RE: Windows SUS Question

["Glenn Pearl" <glennp () datasync com>]

In my testing, I was able to use the policy file to apply the SUS
configuration using Local Security Policy on an client system that had a
different workgroup name than the SUS server system (ie: no Domain
involved at all).  Automatic updates worked without problem or error
using this method.

I would guess that the SUS client configuration could also be applied
with a registry import.

Regards,
Glenn Pearl

> -----Original Message-----
> From: Andrew Shore [mailto:andrew.shore () holistecs com]
> Sent: Thursday, April 15, 2004 2:58 AM
> To: Leon; security-basics () securityfocus com
> Subject: RE: Windows SUS Question
>
> SUS uses win2k policy installation. Therefore, the patches are applied
> by the local service account.
>
> You set up an MS policy (policy file is supplied with SUS) which tells
> the machines where to get the update list from and when to apply.
>
> This does imply, of course that all machines are in a Domain and not a
> workgroup.
>
> Andy
>
> -----Original Message-----
> From: Leon [mailto:roastin () yahoo com]
> Sent: 14 April 2004 19:50
> To: security-basics () securityfocus com
> Subject: Windows SUS Question
>
> Hi everyone,
>
> My question regarding SUS is dealing with security
> permissions.  Lets say 20 servers are part of a work
> group; is their still a way to use SUS under the
> context of the local system account or something
> similar to be able to centrally deploy patches in a
> de-centralizied network environment.  I have a
> workgroup that needs to have patches deployed and I
> would prefer to use something like SUS which is
> central as opposed to something like Hfnetcheck pro.
>
> Thanks in advance,
>
> Leon
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - File online by April 15th
> http://taxes.yahoo.com/filing.html
------------------------------------------------------------------------
> ---
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
> off
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert
instructors.
> Attend a course taught by an expert instructor with years of
> in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills
> of an Ethical Hacker to better assess the security of your
organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
> ----
------------------------------------------------------------------------
---
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
> any course! All of our class sizes are guaranteed to be 10 students or
less
> to facilitate one-on-one interaction with one of our expert
instructors.
> Attend a course taught by an expert instructor with years of
in-the-field
> pen testing experience in our state of the art hacking lab. Master the
skills
> of an Ethical Hacker to better assess the security of your
organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------