Presentation is loading. Please wait.

Presentation is loading. Please wait.

Patch management using Microsoft Software Update Service 1.0 SP1 Chris Hughes, Systems Architect Warrington College of Business

Published byJocelyn Moore Modified over 8 years ago

Similar presentations

Presentation on theme: "Patch management using Microsoft Software Update Service 1.0 SP1 Chris Hughes, Systems Architect Warrington College of Business"— Presentation transcript:

1 Patch management using Microsoft Software Update Service 1.0 SP1 Chris Hughes, Systems Architect Warrington College of Business Hughescj@ufl.edu

2 Overview What is Software Update Services –Local copy of Windows Update –Allows testing of patches prior to deployment –Integrated with Automatic Updates feature of Windows 2000/XP

3 Server Requirements Windows Server 2000 Server SP2 or Greater Windows Server 2003 Pentium III 733Mhz 512MB RAM 10GB+ HDD

4 Client Requirements Windows 2000 SP2 with Automatic Updates Patch Installed Windows 2000 SP3 or Greater Windows XP with Automatic Updates Patch Installed Windows XP SP1 Windows Server 2003

5 Server Operations

6 Synchronization with Windows Update –Scheduled Synchronization

7 Server Operations

8 Client Options NoAutoRebootWithLoggedOnUsers –Give option to reboot if a user is logged in. NoAutoUpdate –Enable or Disable Auto-Update Installation AUOptions –Notify User of patches available for download –Notify User of patches available for install –Automatic download and installation

9 Client Options ScheduledInstallDay –The days which the installation should occur ScheduledInstallTime –The hour which the scheduled installs should launch RescheduleWaitTime –Time delay after reboot when machine is off during scheduled install time

10 Client Options UseWUServer –Sets the machine to user Windows Update or a Local Software Update Server WUServer –Software Update Server URL WUStatusServer –Statistic Server for Software Update Services

11 Settings via the registry HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU –NoAutoRebootWithLoggedOnUsers Set this to 1 if you want the logged on users to choose whether or not to reboot their system Registry value type: REG_DWORD –NoAutoUpdate 0 = Automatic Updates is enabled (default) 1 = Automatic Updates is disabled. Registry Value Type: REG_DWORD –AUOptions 2 = notify of download and installation 3 = automatically download and notify of installation 4 = automatic download and scheduled installation. All options notify the local administrator. Registry Value Type: REG_DWORD

12 Settings via the registry HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU –ScheduledInstallDay 0 = Every day 1 through 7 = the days of the week from Sunday (1) to Saturday (7). Registry Value Type: REG_DWORD –ScheduledInstallTime The time of day in 24-hour format (0-23). Registry value type: REG_DWORD –RescheduleWaitTime Time in minutes (1-60) Registry value type: REG_DWORD

13 Settings via the registry HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU –UseWUServer Set this to 1 to enable Automatic Updates to use the server running Software Update Services as specified in WUServer below. Registry Value Type: Reg_DWORD HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate –WUServer Sets the SUS server by HTTP name (for example, http://IntranetSUS). Registry Value Type: Reg_SZ –WUStatusServer Sets the SUS statistics server by HTTP name (for example, http://IntranetSUS). Registry Value Type: Reg_SZ

14 Settings via Group Policy

15 Limitations Problems with administrators being able to cancel installations and reboots Unable to push a patch out NOW! Patching are pulled from the server by the client every 17-22 hours. Machines with problems installing patches Windows Service Packs and Critical Patches only Limited reporting

16 SUS-Install.VBS This is a script written by the SUS product team at Microsoft. Resets a client’s settings and schedules an install time Verifies that the Automatic Update Client download patched and scheduled the install

17 Client Side Troubleshooting Not enough disk space –Patches fail to download and do not install Machine has been rebooted previously during Windows Update –Registry settings may be messed up Administrators cancel installations –Disable access to Windows update via GPO or Registry. This forces the patch installaton.

