Hi,
Does any one have the big picture of how every component/traffic patterns/communication paths/reports/inventory between Patch Manager (Application/Mgr/Automation), Patch Manager Automation Server, WSUS and Clients work? I read through the Deployment Guide and the Administrator Guide and I am still have some doubts.
we have downstream WSUS servers in multiple locations and each location is connected via IPSEC 512kbps. We have install Automation servers at each location. The main datacentre is holding the Patch Manager PAS (APP/MGR/AUTO) /Upstream WSUS server. I am deploying Microsoft and 3rd party patches using WSUS.
Questions like:-
1. Is WMI provisioning portion only used to inventorize the computers? Is it required if I need to generate reports for Microsoft/3rd party patches installed? Is WMI portion require to deploy 3rd party patches?
2. How do we generate the status of 3rd party updates/installs for each computer as the status is not found in the WSUS console? Will a "WSUS inventory" be sufficient?
3. I have generate a WSUS self-signed certificate for each WSUS (after installing 1.73 PM and kb2720211 on the WSUS/PM server). The clients would need to have the WSUS server's self-signed certificate in their "Trusted Publisher"/Trusted Root containers. Why do i then need to republish each package which was publish before I patch the server?
4. Is my setup ideal for the slow connections between the sites? Would there be a difference if I do not install Automation servers at each location except the datacentre?
Thanks.
adrian