Educause Security Discussion mailing list archives

Re: Remote domain joined computer updates


From: "Seymour, Patrick" <000000ddbd4dcc33-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Thu, 27 Aug 2020 19:37:21 +0000

A quick and cheap option, one that requires them to visit campus one more time, is to create a configuration item in 
MECM/SCCM. You can test the connection to the WSUS server, and if that fails, remove the WSUS registry entries.  When 
the client comes back to campus, GPO will put the entries back. And then of course, they go home, the CI sees that the 
WSUS server is unreachable, and removes the entries again.

Here's a gist containing our detection and remediation scripts for this CI.

https://gist.github.com/pseymour/150efeaec12a032c158579057a44c994

--ps

Patrick S. Seymour | Manager, Application Delivery
Sinclair Community College | 444 West Third Street | Room 13-023Q (sometimes) | Dayton, OH 45402
937.512.2118 | patrick.seymour () sinclair edu<mailto:patrick.seymour () sinclair edu>


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Blake Brown
Sent: Thursday, August 27, 2020 14:05
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Remote domain joined computer updates

Good afternoon,

We have run into an issue with staff who are using domain joined Windows computers at home due to COVID who cannot get 
Windows/AV updates due to GPO's, these users are not VPN users.

One option is to ask them to return periodically to the campus for updates but I think we all know how that will play 
out. We would like to minimize our VPN/DUO licensing cost if possible, so we are looking for alternatives to meet this 
need. How is your college handling this?

Thanks,
Blake Brown
Infrastructure Manager

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community<https://www.educause.edu/community>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread: