• WSUS 20H2 rollout

    Author
    Topic
    #2379520

    We are experiencing difficulties with 20H2 rollout.
    The thing is, that computers cannot upgrade, if they are not connected to the internet.

    On affected computers without internet in the Windows Update section, I see “Waiting for download”.
    If I log with user, that has the access to the internet, I can install update 20H2.

    Before you suggest, that we should set updating PCs from other computers and WSUS, consider this:

    All other updates are updated WITHOUT the internet! Defender, framework, cumulative updates, all works automatically.
    But the 20H2 update refuses to install without the internet.Is our WSUS misconfigured? Does someone has the same experience, or does it meant to be that way?

    Thanks for replies, D.

    Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

    HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

    PRUSA i3 MK3S+

    • This topic was modified 2 years, 4 months ago by doriel.
    Viewing 1 reply thread
    Author
    Replies
    • #2379535

      EDIT: Some updates really seem to require connecting to the internet.. hmmmm..
      How can I achieve updating from WSUS without connecting end stations to the internet?

      BMHO, Its contradictory to connect to the internet to get updates to stay more secure. Its more secure to stay offline. Its less secure to be exposed to internet, but up-to-date.
      Maybe someone could change my mind, but thats how I see it.

      Imagine person, who is affraid to swim. Whats more secure?
      a) let him stay on the ground
      b) put him in the water and give him life buoy. Life bouy cant sink, right?

      Please help to find solution for us.

      Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

      HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

      PRUSA i3 MK3S+

    • #2379579

      You shouldn’t need to be connected to the ‘full’ internet to do the upgrade. Just allow the MS upgrade servers access to your client PC’s, then do full virus and malware scans. You can cut off the net after that.

       

      Of course, if you don’t like the way Microsoft does this, you could complain (good luck!). Or you could make long range plans to change OS’s…or not. One other alternative would be to look at Cloud systems.

      1 user thanked author for this post.
      • #2379581

        You shouldn’t need to be connected to the ‘full’ internet to do the upgrade. Just allow the MS upgrade servers access to your client PC’s, then do full virus and malware scans. You can cut off the net after that.

        Of course! Thats briliant solution, thanks a lot for your suggestion.

        PS – another alternative is to stay unpatched and patch only servers for example, but Id like to have solid solution. Your suggestion is very nice. Thanks a lot.

        Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        PRUSA i3 MK3S+

    Viewing 1 reply thread
    Reply To: WSUS 20H2 rollout

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: