• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Need serious help: Auto updating security patches on 200 PC's

G

Grasshopper666

Junior Member
Hi guys.

I'm in a bit of a twist here over the latest security issues with Microsoft and need some help.

What is the best, quickest, easiest, most efficient & effective method of providing automatic service pack & security updates to Windows 98se, 2K, and XP Pro machines running on my network?

I thought of using the auto updater included to update PCs at midnight. However the majority of my users are not computer literate and would destroy their PC's within days, if not hours, if they were given administrator rights. Can the auto updater in 2K/XP be run as a service, and not as the logged-on user?

Would it be better to go with a method that has all the latest service pack & security patches on a local server, and pushes it out nightly (or is pulled, by a login script)?

We used to do it by hand, but we have grown so much this is just becoming unmanageable. I can't ask my users to update themselves either, because they don't have admin privs.

Please let me know your thoughts, I always trust the Andatech folks.
 
1) Get rid of Win 98. It's unmanageable and always will be. The quicker you get rid of Win98 the quicker you'll get these fires under control.

2) Get in a domain environment. Anything else is unmanageable.

3) Download SUS and learn to use it. Update GPO to use SUS.

4) Updates are now a snap.
 
Hey gang.

Having a problem with my Windows 2000 Server. I recently
tried to install SUS and after it failed (kept receiving error trying to get to the SUSadmin webpage) I was going to
remove it and re-install, but I found for some reason my
add/remove button in the control panel no longer
functions. I double click it and the add/remove program
never launches.

This is a serious issue for us as I am now unable to
perform several administrative functions. I have tried
restarting the server and also reinstalling SP4 to no
avail. I scanned for spyware/malware with Ad-aware 6.0
and Spybot search & destroy but came back with no results.

I am now in the middle of an antivirus scan but I am not expecting it to find any virus.

Can anyone give me a hint what might be going on, or is
there a work-around to access add/remove programs?

Thanks
 
Originally posted by: KB
I would try using a tool like Filemon from www.sysinternals.com. It will show you what files windows is trying to load and it may show you that a file is missing.
Click to expand...

Yes we had this problem with one of our servers and this helped us troubleshoot. Another good one is regmon. You can get both at Sysinternals.

For SUS help there's none better then the Microsoft SUS Newgroup. Lots of Microsoft MVPs and employees hang out in there and can really help you out.

We used SUS before moving to SMS and it sound like it will easily accomplish what you want it to do. We only moved to SMS because we needed more than just patch management.
 
I know that's what SMS is for. If done right, you can send out updates whenever you want. Our company's SMS people are retards though so they crash thigns all the time which means mroe work for me reimaging all the hosed systems...
 
Originally posted by: FrankyJunior
I know that's what SMS is for. If done right, you can send out updates whenever you want. Our company's SMS people are retards though so they crash thigns all the time which means mroe work for me reimaging all the hosed systems...
Click to expand...


Then they're not doing something right. SMS is a fine product, if you can get it to work properly. It's very complex.
 
Originally posted by: FrankyJunior
I know that's what SMS is for. If done right, you can send out updates whenever you want. Our company's SMS people are retards though so they crash thigns all the time which means mroe work for me reimaging all the hosed systems...
Click to expand...

I guess that means you have JOB Security.

Just curious. Ever offer to help the retard FIX the SMS
problem if you know what the problem is?

:=)
 
What is the best, quickest, easiest, most efficient & effective method of providing automatic service pack & security updates to Windows 98se, 2K, and XP Pro machines running on my network?
Click to expand...

SUS will take care of your 2k and newer systems. Win98 isn't supported anymore, and SUS doesn't get the updates for it anyway.

SUS is very easy to setup, but you'll have to cover the cost of a Win2k Server license, and a server. I've run it on a 500mhz system before, it'll work fine for your 200 systems if you have a spare old rig and just want to give it a shot. MS recommends at least a P3 700mhz with 256mb ram I think. A 10gb hd will be fine for storage.

Also, SUS ideally can be configured on your clients via Active Directory. However, you can also do it via the registry on each individual workstation. THat's how we do it at my work since we haven't upgraded to active directory yet. Microsoft has a large pdf manual you can download to learn more about SUS.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top