| hanso1976 |
| (Fresh Scripter) |
| 2013-05-18 12:08 PM |
Windows7 Hotfix Deployment
|
Hi all, Just to note I am fairly new with Kix.
We have rolled out Windows7 32 and 64bit desktops and laptops (using WDS) and are looking at the best ways of keeping the clients updated with MS patches. We have been using kix along with su on our XP desktops for patching (su used for installing as administrator).
I am wondering what would be the best method of checking if a particular patch exists and if not then to run the MS patch file from a shared server location. I think with Win7 it will need running as administrator though.
Any advice or examples of scripts would be very helpful
Thanks, Hans
| Mart |
| (KiX Supporter) |
| 2013-05-18 12:46 PM |
|
Re: Windows7 Hotfix Deployment
|
Installing updates (or any kind of software) during the logon process is not really the best option. It will "pause" the logon process until the installation is done. We have been using WSUS to keep all clients up to date for years and it is working just fine. A GPO is applied to all affected OU's so the clients get the required settings.
WSUS only works for MS patches and some drivers but it does a great job. I would not recommend driver updates using WSUS instead just update your WDS image regularly.
| Arend_ |
| (MM club member) |
| 2013-05-18 01:11 PM |
|
|
Re: Windows7 Hotfix Deployment
|
As Mart pointed out, from an administrative standpoint, WSUS is your best option.
However if you want to check things manually, or scriptable check out MSBA
Oh and if you run a single WSUS server (meaning no upstream or downstream WSUS server, you can also check out Local Update Publisher
Here you can add 3rd party stuff, like Adobe Flash, Java Sun etc. also driver packages if they are packaged. But keep in mind, this requires some expertise and messes up your environment if you are running upstream and downstream WSUS servers.
| hanso1976 |
| (Fresh Scripter) |
| 2013-05-18 01:57 PM |
|
Re: Windows7 Hotfix Deployment
|
Thanks Mart and Arend for the direction, I will have a look at wsus
Glenn Barnas
|
| (KiX Supporter) |
| 2013-05-20 01:29 AM |
|
|
Re: Windows7 Hotfix Deployment
|
WSUS is great - just be sure to allocate sufficient space for the download folder. 150-200G is plenty, and less is OK if you run the cleanups each month or so.
I have some tools on my web site that let you script the install time - particularly nice for servers as you can install updates precisely between 23:00 and 00:59 on the third Friday of every month, for example, instead of "around 11pm (+/- 20 minutes) every Friday. My tools also apply the updates repeatedly within the change window so all pre-requisite patches are installed and the server rebooted, rather than waiting for another patching session.
Glenn