Solved

SUS Script

Posted on 2004-10-19
8
312 Views
Last Modified: 2006-11-17
Is there a sc ript that I can run on my clients to pull the updates from my SUS SERVER?

I have them scheduled for 3:00 am. I am doing some testing and from the looks of it Windows update is done on the whole whole hour...
12:00
1:00
2:00
etc:

How can I just force this connection?


Also......... after the SUS has an update that has to restart will it restart and continue pulling the remaining updates?
0
Comment
Question by:zyanj
  • 4
  • 3
8 Comments
 
LVL 6

Expert Comment

by:mslunecka
ID: 12349869
You can't with SUS.  There is a built in "wiggle room" in the timeframe for when clients download and install patches from SUS.  You can set it in group policy along with your other SUS settings.  You must already have a policy that sets the time and enforcement level for SUS to be working at all.  SUS is already a scripted pull...what it sounds like you want is an automated push...which is tricky without a desktop management suite (SMS, landesk, altiris)...because you can't just say "execute this file" without first determining whether it has already been installed, what OS it relates to, whether the user even has the software package it is updating.  Those are the things that you get for free with SUS, but it happens on the client's schedule, not yours.

What you can do is to change your policy to enforce download and installation at a certain time.  What are your current GPO settings for SUS?
0
 
LVL 17

Accepted Solution

by:
Microtech earned 50 total points
ID: 12586815
you can ...
Force the application of the group policy. Computers reapply group policies every 90 minutes, with a random offset of up to 30 minutes. So, you might have to wait as long as 2 hours for computers in your domain to start checking the SUS server for approved updates. To force the immediate application of the group policy on a Win2K machine, log on to the computer, open a command shell window, and run the command

secedit /refreshpolicy machine_policy

That computer should now start downloading any updates you've approved. If you're on an XP machine, run Gpupdate instead with no parameters.

Because you configured the SUS server to synchronize only the catalog, your AU clients will download the updates from a Windows Update server. When you come in the next morning, log on to one of your computers and open the Control Panel Add/Remove Programs applet. You should see the updates you approved earlier.
0
 

Expert Comment

by:ras2247
ID: 14010680
Is it possible to force a group policy from the server to all workstations in the OU?? Rather than using GPUDATE at every PC Console...
0
 
LVL 17

Expert Comment

by:Microtech
ID: 14010781
open your own question and you may get an answer, this one is closed
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 6

Expert Comment

by:mslunecka
ID: 14010784
All group policies are "forced" on workstations.  I think what you're asking is if there is a way to force a gpupdate from the server to every workstation.  The answer to that is yes, but it's not a push-button kind of thing.  It requires extra software and/or scripting ability.  

The simplest thing to do is simply to tell everyone to reboot their computers.  Certain GPOs only apply at startup.  Others apply at logon and some others will apply while the computer is running.  In your default domain policy there is a setting for the group policy refresh rate.  I think the default is like 16 hours or something like that.  You can change that on the domain controllers and force it to refresh more frequently.  On my network it's 90 minutes.  Then just tell everyone to reboot before they go home and they'll be all set.
0
 
LVL 17

Expert Comment

by:Microtech
ID: 14010787
the answer is yes btw... but open and i will tell you how
0
 
LVL 6

Expert Comment

by:mslunecka
ID: 14010868
Oh, and also remember that the IIS user accounts need to be renamed.  THey are specific to the name of the server.

IUSR_SERVERNAME
and
IWAM_SERVERNAME

0
 
LVL 6

Expert Comment

by:mslunecka
ID: 14010901
whoops, wrong window
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Staging desktop / laptop tools 5 100
Administrator Tools 2 70
DNS Dynamic Update 7 62
Inventory equipment in the office 7 100
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now