earlier, however note the difference at the Database Options screen.

Choose ‘Use an existing database server on a remote computer’. Enter the hostname of the site server where the SUSDB was installed previously. Click Next.remoteWSUS-25

Once a connection is made to the remote database choose to use the existing database on the SQL server. Click Next.remoteWSUS-26

Continue the wizard through as per the previous WSUS install until complete. Then patch the SUP server with MS KB’s 2720211 and 2734608.

Add site server as local admin on the remote SUP server

Ensure that the site server has admin rights to the remote SUP server by adding it to the local administrators group.

remoteWSUS-27

Add the remote SUP server as a site system and install SUP role

Before the SUP role can be added in, the remote server must be added into SCCM as a site system. In the SCCM console go to the Administration workspace and choose Site Configuration>Servers and Site System Roles. Select ‘Create Site System Server’

remoteWSUS-28

Type in the FQDN of the remote SUP server and select the site code from the drop down list. Click Next.

remoteWSUS-29

Enter any proxy details if required. Click Next.

remoteWSUS-30

Choose to install a Software Update Point and click Next.

remoteWSUS-31

Select to use WSUS ports 8530 or 8531. If using 8531 (HTTPS) check the ‘Require SSL communications to the WSUS server’ checkbox. Click Next.

remoteWSUS-32

Click Next.

remoteWSUS-33

Select a synchronisation source, in this instance I am using the Microsoft Update site. Click Next.

remoteWSUS-34

Select a synchronisation schedule. I am using the default of every 7 days. Click Next.

remoteWSUS-35

Set the supersedence rules. Click Next.

remoteWSUS-36

Select the classification of updates you wish to install. Click Next.

remoteWSUS-37

Select the products that you wish to install updates for. Click Next.

remoteWSUS-38

Select language settings you want to synchronise. Click Next.

remoteWSUS-39

Click Next at the Summary screen.

remoteWSUS-40

Click Close once complete.

remoteWSUS-41

The SUP will being to install. Check the SMS\Logs folder on the remote server. In particular the SUPSetup.log which will report the success/failure of the SUP.

remoteWSUS-42

Also the WCM.log file on the site server will report connectivity to the new SUP.

remoteWSUS-43

..and the progress of the sync for product and classifications.

remoteWSUS-44

The sync can take a while. Once complete the following will be reported in the WCM.log.

remoteWSUS-48

Also take a look at the wsyncmgr.log file on the site server for information about the latest synchronisation that is taking place.

remoteWSUS-49

Finally, to check the status of the new SUP check the Site Status health in the Monitoring workspace.

remoteWSUS-45

and at the Component Status for the remote server.

remoteWSUS-47

The remote SUP is now successful installed.

Advertisements