Jump to content


Windows 10 Clients configure for stand alone WSUS bound to SUP

Recommended Posts

We have a ConfigMgr setup where I work that was put in with a primary focus on patching servers, and for managing antivirus for both Clients and Servers.  This is the way things are and ultimately I want to get our on-prem clients pulling OS updates from ConfigMrg, but we aren't there today.  We do have the ConfigMrg client on all our Windows 10 machines so they are part of ConfigMgr inventory and we get Windows Defender reporting out of them.

In order to keep the Windows clients patched we are using a standalone WSUS server (separate from the SUP) that is assigned via Group Policy.  This seems to work for about 95% of our clients, but for some reason a small subset of machines seem to have attached themselves to the ConfigMgr SUP and naturally, are not being patched at all.  There is no record of the machine on the WSUS console but if I point my WSUS administration console at the SUP and look at the computers I see the missing machines there with recent activity.

Does anybody know how or why this happens?  How do I prevent it from happening in the future?  And how do I get the machines looking at the SUP for Windows Update to stop and get them pointed back at the standalone WSUS?

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...