Patch management with SMS

[OmegaXero]

I have SMS 2003 w/SP1 deployed on a small test network inside my company. So far we have been able to distribute applications just fine, I have silent installations of several programs in good working order. However, I cannot figure out the necessary steps that I need to take in order to get patch management/distribution to work thru SMS 2003. Anyone here have any knowledge of this?

 

[Rogue]

Have you installed the Security Patch application on your SMS server yet?

http://www.microsoft.com/downloads/deta...-48F2-B2C6-B0A38B2FEF77&displaylang=en

Once you have that installed, it should set itself up as a package at which point you can set it to scan your machines for the patches they need, similar to an MBSA scan en masse against all your SMS systems managed. From that point, you can click on the Software Updates folder in your SMS Console and see the patches it has available to install on clients. Right-click on Software Updates and go through the Distribute Software Updates wizard to push patches out. It's a pretty decent process all things considered.

 

[OmegaXero]

How do I set it to scan my machines for the patches they need?

I already have the security patch application installed on my server. When I click on the Software Updates category I can see a list of all the available patches, so at least that part appears to be working. I'm just confused as to where I go from there.

 

[Rogue]

Right click on Software Updates and select Distribute Software Updates. The wizard is well written and describes the steps fairly well. When you installed the Security Updates scanner, it should set itself up to run on a weekly interval I believe. It should appear as a package that runs against the collection your specify.

 

[OmegaXero]

OK, I'll give all this a shot tomorrow, thanks for the advice and info.

 

[OmegaXero]

I don't see any patches for windows XP. Is this normal?

 

[nweaver]

SMS (in my experience) is a bear to learn and setup.

 

[OmegaXero]

It has been tough but so far the features and remote inventory capabilities are just awesome. Very useful utility for anyone involved with a spread out network consisting of hundreds of different types of computers. Now if I could just get this patch distribution to work.