Patch solution
Patch solution
What do you guys use for patch solutions for a Windows 2000 environment? about 70 users.
It will be fixed in Toril 2.0.
Aremat group-says 'tanks i highly suggest investing 20 silver in training weapons from cm to cut down on the losing scales to shield'
Aremat group-says 'tanks i highly suggest investing 20 silver in training weapons from cm to cut down on the losing scales to shield'
-
kiryan
- Sojourner
- Posts: 7275
- Joined: Sat Apr 14, 2001 5:01 am
- Location: Los Angeles, CA and Flagstaff, AZ
- Contact:
windows automatic updates? Just turn them on have it set to install at shutdown. let users know not to hard power down their computers even if they seem to be taking a long time to shut off.
---
if your talking applying like 3rd party patches and stuff... I haven't used that stuff since it was in its infancy... Here are some of the things I tried and how well they worked.
1. Email blast with instructions.
Doesn't cost you much money, just make sure you test it well and don't blast too many people at one time, because if they break it, your team hast to go fix it and you don't want 40 people broken down at one time.
2. Automated execution through the login script
A lot of smaller companies don't even have a login script so setting this up is not ideal. Plus, a lot of patches can't be automated through the login script because of need for user input.
3. repackaging tools
There are some tools you can use to capture all the "changes" a program makes then it just blasts those changes out without the benefit of an install process. Works pretty well typically if your users aren't monkeying around with their systems. However if they install their own software (or do their own updates) these repackaging tools don't typicall work well because they are targetting specific hardcoded directories and registry entries.
4. One of the big remote management tools, HP one view, Microsoft SMS (or whatever its called now), CA has one ect ect ect ect... These are typically very very expensive and require a month of training to just to implement. But, rolling out brand new apps is fast easy and can be done from your desk.
5. Citrix... If you have a citrix implementation then you just patch the 3 or 4 servers and thats it. Of course then desktops become glorified terminals since all the apps are running on the server. More expensive than #4 and add 3 months of training. Lots of benefits like being able to offer the users their exact desktop environment anywhere on the planet, but very expensive to buy and maintain and lots of high end specialty apps are citrix unfriendly (like 8 years ago autocad was not an app you could run on citrix).
---
if your talking applying like 3rd party patches and stuff... I haven't used that stuff since it was in its infancy... Here are some of the things I tried and how well they worked.
1. Email blast with instructions.
Doesn't cost you much money, just make sure you test it well and don't blast too many people at one time, because if they break it, your team hast to go fix it and you don't want 40 people broken down at one time.
2. Automated execution through the login script
A lot of smaller companies don't even have a login script so setting this up is not ideal. Plus, a lot of patches can't be automated through the login script because of need for user input.
3. repackaging tools
There are some tools you can use to capture all the "changes" a program makes then it just blasts those changes out without the benefit of an install process. Works pretty well typically if your users aren't monkeying around with their systems. However if they install their own software (or do their own updates) these repackaging tools don't typicall work well because they are targetting specific hardcoded directories and registry entries.
4. One of the big remote management tools, HP one view, Microsoft SMS (or whatever its called now), CA has one ect ect ect ect... These are typically very very expensive and require a month of training to just to implement. But, rolling out brand new apps is fast easy and can be done from your desk.
5. Citrix... If you have a citrix implementation then you just patch the 3 or 4 servers and thats it. Of course then desktops become glorified terminals since all the apps are running on the server. More expensive than #4 and add 3 months of training. Lots of benefits like being able to offer the users their exact desktop environment anywhere on the planet, but very expensive to buy and maintain and lots of high end specialty apps are citrix unfriendly (like 8 years ago autocad was not an app you could run on citrix).
If you have an AD environment, you can use Group Policy to install/update software. If you don't use GPOs, you'll need to do your homework - but it's worth it...
Here's a couple of links and examples
https://thesource.ofallevil.com/technet ... epsp2.mspx
http://www.gpanswers.com/community/viewtopic.php?t=620
http://support.microsoft.com/kb/328010/
Here's a couple of links and examples
https://thesource.ofallevil.com/technet ... epsp2.mspx
http://www.gpanswers.com/community/viewtopic.php?t=620
http://support.microsoft.com/kb/328010/
Targsk group-says 'i just wanna cr and try this again before i start feeling like moritheil'
Haven't researched much into how AD works, but is there an option to make it so people can have access to patching Windows only? I don't want to give them access to all software.
It will be fixed in Toril 2.0.
Aremat group-says 'tanks i highly suggest investing 20 silver in training weapons from cm to cut down on the losing scales to shield'
Aremat group-says 'tanks i highly suggest investing 20 silver in training weapons from cm to cut down on the losing scales to shield'
Kelzen wrote:If you have an AD environment, you can use Group Policy to install/update software. If you don't use GPOs, you'll need to do your homework - but it's worth it...
Here's a couple of links and examples
https://thesource.ofallevil.com/technet ... epsp2.mspx
http://www.gpanswers.com/community/viewtopic.php?t=620
http://support.microsoft.com/kb/328010/
I would go for GPO's...deffo worth it.
Other options would be to combine the automatic updates with your squid proxy server if you have one This way the updates are only downloaded one time and stored in the proxy cache, so that clients aren't using so much bandwidth to download the files. We do this in our tech room with an MS ISA server implementation so that when we update people's computers that they bring in, the updates download almost instantaneously. Automatic Updates enabled on WinXP or 2000 Pro SP4 clients would be just as fast and easy.
Another option would be to go with Windows Software Update Service on your server (wsus). Do some reading on this. Basically what this does is turn your server into a Windows Udpate server, and then through a group policy object or registry key (I forget which) you assign the clients to point to your server for Windows Updates, and it automates from there.
Another option would be to go with Windows Software Update Service on your server (wsus). Do some reading on this. Basically what this does is turn your server into a Windows Udpate server, and then through a group policy object or registry key (I forget which) you assign the clients to point to your server for Windows Updates, and it automates from there.
Vaprak, the Destroyer
-Formerly Tempus of HomelandMUD -- pre-merger
-Formerly Tempus of HomelandMUD -- pre-merger
Return to “General Discussion Archive”
Who is online
Users browsing this forum: No registered users and 28 guests