Configure SUP correctly for updates in PKI Environment

[Raghuasr29]

Hello Team,

Hope everyone is keeping well and safe during this hard time.

So we are in co-management environment and have CMG and prmary site server (LABMPS001) with roles as MP, SUP, etc hosted in Azure. Everything seems to be working fine such as app deployment, OSD, drivers push, etc. Only problem we have now is machines are not getting updates which after troubleshooting I found because we had our DP1 mentioned in boundary groups reference which doesn't have SUP role configured. To be sure I attached our primary site server (LABMPS001) hosted in azure as Site System Server under References tab of BoundaryGroups property, post this updates started working.

However; this lead to a new issue where OSD TS started taking 4 hours to complete since it was trying to get policies over WAN link to Azure.
Now, what could be solution of this? Please advise.

I came up with this option -> Configure SUP on other 2 on-prem DP and but this will require me to configure WSUS on each server, right? I personally this will make things way more complicated.

 

[gupta32123]

Hi, As you attached the Primary site to be sure. why don't to add the SUP role to your DP. And Try to Deploy a Few Update and track them via Logs. I think you will get a resolution or you will be more close to the error.

 

[Raghuasr29]

All sorted now. I had to migrate internal traffic to https and move WSUS DB to SQL from WID. This allowed me to extend the existing SU DB and add 3 SUP server from different domains as well.