Re: Non-Admin Installing Security Updates
From: Torgeir Bakken (MVP) (Torgeir.Bakken-spam_at_hydro.com)
Date: 02/18/04
- Next message: Torgeir Bakken (MVP): "Re: Force Logoff When Logon Hours Expires in XP Pro"
- Previous message: Anne: "Sprynet has taken over my home page setting"
- In reply to: anonymous_at_discussions.microsoft.com: "Non-Admin Installing Security Updates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 Feb 2004 22:28:58 +0100
anonymous@discussions.microsoft.com wrote:
> Is there a way to allow users in a network environment to
> update their own Security patches without giving them
> admin rights or paying microsoft a fortune for the
> software to do it?
Hi
E.g. SUS supports this...
You could consider implementing SUS (free) or something similar (links to some
3rd party products further down) for security patches.
Microsoft Software Update Services (SUS)
http://www.microsoft.com/windowsserversystem/sus/default.mspx
Patch Management Using Microsoft Software Update Services - Operations Guide
http://www.microsoft.com/technet/itsolutions/msm/swdist/pmsusog.asp
Note that the current version will only install critical updates and security
rollup packages (SRPs), as well as SP4 for Win2k and SP1 for WinXP.
A new version is in the works:
http://groups.google.com/groups?selm=ungsInEZDHA.2336%40TK2MSFTNGP09.phx.gbl
SUS needs to be installed on a IIS server. Supports Win2k, WinXP and Win2k3
clients only. SP1 for WinXP and SP3/4 for Win2k installs the WU/SUS client as
default.
There is a separate newsgroup for SUS:
microsoft.public.softwareupdatesvcs
news://msnews.microsoft.com/microsoft.public.softwareupdatesvcs
URL to the group softwareupdatesvcs for those who uses the Web
interface to access the newsgroups:
http://www.microsoft.com/windowsserver2003/community/newsgroups/dgbrowser/en-us/default.mspx?dg=microsoft.public.softwareupdatesvcs
A Web site about SUS with a FAQ and a SUS forum:
SUSserver.com
http://www.susserver.com/
More Web sites about SUS
http://www.cites.uiuc.edu/sus/faq.html
http://www.faqshop.com/sus/default.htm
http://computing.fusion13.com/SUS/Microsoft-Software-Update-Services-SUS.shtml
When evaluating hotfix administration methods/programs,
there are also 3rd party solutions available that will
give a lot more than what SUS offer, but of course, they
are not free. It is as always a cost/benefit analyze that
needs to be done.
Below is links to a 3rd party product example that does
not need a server to run and no IIS is needed (it supports
NT4 clients as well). You can deploy mostly all types of
hotfixes and service packs from an ordinary workstation
if you want.
UpdateEXPERT from Sunbelt
http://www.sunbelt-software.com/product.cfm?id=357
UpdateEXPERT reseller with a price list
http://www.softwareshelf.com/products/display.asp?p=71
Shavlik's HFNetChkPro/HFNetChkLT
If 10 computers or less htfnetchkLT is free (http://www.shavlik.com), it can
scan and push patches. It also finds patches needed for Office as well, and it
gives a really nice graphical analysis of the patch from truesecure.
Here is a third party product that supports Win9x and WinME as well:
PatchLink's Update
http://www.patchlink.com
-- torgeir Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter
- Next message: Torgeir Bakken (MVP): "Re: Force Logoff When Logon Hours Expires in XP Pro"
- Previous message: Anne: "Sprynet has taken over my home page setting"
- In reply to: anonymous_at_discussions.microsoft.com: "Non-Admin Installing Security Updates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
