Re: Desktop patch management?

[Christian Grewell <christian () NYU EDU>]

Barry,

The short answer is no, you don't need to have users log into a domain. You can deploy SuS on windowsXP and 2000 (not 
sure about NT 4.0) without an AD domain.

You'll likely be manually importing registry keys to usurp the windows update client (as opposed to using group policy)

You will need either 2000 server or 2003 server to run the SuS server.

The problem is your older clients are not going to be updated  in this environment - without a domain any advanced 
functionality found in packages like SUS and SMS is lost.

Someone on the list had suggested a solution called Ecora (www.ecora.com) , altris is another one that may do what your 
looking for (www.altris.com)

Hope that helps.
-----Original Message-----
From: "Smith, Barry" <bcsmith () BBC EDU>
Date: Tue, 30 Sep 2003 09:59:40
To:SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Desktop patch management?

Several have mentioned the use of Microsoft's SUS to deliver updates to the desktop.  We currently have a mixed 
environment of NT 4.0 and Win 2000 servers but we have NOT gone to Active Directory.  I know that SUS needs to be on at 
least a 2000 server.  Is it necessary to have Active Directory going to use it?  Our clients include a very mixed bag 
of everything from Win 95 to Win XPs.

Thanks.

Barry Smith


---------
Christian Grewell

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.