Overview
When an endpoint communicates with a Replica WSUS server, group assignment changes can take time to appear in the Primary WSUS.
This article describes how to trigger the sync manually and how to automate the process.
Manual Sync Steps
The following two steps are required to propagate group changes from the Replica to the Primary:
Endpoint Communication
There are several ways to trigger communication between an endpoint and its configured WSUS server. The most reliable methodת, regardless of Windows version or running services, is the following PowerShell command:
| $criteria = "" |
| $updateSession = new-object -com "Microsoft.Update.Session" |
| $updates = $updateSession.CreateupdateSearcher().Search($criteria).Updates |
This command triggers a "check for updates" without applying anything.
Once complete, the Last Contact attribute for the endpoint in WSUS should update to the current time (right-click the table headers to add this column).
| Note: You can use the JetPatch Run Task capability to run this command across your environment. |
Replica Synchronization
Start a regular synchronization from the Replica to the Primary WSUS.
| Note: The synchronization will also pull updates and approvals from the Primary WSUS. |
Automated Sync (if a few hours' delay is acceptable)
- Set the endpoints GPO configuration for "Automatic Updates detection frequency" to 4 hours.
- Configure an automated synchronization policy running 24 times per day.
- See: How often should I sync the WSUS replica to its primary server?
Comments
0 comments
Please sign in to leave a comment.