Presentation is loading. Please wait.

Presentation is loading. Please wait.

Patch management with ZenWorks James Dore, IT Officer, New College /

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Patch management with ZenWorks James Dore, IT Officer, New College /"— Presentation transcript:

1 Patch management with ZenWorks James Dore, IT Officer, New College james.dore@new.ox.ac.ukjames.dore@new.ox.ac.uk / http://www.new.ox.ac.uk/~james/zwpm

2 Should you need to ask, here’s why… Blaster, Sasser, Sadmind… Bug fixes in later software releases (Applications as well as OS) Consistent environment

3 Caveats… Windows 2000, XP and 2003 Microsoft does not support earlier versions except via windowsupdate.com (although NT uses the same registry keys – might work!)

4 Options The Quick option The Cheap but clever option (good for firewalled environments) The Belt and Braces option

5 The Quickie Use Zenworks to push registry keys configuring the Automatic Updates Client What is the Automatic Updates Client? Start -> Control Panel - > Automatic updates 7 registry keys Can be pushed out with a Simple Application object Can be automatically re- run to ensure consistency Change one object to change multiple PC’s

6 Registry Keys, #1 HKLM\Software\Policies\Microsoft\Windo ws\WindowsUpdate\AU\ NoAutoUpdate Range = 0|1. 0 = Automatic Updates is enabled (default), 1 = Automatic Updates is disabled.

7 Registry Keys, #2 HKLM\Software\Policies\Microsoft \Windows\WindowsUpdate\AU\ AUOptions Range = 2|3|4. 2 = notify of download and installation, 3 = auto download and notify of installation, and 4 = auto download and scheduled installation. All options notify the local administrator

8 Registry Keys, #3 HKLM\Software\Policies\Microsoft \Windows\WindowsUpdate\AU\ ScheduledInstallDay Range = 0|1|2|3|4|5|6|7. 0 = Every day; 1 through 7 = the days of the week from Sunday (1) to Saturday (7).

9 Registry Keys, #4 HKLM\Software\Policies\Microsoft\Wind ows\WindowsUpdate\AU ScheduledInstallTime Range = n; where n = the time of day in 24-hour format (0-23).

10 The Cheap and clever option Run your own Microsoft Software Update Server (SUS) Requires a Windows 2000/2003 server with IIS SUS is a free download! http://www.microsoft.com/windowsserv ersystem/sus/default.mspx http://www.microsoft.com/windowsserv ersystem/sus/default.mspx

11 Installing SUS 1 Download the installer. Run it. Accept the license, then decide where you want to store your local copy of the patches as so:

12 Installing SUS, 2 Decide which language versions you want.

13 Installing SUS, 3 Decide how you want to approve updates. All /new/ updates must be manually approved, but revised versions can be automatically accepted.

14 Installing SUS, 4 Ready to install!

15 Administering SUS Done via a web browser, either on the same machine, or remotely. First, sync your SUS Server Then set a schedule Time for a live demo…. http://patch.new.ox.ac.uk/SUSAdminhttp://patch.new.ox.ac.uk/SUSAdmin

16 Configure your workstations Three more registry keys, which further modify the Automatic Updates Client Tells the workstation to use a Specific WU or SUS server Specifies that server

17 Registry Keys, #5 HKLM\Software\Policies\Microsoft\Wind ows\WindowsUpdate\AU UseWUServer Set this to 1 to enable Automatic Updates to use the Software Update Services server as specified in the WUServer value.

18 Registry Keys, #6 HKLM\Software\Policies\Microsoft\Wind ows\WindowsUpdate\ WUServer Sets the Windows Update intranet server by HTTP name (for example, http://intranetSUS).

19 Registry Keys, #7 HKLM\Software\Policies\Microsoft\Wind ows\WindowsUpdate\ WUStatusServer Sets the Windows Update intranet statistics server by HTTP name (for example, http://intranetSUS).

20 All the Reg keys together:

21 Zenworks Caveats Zenworks for Desktops 4 makes things much easier Registry modifications need local Administrator rights ZfD 4 (and possibly 3.2) allow this, without giving your users local Administrator rights Otherwise, the installing user needs to be a workstation Administrator.

22 Belt and Braces New Novell product: ZenWorks Patch Management Not a new product – Novell have licensed PatchLink Update Services (PLUS) An internet-based repository of software patches, which you can mirror locally.

23 ZenWorks Patch Management Covers not only Windows operating systems, but applications as well And not only Microsoft applications Adobe, Macromedia, Corel…

24 How it works Installs a small client utility on workstations (deploy it with ZfD!) This analyses installed software versions Retrieves specific patches from your mirror Very similar to SUS, but far more broad in scope.

25 Licensing requirements Demo version has 10 client license for 90 days. Salford MLA: £20 for media, £2.71 per seat, per year

26 System requirements Windows 2000/2003 server IIS No other web services – so needs it’s own hardware Comprehensively broke SUS when installed on same machine! Requires lots of disk space – about 8Gb Peculiarly, exists outside of eDirectory (Wait for Zenworks 6.5?)

Download ppt "Patch management with ZenWorks James Dore, IT Officer, New College /"

Similar presentations

cViewSUITE View, Schedule & Distribute your Crystal Reports

cViewSUITE View, Schedule & Distribute your Crystal Reports
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Backing Up Your Computer Hard Drive Lou Koch June 27, 2006.

Backing Up Your Computer Hard Drive Lou Koch June 27, 2006.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
WSUS Windows Update Services

WSUS Windows Update Services
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Week 12 - Lesson 19: Configuring and Managing Updates

Week 12 - Lesson 19: Configuring and Managing Updates
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.
How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.

How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Source XP vs Windows 7 XPWin 7.

Source XP vs Windows 7 XPWin 7.

Similar presentations

Ads by Google