SUS WSUS and No Touch Deployment

WSUS kicked my butt for the last 48 hours. 

http://www.microsoft.com/windowsserversystem/updateservices/default.mspx

Our .NET Windows No Touch Deployment application was up and running at a client site with no problems. The client installed WSUS on the web server last week. 

Since this install our app has not run.  After hours on the phone with Microsoft and Googling til my fingers bled, I installed everything on another server that did not have WSUS.  Everything worked.

I finally got an answer from another contact at Microsoft. It seems SUS should be on a dedicated system and is not recommended on any server that has other roles.  This is due to the lockdown of that system when SUS is installed. 

So do not install WSUS on your production web server, period.  MS suggests a dedicated box or creating a virtual server if you must run it on the same box as IIS.   

 

1 Comment

  • That's not cool. I'm chasing down the issue of Windows SharePoint Services on a DC right now with PSS. I know Live Communications Server 2005 SP1 has some DC issues as well. It seems the default answer is a dedicated box for anything or give it domain admin access. I think that mentality has to change because there is a reason that granular permission structures were created - so we don't need to manage a billion servers! :)

Comments have been disabled for this content.