Mass roll out of Patches
Results 1 to 10 of 10

Thread: Mass roll out of Patches

  1. #1
    Junior Member
    Join Date
    Sep 2001
    Posts
    27

    Mass roll out of Patches

    Hello All

    I am pretty new to the whole network admin stuff, and was wondering how you guys patched multiple systems.

    Have you written programs, batch file, or are there openly availiable peices of software that i can download.

    Remember any info is good info

    Thanks
    Dahquim
    What colour do smurfs go when they hold there breath???

  2. #2
    Member
    Join Date
    Jun 2002
    Posts
    53
    Try this


    LANDESK


    Good luck!
    [glowpurple]\"I like to think of myself as a sensitive inteliigent person with the soul of a clown that forces me to blow it at the most important times.\" Jim Morrison[/glowpurple]

  3. #3
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Their a few way..

    1)I know Windows 2003 have a features to push update to home user. (Didn't use it yet but I'm ager to test it when my boss will upgrade to Windows 2003

    2)You can use bat file at login.

    3)Third Party Program

    4)The Old stupid way to log at each computer manually.

    I'm sure their is other way but that all I got in mind for now.
    -Simon \"SDK\"

  4. #4
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    View the thread here .


    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  5. #5
    Junior Member
    Join Date
    Sep 2001
    Posts
    27
    Thank you all.

    Here is what i tried to do with the MSBlaster fix.

    I added these lines into the login script

    :: MSBlaster Fix
    if exists c:\winxp.exe goto exit
    copy \\server\fixes\winxp.exe c:\winxp.exe
    c:\winxp.exe

    This maybe a little different but the syntax was right.
    Anyway it copied the file across but when it ran the file, it says that the user does not have rights to update the system. i did not want to enable rights, so i went around logged on as admin and then installed the patch manually, (which was a pain).

    This is what got me on to the idea of a mass roll out.

    Anyway If anyone has any hints on the login script thing let me know

    Thanks Dahquim
    What colour do smurfs go when they hold there breath???

  6. #6
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Every thing you ever wanted to know about M$ patch management from the horses mouth. Including the kitchen sink....

    http://www.microsoft.com/technet/tre...ch/default.asp


    Microsoft Systems Management server is also a decent tool, in my opinion it should be FREE! Considering the fact that recent versions of MS porducts are not extremely safe. Without firewalls we would all be screwed. There is a trial version if anyone wants to try it. It implements security scanning with patch management. The problem, it's expensive and that's BS.

    http://www.microsoft.com/smserver/default.asp
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  7. #7
    The Iceman Cometh
    Join Date
    Aug 2001
    Posts
    1,210
    Try Microsoft Software Update Server: http://www.microsoft.com/windows2000...us/default.asp

    It's free. It currently only support Windows updates, but nominations are going out for SUS 2.0 Beta which will patch Exchange, SQL, Office, etc. all from one centralized location. Best way to go if you're on a tight budget. If you're looking to spend money, I'd either recommend Microsoft SMS or St. Bernard UpdateEXPERT (www.updateexpert.com)

    AJ

  8. #8
    Senior Member
    Join Date
    Feb 2002
    Posts
    130
    If you want to roll out patches without using any client program you can use the push technology of HFNetChkLT http://www.shavlik.com/pHFNetChkLT.aspx . Just found it on a Google search . This will let you manage up to 50 machines totally free of charge. I think this will also work on older machines if you have any, unlike SUS which I believe only works with 2000/XP. Suppose it depends how many machines you have got.

    The reason you cannot deploy patches using logon script is that the commands run with the privileges I believe, which can be handy if you want to use the to assign user permissions to their home dir using cacls rather than doing them all seperately. Somebody please correct me if I am mistaken.

  9. #9
    Junior Member
    Join Date
    Aug 2003
    Posts
    3
    If you are running a Windows 2000 or Windows 2003 server you can use the group policy features to install any application or patch when a user log's onto the network. It works like a login script. If you are pushing out software you do have to create an .MSI file for it to work. Search the MS Knowledge base for related info.

  10. #10
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Win2k3sux is correct; providing you have active directory and all 2k and XP machines for clients. It's called an Application Policy. MSI files provide the answers to installation dialog boxes. There are several white papers on it but I have never tried to push and upgrade.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides