Deploy Service Pack 3 for XP via Login script in a Windows 2003 server environment
I want to Deploy Service Pack 3 for XP to our XP Service pack 2 clients via a Login script.
I have multiple sites to update to service pack 3, so I have decided to send a CD out to the sites and included on the CD will be the WindowsXP-KB936929-SP3-x86
The CD will be put in the site server's CDROM. From there I wish to run a script that installs both XP SP3 and the new dot net.
Can someone please provide me with a script or batch file to complete this task when a user logs into their machine. For example - User logs in and the script checks if they are updated to XP SP3 with latest dotnet, if not, the script runs and install begins, if so the script closes.
I have multiple sites to update to service pack 3, so I have decided to send a CD out to the sites and included on the CD will be the WindowsXP-KB936929-SP3-x86
The CD will be put in the site server's CDROM. From there I wish to run a script that installs both XP SP3 and the new dot net.
Can someone please provide me with a script or batch file to complete this task when a user logs into their machine. For example - User logs in and the script checks if they are updated to XP SP3 with latest dotnet, if not, the script runs and install begins, if so the script closes.
hmmm not very elegant solution (quite ugly IMHO all users are admins???)
try WindowsXP-KB936929-SP3-x86
better use WSUS...you need it for patch management
or a at least a GPO software installation (with DFS you can get a source to be local)
m a r c
try WindowsXP-KB936929-SP3-x86
better use WSUS...you need it for patch management
or a at least a GPO software installation (with DFS you can get a source to be local)
m a r c
ASKER
okay then how do I use group policy with DFS to install the XP SP3
WSUS is not yet in use.
The trouble is the large cross site topology. I don't want to install from our central server as each site will have to download it from that central server causing havoc on our bandwidth. I have a W2k3 DC at each site so can someone give me info on how to deploy the SP3 via GPO without pointing to one DC to flood our bandwidth.
WSUS is not yet in use.
The trouble is the large cross site topology. I don't want to install from our central server as each site will have to download it from that central server causing havoc on our bandwidth. I have a W2k3 DC at each site so can someone give me info on how to deploy the SP3 via GPO without pointing to one DC to flood our bandwidth.
ASKER
I followed the directions of this article
http://technet.microsoft.c
That will work fine, BUT, I can't have each client at our multiple sites coming back to the central server where the share is located to get the XPSP3 update, otherwise they might as well just download it off the internet themselves.
I would love for the XPSP3 update to be somehow assigned to each sites Domain controller and then when the users login, they get a Group Policy that direct's them to a share on their local Domain controller to install XPSP3.
I do not want to have to login to each of our 38 Domain controllers at our 38 sites and setup a share, and copy the XPSP3 update into it unless absoulutely necessary.
http://technet.microsoft.c
That will work fine, BUT, I can't have each client at our multiple sites coming back to the central server where the share is located to get the XPSP3 update, otherwise they might as well just download it off the internet themselves.
I would love for the XPSP3 update to be somehow assigned to each sites Domain controller and then when the users login, they get a Group Policy that direct's them to a share on their local Domain controller to install XPSP3.
I do not want to have to login to each of our 38 Domain controllers at our 38 sites and setup a share, and copy the XPSP3 update into it unless absoulutely necessary.
Well, you have two options (that I know of).
Put the file on a DFS share that has replication partners at all the sites that need the update. Point the GPO towards the \\DFSShare\Path\Update.exe
OR
Create a OU in AD for each site, associate the machine accounts from the various sites with their respective OUs, and apply different GPOs to each specifying a local path.
Put the file on a DFS share that has replication partners at all the sites that need the update. Point the GPO towards the \\DFSShare\Path\Update.exe
OR
Create a OU in AD for each site, associate the machine accounts from the various sites with their respective OUs, and apply different GPOs to each specifying a local path.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
oups just noticed
38 DCs ???????? how many users ?
thousands ?
forget all that; get professional help and install a deployment tool such as SMS or other
hundreds?
then you've got a design problem I would speculate half of WAN traffic is used for replication.
m a r c
38 DCs ???????? how many users ?
thousands ?
forget all that; get professional help and install a deployment tool such as SMS or other
hundreds?
then you've got a design problem I would speculate half of WAN traffic is used for replication.
m a r c
Yeah, I didn't realize you had 38 sites with 38 DCs. You should REALLY have a WSUS or SMS infrastructure to manage your updates.
ASKER
Okay so I setup a software install policy to distribute Adobe Reader (as a test) and it worked fine. The folder I put the installer in was \\ourdomain.com\SYSVOL\our
This worked fine from my PC in the same site as the main domain controller. This adobe folder has replicated out to our 38 sites overnight, so they now all have a copy of it in their local DC SYSVOL folders.
If I was to apply the GPO to one of the sites, would it now install Adobe Reader from it's local DC SYSVOL folder, or would it come back to the main domain controller? How would I confirm where it is installing it from?
Is there a problem in using the SYSVOL folder to deploy software, or should I be using a DFS share. If I should be using a DFS share, does that replicate to all sites like SYSVOL and if so where is it located?
This worked fine from my PC in the same site as the main domain controller. This adobe folder has replicated out to our 38 sites overnight, so they now all have a copy of it in their local DC SYSVOL folders.
If I was to apply the GPO to one of the sites, would it now install Adobe Reader from it's local DC SYSVOL folder, or would it come back to the main domain controller? How would I confirm where it is installing it from?
Is there a problem in using the SYSVOL folder to deploy software, or should I be using a DFS share. If I should be using a DFS share, does that replicate to all sites like SYSVOL and if so where is it located?
ASKER
Easy for you to say, you didn't inherit a network with many problems in terms of it's design. I know many of the risks faced with what I am trying to accomplish using SYSVOL, but we are desperate to get this update out to our sites and I have a deadline of 1 week so I would appreciate advice rather than petty criticism when you know nothing of our time contraints or the state of the network.
As long as your AD sites are set up correctly the clients should read the SYSVOL folder from the local DC against which they authenticate.
I think your a little over the line lecaf.
I think he is well aware that his network isn't in the best shape, but he is asking a question so he can do a job in the time allotted with the tools he currently has. There is no need to come down hard on him.
I think he is well aware that his network isn't in the best shape, but he is asking a question so he can do a job in the time allotted with the tools he currently has. There is no need to come down hard on him.
ASKER
I have implemented DFS and setup replication to occur during the night. Because of this I am now able to apply a GPO to distribute the patch without dramaticly affecting the network.
http://www.itcore.us/windows/38-windows-xp-professional/93-deploy-windows-xp-service-pack-3-using-group-policy
Also, I take it you don't have WSUS in your infrastructure?