We have a WSUS install on a Windows Server 2008 machine and everything is going as well as it can be. We had the WSUS checking for updates for Server 2008 but as the server contains a number of critical systems, we can not afford to restart it. The question now is:
Is there a problem with, or a reason why we shouldn't, remove/ing the Server 2008 machine from the WSUS computer list and change the registry settings so it goes back to checking against the Windows Update server.
While I was working on the setup and reading instructions for our new server, it seems as though you are always supposed to set the server to check the WSUS install for updates, not leave it pointed at the standard Windows Update server thus my confusion.
Best Answer
Treat the OS for your WSUS server like every other server. The WSUS server itself (as with all your machines) should point at WSUS to get its updates.
WSUS is (hopefully, and almost certainly) configured to check with Microsoft to get updates, so pointing the WSUS server at WSUS to get its updates keeps your environment consistent by ensuring that whatever updates policy you have applies to all your servers/clients, rather than letting your WSUS server skip around that policy by going directly to Microsoft.