18 Server Side Reporting Limited reporting is available in the product. Logs are in the IIS log files for the SUS Server machine http://www.susserver.comhttp://www.susserver.com has some scripts to improved reporting http://www.susserver.com

19 New Features for SUS 2.0 ETA 1H 2004 – Public Beta “soon” Support for all Microsoft Products including Office, Exchange, and SQL. Better reporting of patch status (Success, Failure with reason codes, Integration with Active Directory) More options for dealing with patch installation with administrators logged in

20 New Features for SUS 2.0 Deployment of different patches to specific target machines. Filtering using WMI Managed machine database SUS-Install.VBS built into server product

21 More Information Websites –Software Update Services Home Page http://go.microsoft.com/fwlink/?LinkId=6930 http://go.microsoft.com/fwlink/?LinkId=6930 –http://www.SUSServer.Com http://www.SUSServer.Com –http://bear.cba.ufl.edu/SUS http://bear.cba.ufl.edu/SUS Newsgroups –microsoft.public.softwareupdatesvcs –Email Addresses –Feedback - cwufdbk@microsoft.com cwufdbk@microsoft.com –Product Manager - Jose Morris - a-jomorr@microsoft.com Jose Morrisa-jomorr@microsoft.comJose Morrisa-jomorr@microsoft.com

22 Any Questions?

Download ppt "Patch management using Microsoft Software Update Service 1.0 SP1 Chris Hughes, Systems Architect Warrington College of Business"

Similar presentations

OVERVIEW TEAM5 SOFTWARE The TEAM5 software manages personnel and test data for personal ESD grounding devices. Test and personnel data may be viewed/reported.

OVERVIEW TEAM5 SOFTWARE The TEAM5 software manages personnel and test data for personal ESD grounding devices. Test and personnel data may be viewed/reported.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Module 1: Installing Windows XP Professional

Module 1: Installing Windows XP Professional
Patch Management –Pedro Carrasquilla –Sean Garrett –Jeni Li Arizona State University East Information Technology October 2, 2003 By Presented to WNUG/CCC.

Patch Management –Pedro Carrasquilla –Sean Garrett –Jeni Li Arizona State University East Information Technology October 2, 2003 By Presented to WNUG/CCC.
WSUS Windows Update Services

WSUS Windows Update Services
Delivering Windows OS Updates at Yale with SUS EDUCAUSE Security Professionals Workshop May 17, 2004 Washington DC Ken Hoover, Systems Programmer

Delivering Windows OS Updates at Yale with SUS EDUCAUSE Security Professionals Workshop May 17, 2004 Washington DC Ken Hoover, Systems Programmer
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Installation and Deployment in Microsoft Dynamics CRM 4.0

Installation and Deployment in Microsoft Dynamics CRM 4.0
Installing Exchange 2010 IT:Network:Applications.

Installing Exchange 2010 IT:Network:Applications.
Patch management with ZenWorks James Dore, IT Officer, New College /

Patch management with ZenWorks James Dore, IT Officer, New College /
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Week 12 - Lesson 19: Configuring and Managing Updates

Week 12 - Lesson 19: Configuring and Managing Updates
SWOCA TSS ACADEMY Implementing Patch Management and Systems Monitoring on Windows Server 2012.

SWOCA TSS ACADEMY Implementing Patch Management and Systems Monitoring on Windows Server 2012.
Lesson 18: Configuring Application Restriction Policies

Lesson 18: Configuring Application Restriction Policies
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.

How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Module 8 Implementing Backup and Recovery. Module Overview Planning Backup and Recovery Backing Up Exchange Server 2010 Restoring Exchange Server 2010.

Module 8 Implementing Backup and Recovery. Module Overview Planning Backup and Recovery Backing Up Exchange Server 2010 Restoring Exchange Server 2010.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

Similar presentations

Ads by Google