Cleanup Tools on WSUS Hierarchy

  • Article

Introduction

Cleaning a WSUS server is important, it allows you to delete the database updates expired, replaced or computer that have not contacted the WSUS server for over 30 days. 

Solution

The tool is accessible from the WSUS console                

This can be complicated when using a hierarchy of server. In this case, it is very important to manage the servers in the first downstream.

Once  the downstream server is completed, the operation can be performed on  all the upstream servers         

It is very important to follow this order otherwise updates on downstream servers may be in the category not approved. It will not be possible to remove them from the console.

This happened to me, there is a week and the problem was solved by developing a powershell script. The latter function was to modify the database so that updates are placed in relevant updates refused.

  The operations are as follows:

  • Configure all downstream servers so that synchronisation is done manually
  • Run the cleaning tool

This is done through the WSUS console : Tools - SynchronisationSchedule

Thereafter the cleaning tool can be run on each server.

Finally, the cleaning operation can be performed on the upstream server. Wen the cleaning operation is performed on each server, then it is possible to configure the synchronization to run automatically