If you don't need advanced management of WSUS, e.g. hiding particular
updates for a group of Computers or the other way around, then forget
about the WSUS server and add this in your Squid Proxy Configuration:
refresh_pattern windowsupdate.com/.*\.(cab|exe) 4320 100% 43200
reload-into-ims;
refresh_pattern download.microsoft.com/.*\.(cab|exe) 4320 100% 43200
reload-into-ims;
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe) 4320 100%
43200 reload-into-ims;
There is another option within Squid for preventing partial downloads.
That is important for the automatic windows updates. The hook is, this
option is set as a global option, so it would also affect other sites
and downloads. It will improve the windows update cache significantly,
but might disturb you if downloads disrupt often. With that option Squid
will block any partial downloads. In practical terms, if you continue a
download or use a download manager which splits the downloads into
several smaller ones, it blocks those download requests. Only a fresh
start of the download will and work and thus is how the cache works much
better. Squid cannot cache partial downloads so far, which would mean to
combine bits and peaces saved in binary form after the download has been
finished.
Rocco
On 16/03/2011 10:51 AM, Simon Vass wrote:
Richard,
http://thelazyadmin.com/blogs/thelazyadmin/archive/2006/06/27/Using-WSUS-without-Active-Directory.aspx
http://technet.microsoft.com/en-us/library/cc720464%28WS.10%29.aspx
So now you just need a tool that can modify registry keys remotely, or just
have it on a script which your admins can run quickly.
Simon Vass
Managing Director
E-Tech Uganda Ltd
http://www.etech.ug
Tel: +256 (0) 312260620 or (0) 312260621
email: [email protected]
skype: e-techservicedesk
----- Original Message -----
From: "Richard Zulu"<[email protected]>
To: "Uganda Linux User Group"<[email protected]>
Cc: "Simon Vass"<[email protected]>
Sent: Wednesday, 16 March, 2011 10:23:48 AM
Subject: Re: [LUG] Squid + Windows Updates
Simon,
I believe I need to configure each and every client to use the WSUS based on
the group policy, right? Since I have no active directory I believe I will use
the Local Group Policy Object.
How about for situations where I have people using personal computers? I cannot
enforce a group policy on that.
Is there a way squid can redirect windows update traffic to the WSUS?
On Wed, Mar 16, 2011 at 9:39 AM, Simon Vass< [email protected]> wrote:
Richard,
Group policy. If you want your clients to use the wsus server, there is a
specific group policy key that changes them. p.s. with that many clients I'd
recommend more than 1 server. You can configure them in a master slave
configuration.
Simon Vass
Managing Director
E-Tech Uganda Ltd
http://www.etech.ug
Tel: +256 (0) 312260620 or (0) 312260621
email: [email protected]
skype: e-techservicedesk
----- Original Message -----
From: Richard Zulu< [email protected]>
To: Uganda Linux User Group< [email protected]>
Sent: Wed, 16 Mar 2011 09:32:02 +0300 (EAT)
Subject: [LUG] Squid + Windows Updates
Hallo Everyone,
Quick Question: I have a WSUS (Windows Server Update Services) within my
network. I have close to 10,000 clients and I implement transparent proxying
within my network. I use Squid as the web cache.
How best can I redirect traffic on port 80 from my network to microsoft
windows updates websites, to my WSUS instead of the internet?
_______________________________________________
The Uganda Linux User Group: http://linux.or.ug
Send messages to this mailing list by addressing e-mails to: [email protected]
Mailing list archives: http://www.mail-archive.com/[email protected]/
Mailing list settings: http://kym.net/mailman/listinfo/lug
To unsubscribe: http://kym.net/mailman/options/lug
The Uganda LUG mailing list is generously hosted by INFOCOM:
http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The mailing list host is not responsible for them in any
way.
