Implementing Windows Server Update Services (WSUS) Replica in Server 2022

Posted on 20th June 2023

Windows Server Update Services (WSUS) is a server role that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS can be used to automatically download and install updates for Windows operating systems and other Microsoft products, such as Microsoft Office and Exchange Server.

WSUS can be deployed as a standalone server, or it can be configured as a replica server in a multi-server environment. In a replica server deployment, WSUS downloads updates from Microsoft Update to a centralized master server, and then replicates the updates to one or more replica servers. Replica servers can be located in remote sites to help reduce network bandwidth usage and to improve update installation performance.

This article describes how to deploy WSUS in a replica server configuration in Windows Server 2022.

Before you begin

To complete this procedure, you must have the following:

A computer that is running Windows Server 2022.
The computer must have Internet Information Services (IIS) installed.
The computer must have WSUS installed. For more information, see How to Install WSUS in Windows Server 2022.

If you are deploying WSUS in a replica server configuration, you must also have the following:

A WSUS master server that is running Windows Server 2022.
The WSUS master server must have WSUS installed and configured. For more information, see How to Configure WSUS in Windows Server 2022.

Procedure

1. On the replica server, open the WSUS Administration Console.
2. In the navigation pane, expand the Replica Servers node, and then click the replica server that you want to configure.
3. In the Actions pane, click Configure Replica Server Settings.
4. On the Configure Replica Server Settings page, type the name of the WSUS master server in the Master Server text box, and then click OK.

The replica server is now configured to receive updates from the WSUS master server.

WSUS replica implementation is a process where you create a copy of an existing WSUS server on another computer. This can be useful if you want to have a backup server in case the primary one fails, or if you want to distribute the load of handling updates across multiple servers.

The first step in implementing WSUS replica is to install the WSUS Role on the destination server. This can be done through Server Manager or PowerShell. Once the WSUS Role is installed, you will need to open the WSUS console and create a new replica server.

To do this, open the WSUS console and click on the “Replica Servers” node in the left pane. In the right pane, click on the “Create Replica Server” button. This will open the “Create Replica Server Wizard”.

On the “Welcome” page, click “Next”. On the “Specify Replica Server Settings” page, enter the name of the replica server and select the “Synchronize from another WSUS server” option. Then, enter the name of the primary WSUS server and click “Next”.

On the “Specify Synchronization Settings” page, select the “Synchronize automatically” option and enter the synchronization interval. Then, click “Next”.

On the “Specify Proxy Settings” page, enter the proxy settings if you are using a proxy server. Then, click “Next”.

On the “Specify Content Settings” page, select the “Download updates from Microsoft Update” option. Then, click “Next”.

On the “Confirm Settings” page, review the settings and click “Finish”.

The replica server will now start synchronizing with the primary WSUS server. This process can take some time depending on the number of updates that need to be downloaded. Once the synchronization is complete, you will be able to deploy updates to clients from the replica server.

WSUS can be deployed in a replica mode to provide high availability and load balancing. In this mode, one WSUS server is designated as the upstream server and the other WSUS servers are configured as downstream servers. The upstream server synchronizes with Microsoft Update and then replicates the updates to the downstream servers. The downstream servers then distribute the updates to their clients.

To configure WSUS in replica mode, you need to perform the following tasks:

Install WSUS on the upstream server and configure it to synchronize with Microsoft Update.

Install WSUS on the downstream servers.

Configure the downstream servers to connect to the upstream server.

Specify the replica mode settings on the upstream server.

Specify the replica mode settings on the downstream servers.

When configuring the replica mode settings, you need to specify the following:

The name of the replica server.

The replica server port number.

The replication interval.

The synchronization schedule.

After you have configured the replica mode settings, you need to configure the update approval settings. The update approval settings determine which updates are replicated from the upstream server to the downstream servers.

You can configure the update approval settings by using the Update Services console or by using the WSUS API.

When configuring the update approval settings, you need to specify the following:

The products for which updates should be approved.

The classifications of updates that should be approved.

The types of updates that should be approved.

The approval settings can be applied to all updates or to individual updates.

After you have configured the update approval settings, you need to configure the update synchronization schedule. The update synchronization schedule determines when the upstream server synchronizes with Microsoft Update and when the downstream servers synchronize with the upstream server.

You can configure the update synchronization schedule by using the Update Services console or by using the WSUS API.

When configuring the update synchronization schedule, you need to specify the following:

The synchronization start time.

The synchronization interval.

The synchronization schedule can be applied to all updates or to individual updates.

After you have configured the update synchronization schedule, you need to configure the update distribution settings. The update distribution settings determine how the updates are distributed from the WSUS servers to the clients.

You can configure the update distribution settings by using the Update Services console or by using the WSUS API.

When configuring the update distribution settings, you need to specify the following:

The WSUS server from which the updates should be downloaded.

The download location for the updates.

The distribution schedule.

The distribution settings can be applied to all updates or to individual updates.

After you have configured the update distribution settings, you need to configure the update client settings. The update client settings determine how the clients connect to the WSUS servers and how the updates are installed on the clients.

You can configure the update client settings by using the Update Services console or by using the WSUS API.

When configuring the update client settings, you need to specify the following:

The WSUS server to which the client should connect.

The connection schedule.

The update installation schedule.

The update installation settings.

The client settings can be applied to all clients or to individual clients.

After you have configured the update client settings, you need to configure the reporting settings. The reporting settings determine which reports are generated and how the reports are delivered.

You can configure the reporting settings by using the Update Services console or by using the WSUS API.

When configuring the reporting settings, you need to specify the following:

The report generation schedule.

The report delivery method.

The report delivery schedule.

The report delivery settings.

The reporting settings can be applied to all reports or to individual reports.