Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Selective Updates for SBS 2008 & Network with all Win 7 computers.

Posted on 2013-01-23
Medium Priority
Last Modified: 2013-01-23

I have been tapped on the shoulder to remotely do our server updates (SBS 2008) and office machine updates (5 machines Running WIN 7).

Currently, the Server+Machines are updated on-site once a month. I was told that the current "tech" does select updates because he "knows" which updates to do that won't cause problems.

I know you can Google for "Buggy Win 7 updates" or Buggy SBS 2008 Updates"  But I really need someone to give me concise points to look for. I am not a total noob, just have been out of the server/client machine field for a while.

Can someone validate what they are saying about the tech makes sense?
Also they said something about the tech said you have to wait until like the 3rd week of every month for the non-buggy updates to come out or something to the effect.

Now, to me that last paragraph sounds a little bit more like a tech excuse as to WHEN he wants to update whether it be due to his schedule or what.

Can someone please validate this info and point me in the right direction as to the best mode of operation to do this via RDP since I am not on-site?

Thanks in advance.
Question by:Korelian-
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Accepted Solution

albelo earned 1000 total points
ID: 38812049
Microsoft usually releases updates on the 2nd Tuesday of the month.  The tech is most likely waiting until the 3rd week of the month to do the updates to see if there are any reported problems within the last week with the updates MS released.

In a small environment like that, I would make sure you have a good backup of the server before applying updates.  I'd also notate which Patches / Updates were applied in case you have to roll back.

As for the Win 7 machines, always good to make a restore point before applying updates for the same reason.

In a larger environment, good practice to have a few test users/systems to apply patches to first to verify there are no problems before applying to all other systems.

Author Comment

ID: 38812259
So the best way to do this after having appropriate backups would be

{}- Do an inventory of the last updates/patches done by previous tech.
{}- Keep a log of patches/updates for Server & a log for each machine seperately
{}- Get list of Updates to be applied after 2nd week release and then watch for bugs from users until third week.

Are there updates/patches you WOULDN'T worry about? like "non-critical" or "non-Security"
What isn't broke don't fix it so to speak except for security patches?

what's your advice on that?
LVL 24

Assisted Solution

smckeown777 earned 1000 total points
ID: 38812263
I would agree to a certain extent...I do the same for some client environments as well, sometimes updates cause issues, so by delaying the process it means you have time to 'hear about' certain update issues and therefore you can then 'select' the good ones from the bad...

As for determining what updates are dodgy there are forums you can check out, or in my case I subscribe to http://www.patchmanagement.org/ - its a mailing list that individuals can send in known issues and through that process you will be informed of the current bugs/issues related to certain updates each month...great resource if you want to stay ahead of the patching problems that will occur from time to time...

So again its not always done, but I'd rather have control over my client environments than just letting the patch rollout happen automatically...and get into trouble
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 38812300
I am DEFINITELY marking you as the solution, and thank you for the added info about subscribing to that list.. very helpful...   but I meant to ask the following also so I didn't want this to close out as RESOLVED before I got all the info I need....

Keep in mind I am doing this all remotely....

access the server, and access each local machine via the server? Does this have to be done via LOCAL admin or can these be installed by the users profile on the machine? or do I log in to any admin profile on THAT particular network machine... (by accessing the users machine through the desktop function on the server, thus logging in as the server admin )

does that make sense?

Thanks so much for your help
LVL 24

Expert Comment

ID: 38812319
Oh...just re-read your original post...

Ok, looks like the tech was manually doing this process to a certain extent...
The best way to do this is WSUS(are you familiar with that?)

WSUS runs on the server(is included with SBS 2008/2011 by default)
It downloads the updates to the server, then the client machines get their updates from the server...you run everything from the server WSUS console...

So in terms of installing the updates you don't do anything, once you 'Approve' the updates from the WSUS console they get installed on the client machines on a schedule(usually 3AM in the morning but this can be changed)

So its not as much work as you think, you approve the updates from the console and the rest takes place in the background...

Def check it out on the server to see if its already up and running, if not you need to start using it - its a life saver for time as well!

Author Comment

ID: 38812445
Ok I thought this was the case but they said the tech goes on each machine and runs MBR defrag and disk check.. which I think it's more to collect the $200 visit than anything because I didn't think it was that complicated.

i'm just doing a refresher course so to speak I used to use Server 2000 and then 2003.(and learning the new feature that they didnt have in those editions)

Author Closing Comment

ID: 38812823
Both of the responders gave me the answers I needed (2 answers needed)

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question