Computer groups are located on the WSUS server. These groups are used to logically separate machines targeted for patching. Sometimes referred to as WSUS groups or WSUS target groups, these groups display in the navigation pane under Computers and Groups > All Groups.
A default WSUS installation uses Server Side Targeting. When you point a client machine to a WSUS server through Group Policy, the computer displays under Unassigned computers until you move it to another specific group. You can create WSUS groups using various logical grouping based on your needs, such as Servers, Workstations, Operating System, or a name that represents a physical location. After you create the group, move each computer client into the group.
Client Side Targeting is another option. Normally enabled through Group Policy, each machine places itself in a group. Using this method, each machine receive Group Policy from their organizational unit (OU), and each OU can be configured to automatically drop the client machines into the the correct WSUS group.
To create a Patch Manager computer group:
- Log in to the Patch Manager Administrator Console as an administrator.
- In the navigation pane, expand Enterprise and select Microsoft Windows Network.
- In the Actions pane, click Add Patch Manager Computer Group.
- In the Patch Manager Computer Group Management window, enter or select a name for the computer group.
- (Optional) Enter a description for the group.
Select the computers to add to the group. See Computer selection for details.
To create a dynamic computer group, select Add computers using rules, and then create the requisite rule(s) for the types of computers you want in the group. See Select computers using rules for details.
The Patch Manager computer groups display in the navigation pane under Microsoft Windows Network.