Teired Software Update Server
Problem: You have 10 software update servers that you only allow certains updates to be download by the clients. If you setup all the server individually, every time a new update comes out it will downloaded from Apple's master Software Update Server and you will have to enable that update on all 10 servers. Here is how you can have 1 internal master and other slave servers in a way that if you enable update on the Master and all the slave servers will mirror that.
1. On the Master SUS: ServerAdmin -> Server's Name -> Software Update -> Settings, you will select "Copy All updates from Apple" but uncheck "Automatically enable copied updates".
2. On the Master SUS: ServerAdmin -> Servername -> Software Update -> Updates, here you will select the approved Updates you want to provide to the slave server and ultimately your clients.
3. On the Slave SUS: First we need to backup the configuration file located at /etc/swupd/swupd.plist file. You can do this in the Terminal application by entering the following command:
sudo cp /etc/swupd/swupd.plist /etc/swupd/swupd.plist.bak
4. One the Slave SUS: Now we can modify the file using the Terminal application by using the following command:
sudo /usr/libexec/PlistBuddy -c 'set metaIndexURL http://Internal_Master.com:8088/catalogs.sucatalog' /etc/swupd/swupd.plist
5. On the Slave SUS: ServerAdmin -> Server's Name -> Software Update -> Settings, you will select "Copy All updates from Apple", "Automatically enable copied updates" and "Delete outdated software updates.
