Configure WSUS for Roaming Client Computers
Applies To: Windows Server Update Services, Windows Small Business Server 2011 Standard, Windows Server 2008 R2, Windows Server 2003 with SP2, Windows Server 2008 R2 with SP1
If your organization supports roaming users, you can configure Windows Server Update Services (WSUS) 3.0 SP2 to optimize downloads for those users’ computers.
A roaming user logs on to the network by using the same computer from various geographical locations. With the proper configuration, these computers can always download approved updates from the WSUS server that is nearest to their current connection point.
The instructions in this topic assume that the network has several different DNS subnets, and that you will install WSUS servers in the subnets.
Important
The user account that is used to configure DNS must have the appropriate domain-level credentials. For more information about domain-level security, see Local and Domain Default Groups. We recommend that you confer with your DNS and network administrators before you perform these procedures.
To configure WSUS for roaming client computers, you must perform the following steps:
Identify the WSUS server in each subnet
Identify one server in each subnet to use as a WSUS server. Record each server’s static IP address.
Set up DNS host (A) resource records
On the DNS server, set up a DNS host (A) resource record for each planned WSUS server. Use the same host name for each planned WSUS server. For more information about how to add DNS host (A) resource records, see Adding Resource Records and Add a host (A or AAAA) resource record to a zone.
Set up the DNS server for netmask ordering and round robin
Netmask ordering restricts DNS name resolution to computers in the same subnet. If there are multiple name resolutions, round robin will rotate through the list of available hosts to return a result. By enabling these two DNS features, you ensure that when a client computer requests a WSUS server, any WSUS server on the same subnet is returned first. If any subnet does not have a WSUS server, host name resolution for client computers in that subnet will rotate through the list of WSUS servers in other subnets.
For a more comprehensive understanding of netmask ordering and round robin in DNS, see Description of the netmask ordering feature and the round robin feature in Windows Server DNS.
To set up netmask ordering and round robin, perform the following procedure on the DNS server:
Set up netmask ordering and round robin
Logon to the DNS server by using an account that has the appropriate domain-level privileges.
Click Start, click All Programs, click Administrative Tools, and then click DNS.
In the DNS console, right-click the DNS server node, and then click Properties.
Click the Advanced tab.
In the Server options box, select the Enable round robin and Enable netmask ordering check boxes.
Click OK.
Install the WSUS servers
Install and configure the WSUS servers on the subnets. For information about how to install a WSUS server, see Install the WSUS 3.0 SP2 Server.
Configure the roaming client computers to use the same host name
You must configure each roaming client computer to use the same host name that you used to set up the DNS host (A) resource records. You can configure this setting in either of the following ways:
By using Group Policy, as described in the “Specify intranet Microsoft Update service location” section of Configure Automatic Updates using Group Policy.
By using Registry Editor to set the WUServer and WUStatusServer keys, as described in Configure Automatic Updates using Registry Editor.