Use the General tab in the Configuration Manager 2007 software update point properties to enable and configure the active software update point for the site. Multiple site systems can be installed with the software update point site role, but only one software update point can be defined as the active software update point. The active software update point is installed on a Windows Server Update Services (WSUS) server and allows Configuration Manager to configure the WSUS server for what software updates will be synchronized and to initiate software updates metadata synchronization from the WSUS database to the site server database.
When there are Internet-based client computers, the active software update point can be configured to allow connectivity from both the intranet and Internet. Or an active Internet-based software update point can be installed on a remote site system to handle all communications from Internet-based client computers. When an active Internet-based software update point is configured, the active software update point allows connectivity from only client computers on the intranet. The Internet-based software update point is configured on the Internet-based tab. For more information, see How to Create and Configure an Active Internet-Based Software Update Point.
The General tab contains the following elements:
- None
- Specifies that the software update point components will be installed on this site system, but the software update point will not be active. Until an active software update point is specified at this site, software updates will not be synchronized and Configuration Manager client computers will not scan for software updates compliance.
- Active software update point on site server
- Specifies that this site server is configured to be the active software update point for this site.
- Active software update point on remote server
- Specifies that the active software update point is enabled on a remote site system server. The name of the site system server is specified in the Active server name setting.
- Use Network Load Balancing cluster for active software update point
- Specifies that the active software update point is configured as a Network Load Balancing (NLB) cluster. The Network Load Balancing Settings must be configured when this setting is selected. For more information about configuring an active software update point as an NLB cluster for the active software update point, see How to Configure the Active Software Update Point Component to Use an NLB Cluster.
- Port number
- Specifies the HTTP port number configured on the WSUS server. The site server uses this port when communicating with the WSUS server. The port number must be from 1 to 65535. For information about finding the port numbers used by WSUS, see How to Determine the Port Settings Used by WSUS.
- SSL port number
- Specifies the SSL (HTTPS) port number configured on the WSUS server. When the Enable SSL for this WSUS server setting is enabled, the software updates components use this port when synchronizing software updates with the WSUS server. When the site is in native mode, this setting is automatically enabled. The port number must be from 1 to 65535.
- Active server name
- Specifies the server name for the active remote software update point. This setting is available only when Active software update point on remote server is specified.
- Network Load Balancing Settings
- Specifies the NLB cluster settings when the active software
update point is configured as an NLB cluster. When configuring the
NLB cluster, specify the following:
- IP address type: Specify one of the
following IP address types:
- IPV4: Specifies that IP version 4 is
used for the virtual address.
- IPV6: Specifies that IP version 6 is
used for the virtual address.
- FQDN: Specifies that a private, fully
qualified domain name is used.
- IPV4: Specifies that IP version 4 is
used for the virtual address.
- Virtual IP or FQDN (private):
Specifies the virtual IP or private FQDN for the address type
specified above.
- FQDN (public): Specifies the FQDN used
by Internet-based clients when connecting to the NLB cluster.
- IP address type: Specify one of the
following IP address types:
- Software Update Point Connection Account
- Specifies the account that is used by the site server when it connects to a remote software update point or an active software update point configured as an NLB cluster. When this account is not specified, the computer account for the site server is used when connecting to the software update point. For more information about this account, see About the Software Update Point Connection Account.
- Allow intranet-only client connections
- Specifies that client connections from Internet-based clients are not allowed on this software update point. Select this setting if Internet-based client computers will connect to an Internet-based software update point. This setting is available only on sites that are configured for native mode.
- Allow both intranet and Internet client connections
- Specifies that connections from both intranet-based and Internet-based clients are allowed on this software update point. When this setting is selected, the settings on the Internet-based tab are disabled. This setting is available only on sites that are configured for native mode.
- Enable SSL for this WSUS server
- Specifies whether to enable Secure Sockets Layer (SSL) for the
WSUS server that is configured to be the active software update
point. When the site server is in native mode, this setting is
enabled by default and cannot be modified. When this setting is
enabled, the following actions apply:
- The WSUS server will synchronize software
updates metadata using SSL. The upstream server must be configured
for SSL or synchronization will fail. For more information about
configuring WSUS for SSL, see How to Configure the
WSUS Web Site to Use SSL.
- Client computers for the site and the WSUS
Web site must have a trusted root CA in common. Without a common
certificate, client computers will fail to scan for software update
compliance. For more information, see Planning for the
Software Update Point Installation.
- The WSUS server will synchronize software
updates metadata using SSL. The upstream server must be configured
for SSL or synchronization will fail. For more information about
configuring WSUS for SSL, see How to Configure the
WSUS Web Site to Use SSL.
- OK
- Saves the changes, and exits the dialog box.
- Cancel
- Exits the dialog box without saving any changes.
- Apply
- Saves the changes, and remains in the dialog box.
- Help
- Opens the help topic for this tab of the dialog box.
See Also
Tasks
How to Add the Software Update Point Site Role to a Site SystemHow to Configure Software Updates Synchronization
How to Configure the Active Software Update Point Component to Use an NLB Cluster
How to Create and Configure an Active Internet-Based Software Update Point
How to Create and Configure an Active Software Update Point
How to Synchronize Updates Using Export and Import
Concepts
About the Software Update PointAbout the Software Update Point Connection Account
Administrator Checklist: Configuring the Software Update Point in a Mixed Mode Site
Administrator Checklist: Configuring the Software Update Point in a Native Mode Site
Determine the Software Update Point Infrastructure
Planning for the Software Update Point Installation
Planning for the Software Update Point Settings