Educause Security Discussion mailing list archives
Re: Desktop patch management?
From: Eoghan Casey <eco () CORPUS-DELICTI COM>
Date: Fri, 12 Sep 2003 15:40:46 -0400
Brian,
Good point. Although you can reconfigure systems that are not in the domain to obtain updates from a local SUS server, you cannot automatically require them to do so. Somehow you need to reconfigure each system because you cannot apply a group policy to them.
I would like to learn more about the specifics of how you have been getting users to reconfigure their systems. Would you be willing to share the script that you use?
Also, have you had any difficulties meeting the different needs of different groups? For instance, system administrators who will blame you for deploying a patch that disables something on their server? Do you require users to click on an informed consent page before reconfiguring their systems?
Have you considered requiring all Windows systems on your network to be configured to obtain patches in this manner? If so, how?
Thank you for the clarification,
Eoghan Casey
203-645-2774
On Friday, September 12, 2003, at 02:37 PM, Brian K. Dore' wrote:
Eoghan said:
>Automatic delivery of patches using a local SUS server requires systems to be in a domain.
I have to point out that this is not correct. An SUS server provides the update catalog and patches via anonymous HTTP connections. The windows update client is configured to use an SUS server by setting registry entries. (can be a simple .reg file, a script, etc.) We have a large number of non-domain based clients updating from our servers.
Brian Doré
Office of Information Systems
UniversityofLouisianaatLafayette
Current thread:
- Desktop patch management? Craig W. Drake (Sep 12)
- <Possible follow-ups>
- Desktop patch management? Craig W. Drake (Sep 12)
- Re: Desktop patch management? Omar Herrera (Sep 12)
- Re: Desktop patch management? Eoghan Casey (Sep 12)
- Re: Desktop patch management? Ariel Silverstone (Sep 12)
- Re: Desktop patch management? LaSandra DeLeon (Sep 12)
- Re: Desktop patch management? Ariel Silverstone (Sep 12)
- Re: Desktop patch management? Brian K. Dore' (Sep 12)
- Re: Desktop patch management? Eoghan Casey (Sep 12)
- Re: Desktop patch management? Clyde Hoadley (Sep 12)
- Re: Desktop patch management? Brian K. Dore' (Sep 12)
- Re: Desktop patch management? Dan Roberts (Sep 12)
- Re: Desktop patch management? Melissa Guenther (Sep 13)
- Re: Desktop patch management? Craig W. Drake (Sep 16)
- Desktop patch management? Smith, Barry (Sep 30)
- Re: Desktop patch management? Craig W. Drake (Sep 30)
- Re: Desktop patch management? Christian Grewell (Sep 30)
- Re: Desktop patch management? Marty Hoag (Sep 30)