Solved

Push windows update to XP desktops only

Posted on 2010-08-23
17
930 Views
Last Modified: 2012-05-10
Hi we have a single domain forest running Windows Server 2008 R2 as a domain controller.  Under this domain are desktops running XP, Vista and Windows 7 as well as servers running 2000, 2003, 2008 and 2008 R2.

I am currently creating some group policies, however they are not getting pushed out properly to the XP desktops because some of them don't haveGroup Policy Preference Client Side Extensions for Windows XP (KB943729) installed.


Is there a way that I can have this update go out to all XP computers only on this domain?
0
Comment
Question by:jamorlando
  • 8
  • 5
  • 2
  • +2
17 Comments
 
LVL 3

Accepted Solution

by:
tomex07 earned 150 total points
ID: 33502522
Do you have WSUS 3?
This update is available in Windows Update so you can approuve the installation for all the computers in your domain. If it is not a Windows XP (Vista, Seven), the update will not be installed.
Or if you have groups of computers only apply for the group you want.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 150 total points
ID: 33502525
If you are running WSUS you should be able to deploy it that way.  If not you can test out the script here:
http://msmvps.com/blogs/cgross/archive/2008/12/16/installing-group-policy-preferences-client-side-extensions.aspx
***I have not tested that script, we have WSUS
Laura also has a great post about XMLLite.  http://www.shutuplaura.com/journal/2008/5/30/deploying-the-group-policy-preferences-cse-via-wsus.html
If you are running SP3 you are good to go for XMLLite
Thanks
Mike
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33502553
You will need to deploy this from WSUS or get your users to manually go out to the Microsoft Update site and download this directly. All Windows Update files are in the form on EXE files. I would just create a simple document and get the user to install this update via windows update site if you do not have wsus in place. If you do have wsus accept the update (KB943729) and push out to you desktops.

0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:jamorlando
ID: 33504500
Do I need to install WSUS 3.0 SP2 on my domain controller, or can I install it on any server on the domain, so long as I provide Administrator credentials?  I'd rather not install IIS on the domain controller/DNS server here.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33504536
You don't have to run it on a DC...your thinking is on the money, try to keep a DC a DC :)
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 33507210
It is also not recommended to install WSUS on a DC unless this is your only server
0
 

Author Comment

by:jamorlando
ID: 33535004
Thanks guys .. it took me a couple days to get the change to install WSUS.  It's installed now.

I would like to push out the Group Policy Preferences Client Side Extensions for Windows XP to all the XP machines here.

Would I create a Windows XP OU in AD and then use group policy to push it out to only those users, or can I just run it from WSUS and WSUS will know which machines to install it on?
0
 

Author Comment

by:jamorlando
ID: 33535378
Also I'm trying to follow the Windows Help tutorial to set up WSUS.
In the first step it says:
To load the WSUS Administrative Template
--In Group Policy Object Editor, right-click either of the Administrative Templates nodes. ---Click Add/Remove Templates.
--Click Add.
--In Policy Templates, click wuau, and then click Open.
--Click Close to dismiss the dialog box.

When I Add it starts me off in the C:\Windows\inf directory.  There is no file called wuau in there.  When I do a search of the machine, it looks like there are four locations.  How do I know which one to use?

C:\Windows\SYSVOL\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Adm\wuau.adm
C:\Windows\SYSVOL\domain\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Adm\wuau.adm
C:\Windows\SYSVOL\sysvol\iks.bz\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Adm\wuau.adm
C:\Windows\SYSVOL\sysvol\iks.bz\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Adm\wuau.adm


Sorry for all the questions.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33535528
Those other locations are from policy's that may already be in place or orphand policies. If you go to this link and just download the 2003admsetup.msi file it contains the wuau.adm file which you will then store in the "inf" folder.
http://www.microsoft.com/downloads/details.aspx?FamilyID=92759d4b-7112-4b6c-ad4a-bbf3802a5c9b&displaylang=en
0
 

Author Comment

by:jamorlando
ID: 33535595
Thanks but my DC is running Windows 2008 R2, and this is only for 2003.  When I did some searches for 2008 Templates, I couldn't find anything.  Thoughts?
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 33535793
0
 

Author Comment

by:jamorlando
ID: 33535805
Hmmm it only says Windows Server 2008, not Windows Server 2008 R2.  Is this a concern?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33535835
It shouldn't be at all. Same platform just a different release.
0
 

Author Comment

by:jamorlando
ID: 33536101
Thanks.  I installed 2008ADMX.msi and preferences.msi from that page, and there isn't a wuau file.
0
 

Author Comment

by:jamorlando
ID: 33536166
OHHH ... I found wuau.adm.  It is in the Windows\inf folder on the server that I installed WSUS on.  Can I copy this to my domain controller and then proceed with the steps?
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 33542150
Yes exactly, once you have done this you should be on your way.
0
 

Author Comment

by:jamorlando
ID: 33566806
Awesome.  I was able to push Group Policy Extensions to my coworker's machine successfully.  I will be testing it on a few more machines and then deploying it througout the organization.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
GPO on certain users 17 33
Event ID 29 KDC Win 2008 R2 DC 6 16
DCOM was unable to communicate with the computer 8 30
MFA in Azure for a hybrid org 2 34
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question