Re: MS04-015 patch
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 05/14/04
- Next message: terrimundt_at_cs.com: "gunshot sounds in Internet Explorer"
- Previous message: Drew Cooper [MSFT]: "Re: EFS Add Users Command Line Tool?"
- In reply to: Craig Sniff: "Re: MS04-015 patch"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 May 2004 18:45:34 -0700
As far as I know any old admin account can install
that patch. It is good you are on the ball (you would
be surprised what has been seen in logon scripts).
Tell them that Sus is a one-day task to implement, and
you can config all W2k Sp3 or 4 and XP Sp1 boxes as
clients with gpo.
-- Roger Abell Microsoft MVP (Windows Server System: Security) MCSE (W2k3,W2k,Nt4) MCDBA "Craig Sniff" <craig_sniff@shamrockfoods.com> wrote in message news:c91101c438f7$204fe140$a101280a@phx.gbl... > As past patches have been successfully installed via the > same distribution method, I'm assuming that there's some > domain policy which is preventing "admin" users from > installing this particular patch, but we haven't been > able to determine what it is. > > As far as whether or not testing occurs for the patch, it > does. If the script sees that the patch has already been > installed, it doesn't try to install it again. > > As far as SUS is concerned, we keep pushing for it to be > implemented just to avoid headaches such as this, but it > hasn't been made "priority" yet. > > Thanks. > >-----Original Message----- > >Install needs admin. Now, why it does not work if > >as you state they are admins is something to figure. > >In general, applying sec patches with a login script > >is not a good solution. For one thing, are you testing > >to see if it is needed, or just reapplying it after lunch > >when then come back and log in again ?? > > > >If you have a server with IIS, install Sus and point > >your clients autoupdate service at your Sus. You can > >configure the machines to install the needed service > >even when the users are users (not admins) as they > >really should be. > > > >-- > >Roger Abell > >Microsoft MVP (Windows Server System: Security) > >MCSE (W2k3,W2k,Nt4) MCDBA > >"Craig Sniff" <craig_sniff@shamrockfoods.com> wrote in > message > >news:c24801c43845$672abed0$a001280a@phx.gbl... > >> What rights are required by an end user to be able to > >> install the patch for MS04-015? As an admin, I have no > >> problems installing the patch, but when the patch is > >> pushed out via a login script, XP users are > getting "You > >> do not have permission to update Windows XP" messages. > >> These users are set up as admins on their local > >> stations. What is missing? > > > > > >. > >
- Next message: terrimundt_at_cs.com: "gunshot sounds in Internet Explorer"
- Previous message: Drew Cooper [MSFT]: "Re: EFS Add Users Command Line Tool?"
- In reply to: Craig Sniff: "Re: MS04-015 patch"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
Loading
