Solved

Push windows update to XP desktops only

Posted on 2010-08-23
17
921 Views
Last Modified: 2012-05-10
Hi we have a single domain forest running Windows Server 2008 R2 as a domain controller.  Under this domain are desktops running XP, Vista and Windows 7 as well as servers running 2000, 2003, 2008 and 2008 R2.

I am currently creating some group policies, however they are not getting pushed out properly to the XP desktops because some of them don't haveGroup Policy Preference Client Side Extensions for Windows XP (KB943729) installed.


Is there a way that I can have this update go out to all XP computers only on this domain?
0
Comment
Question by:jamorlando
  • 8
  • 5
  • 2
  • +2
17 Comments
 
LVL 3

Accepted Solution

by:
tomex07 earned 150 total points
ID: 33502522
Do you have WSUS 3?
This update is available in Windows Update so you can approuve the installation for all the computers in your domain. If it is not a Windows XP (Vista, Seven), the update will not be installed.
Or if you have groups of computers only apply for the group you want.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 150 total points
ID: 33502525
If you are running WSUS you should be able to deploy it that way.  If not you can test out the script here:
http://msmvps.com/blogs/cgross/archive/2008/12/16/installing-group-policy-preferences-client-side-extensions.aspx
***I have not tested that script, we have WSUS
Laura also has a great post about XMLLite.  http://www.shutuplaura.com/journal/2008/5/30/deploying-the-group-policy-preferences-cse-via-wsus.html
If you are running SP3 you are good to go for XMLLite
Thanks
Mike
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33502553
You will need to deploy this from WSUS or get your users to manually go out to the Microsoft Update site and download this directly. All Windows Update files are in the form on EXE files. I would just create a simple document and get the user to install this update via windows update site if you do not have wsus in place. If you do have wsus accept the update (KB943729) and push out to you desktops.

0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:jamorlando
ID: 33504500
Do I need to install WSUS 3.0 SP2 on my domain controller, or can I install it on any server on the domain, so long as I provide Administrator credentials?  I'd rather not install IIS on the domain controller/DNS server here.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33504536
You don't have to run it on a DC...your thinking is on the money, try to keep a DC a DC :)
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 33507210
It is also not recommended to install WSUS on a DC unless this is your only server
0
 

Author Comment

by:jamorlando
ID: 33535004
Thanks guys .. it took me a couple days to get the change to install WSUS.  It's installed now.

I would like to push out the Group Policy Preferences Client Side Extensions for Windows XP to all the XP machines here.

Would I create a Windows XP OU in AD and then use group policy to push it out to only those users, or can I just run it from WSUS and WSUS will know which machines to install it on?
0
 

Author Comment

by:jamorlando
ID: 33535378
Also I'm trying to follow the Windows Help tutorial to set up WSUS.
In the first step it says:
To load the WSUS Administrative Template
--In Group Policy Object Editor, right-click either of the Administrative Templates nodes. ---Click Add/Remove Templates.
--Click Add.
--In Policy Templates, click wuau, and then click Open.
--Click Close to dismiss the dialog box.

When I Add it starts me off in the C:\Windows\inf directory.  There is no file called wuau in there.  When I do a search of the machine, it looks like there are four locations.  How do I know which one to use?

C:\Windows\SYSVOL\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Adm\wuau.adm
C:\Windows\SYSVOL\domain\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Adm\wuau.adm
C:\Windows\SYSVOL\sysvol\iks.bz\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Adm\wuau.adm
C:\Windows\SYSVOL\sysvol\iks.bz\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Adm\wuau.adm


Sorry for all the questions.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33535528
Those other locations are from policy's that may already be in place or orphand policies. If you go to this link and just download the 2003admsetup.msi file it contains the wuau.adm file which you will then store in the "inf" folder.
http://www.microsoft.com/downloads/details.aspx?FamilyID=92759d4b-7112-4b6c-ad4a-bbf3802a5c9b&displaylang=en
0
 

Author Comment

by:jamorlando
ID: 33535595
Thanks but my DC is running Windows 2008 R2, and this is only for 2003.  When I did some searches for 2008 Templates, I couldn't find anything.  Thoughts?
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 33535793
0
 

Author Comment

by:jamorlando
ID: 33535805
Hmmm it only says Windows Server 2008, not Windows Server 2008 R2.  Is this a concern?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33535835
It shouldn't be at all. Same platform just a different release.
0
 

Author Comment

by:jamorlando
ID: 33536101
Thanks.  I installed 2008ADMX.msi and preferences.msi from that page, and there isn't a wuau file.
0
 

Author Comment

by:jamorlando
ID: 33536166
OHHH ... I found wuau.adm.  It is in the Windows\inf folder on the server that I installed WSUS on.  Can I copy this to my domain controller and then proceed with the steps?
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 33542150
Yes exactly, once you have done this you should be on your way.
0
 

Author Comment

by:jamorlando
ID: 33566806
Awesome.  I was able to push Group Policy Extensions to my coworker's machine successfully.  I will be testing it on a few more machines and then deploying it througout the organization.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question