Job Management Partner 1/Software Distribution Administrator's Guide Volume 1
If WSUS is hierarchized, the WSUS function (Replica Mode) enables you to use the highest WSUS to manage all the lower WSUSs. However, you must manually register into a WSUS computer group a client that is managed by a lower WSUS.
In JP1/Software Distribution, you can use the dcmwsus command on lower WSUS servers to synchronize the configuration of the WSUS computer group and the authentication status of update programs, and to register clients into the WSUS computer group. By using this command, you can reduce the workload in a large system of using WSUS to manage update programs.
When a hierarchized WSUS is linked, JP1/Software Distribution connects only to the highest WSUS. To specify settings for a lower WSUS, use the dcmwsus command.
For details about how to execute the dcmwsus command, see 4.25 dcmwsus.exe (executing WSUS synchronization) in the manual Administrator's Guide Volume 2.
This subsection describes the operation method when a WSUS server with a hierarchical structure is linked.
The WSUS computer group created from a host group of JP1/Software Distribution is placed in the highest WSUS. However, a client that is not managed by the highest WSUS server is not registered into the created WSUS computer group even if that client is included in the host group.
To register a client managed by a lower WSUS server into the WSUS computer group, you must execute the dcmwsus command. In this case, execute the dcmwsus command twice, once for each of the purposes described below:
By executing the command on each WSUS, you can match the clients that are registered in the host group and in the WSUS computer group.
You can also use the dcmwsus command to create a WSUS computer group in the highest WSUS.
You can use the dcmwsus command to apply to a lower WSUS the authentication status of update programs that was set by the highest WSUS.
When the dcmwsus command is executed to create a WSUS computer group synchronously with the highest WSUS, the authentication status of update programs is also applied to the lower WSUS.
The following shows an example of operation when WSUS with a hierarchical structure is linked.
Figure 7-15 Example of operation when WSUS with a hierarchical structure is linked (1/2)
To link with WSUS with a hierarchical structure:
Figure 7-16 Example of operation when WSUS with a hierarchical structure is linked (2/2)
If you have created or changed a WSUS computer group or changed the authentication status of update programs by the highest WSUS, use the dcmwsus command to execute synchronization and client registration on the lower WSUS.
If the lower WSUS has a multi-level structure, synchronization may not result in deletion of update program authentication status and WSUS computer group depending on the timing. Therefore, Hitachi recommends that you periodically execute synchronization on the lower WSUS.
All Rights Reserved. Copyright (C) 2009, 2013, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated.