(Optional) Provision additional server roles

You can install additional server roles to scale your Patch Manager deployment. For example, if Patch Manager and the WSUS server are installed on separate servers running different Windows Server® operating systems, install the Automation Server on the server hosting the WSUS server to prevent an API mismatch error when you publish the updates. This configuration enables the WSUS server to communicate with the Primary Application Server and publish updates to the managed systems.

Additionally, you can deploy an Automation Server to support load balancing scenarios, fault tolerance scenarios, or isolated or access-controlled networks, (such as a perimeter (DMZ) network).

The following table describes additional server roles you can install in your Patch Manager deployment. To provision an additional role, run the Patch Manager installer on a dedicated server to install the new server role.

Server Role Description
Application Server

Provides a separate console connection point for load balancing, separate business units, or users located at separate locations.

Automation Server

Provides a workers service so the Primary Application Server can delegate the Automation Server to create connections to specific hosts. The server also bridges the gap between disparate WSUS API versions included with different Windows Server versions.

Management Server

Manages Server Manager servers in secondary management groups.

See the Patch Manager Administrator Guide for details about advanced deployment scenarios you can incorporate in your deployment.

See the Patch Manager Installation Guide for instructions about installing the Patch Manager software and the system requirements for each server role.

  1. Run the Patch Manager installer on the targeted server.
  2. When prompted, select the targeted server role, and click Next.

  3. Complete the steps in the installer.