>
> "Brian H. Gibb" <BrianHGibb[ at ]discussions.microsoft.com> wrote in message
> news:F4111C89-1110-4F99-A61D-EC768AE302AB[ at ]microsoft.com...
> >I haven't found it yet in WSUS 3.0, but is there a way to setup the system
> >to
> > not automatically do an install, but show if the clients need an update.
>
> Well, actually, this is the *default* configuration of WSUS 3.0!
>
> If you do nothing but select products and classifications, execute a
> synchronization, leave all updates as "Not Approved", and properly configure
> policy to cause clients to 'check-in' with the WSUS server, the server will
> show which clients need an update.
>
> > That is the way we had WSUS 2.0 configured, it did an automatic install on
> > our test machines, but only a check to see if the update was needed on all
> > others. Then as we rolled them out, we did it a container at a time.
>
> This happened because you had a default rule set to "Auto-approve for
> Detect" on Critical and Security Updates. In WSUS 3.0 that 'default rule' is
> enabled, by default, on *all* update classifications, and is not
> configurable. Ergo, the default behavior of WSUS 3.0 is identical to the
> default behavior of WSUS 2.0, as relates to Critical/Security Updates, plus
> WSUS 3.0 also auto-detects other types of updates, and the "feature" is not
> configurable.
>
> So, what it is that's happening in your environment that leads you to
> believe this is not the behavior that you are experiencing?
>
> --
> Lawrence Garvin, M.S., MCTS, MCP
> Independent WSUS Evangelist
> MVP-Software Distribution (2005-2007)
>
https://mvp.support.microsoft.com/profile=30E00990-8F1D-4774-BD62-D095EB07B36E>
> Everything you need for WSUS is at
>
http://technet2.microsoft.com/windowsserver/en/technologies/featured/wsus/default.mspx>
> And, almost everything else is at
>
http://wsusinfo.onsitechsolutions.com> .....
>
>
>