Re: Experiences with automaticWindows Updates

[Michael_Maloney <Michael_Maloney () MIDDLESEXCC EDU>]

Jeff,

What I have done is use a SUS server, and then in the person's login script,
the start/stop commands for Automatic updates (NET STOP WUAUSERV, NET START
WUAUSERV).  This forces the system to look at the server, and update the PC.

This seems to catch new updates at each login, vice the "I hope it works"
way it seems to work with Automatic Updates just sitting there waiting to do
a update

Mike

********************************************
Mike Maloney
Sr. System Engineer
Middlesex County College
2600 Woodbridge Avenue
Edison, NJ 08818
Phone: 732-906-7754
Cell: 908-217-2086
Fax: 732-906-4266
Email: Michael_Maloney () middlesexcc edu
********************************************


-----Original Message-----
From: Jeff Giacobbe [mailto:giacobbej () MAIL MONTCLAIR EDU]
Sent: Friday, June 11, 2004 9:53 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Experiences with automaticWindows Updates

Greetings,

Our campus is in the final stages of developing a standard Windows XP
image to be deployed on all University owned PC desktops and laptops.
Our standard image is based on XP Pro, Service Pack 1 with all of the
latest patches.

So far the only real functional problem we have run into is inconsistent
results when trying to automate Windows Update to run once a day.
Sometimes it will work fine, but often it will fail to download the
updates, or download them but not install them.

Initially we attempted to run Windows Update as a scheduled task, but
found it would only work if an Admin was logged in (the vast majority of
our users will be logging into their machines as PowerUser with added
group rights of Backup Operator and Network Config Operator.) Currently,
we have configured the Windows Updates as a System Properties task that
is running the "AUTOMATIC WINDOWS UPDATE CLIENT" (ie, wuauclt.exe) which
runs once per day at noon and (usually, but not always) downloads and
installs updates regardless of who is logged on.

Has anyone else had problems getting automated Windows Updates to work
reliably?  Any tips for configuring this beast to work as advertised?
;-)  We done a little bit of trolling on Google and found a number of
people reported bad experiences with the whole process, but others that
have it working fine.

Thanks in advance,

Jeff Giacobbe
Director of Systems, Security, and Networking
Montclair State University

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.