Selective Updates for SBS 2008 & Network with all Win 7 computers.

Posted on 2013-01-23
Medium Priority
Last Modified: 2013-01-23

I have been tapped on the shoulder to remotely do our server updates (SBS 2008) and office machine updates (5 machines Running WIN 7).

Currently, the Server+Machines are updated on-site once a month. I was told that the current "tech" does select updates because he "knows" which updates to do that won't cause problems.

I know you can Google for "Buggy Win 7 updates" or Buggy SBS 2008 Updates"  But I really need someone to give me concise points to look for. I am not a total noob, just have been out of the server/client machine field for a while.

Can someone validate what they are saying about the tech makes sense?
Also they said something about the tech said you have to wait until like the 3rd week of every month for the non-buggy updates to come out or something to the effect.

Now, to me that last paragraph sounds a little bit more like a tech excuse as to WHEN he wants to update whether it be due to his schedule or what.

Can someone please validate this info and point me in the right direction as to the best mode of operation to do this via RDP since I am not on-site?

Thanks in advance.
Question by:Korelian-
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Accepted Solution

albelo earned 1000 total points
ID: 38812049
Microsoft usually releases updates on the 2nd Tuesday of the month.  The tech is most likely waiting until the 3rd week of the month to do the updates to see if there are any reported problems within the last week with the updates MS released.

In a small environment like that, I would make sure you have a good backup of the server before applying updates.  I'd also notate which Patches / Updates were applied in case you have to roll back.

As for the Win 7 machines, always good to make a restore point before applying updates for the same reason.

In a larger environment, good practice to have a few test users/systems to apply patches to first to verify there are no problems before applying to all other systems.

Author Comment

ID: 38812259
So the best way to do this after having appropriate backups would be

{}- Do an inventory of the last updates/patches done by previous tech.
{}- Keep a log of patches/updates for Server & a log for each machine seperately
{}- Get list of Updates to be applied after 2nd week release and then watch for bugs from users until third week.

Are there updates/patches you WOULDN'T worry about? like "non-critical" or "non-Security"
What isn't broke don't fix it so to speak except for security patches?

what's your advice on that?
LVL 24

Assisted Solution

smckeown777 earned 1000 total points
ID: 38812263
I would agree to a certain extent...I do the same for some client environments as well, sometimes updates cause issues, so by delaying the process it means you have time to 'hear about' certain update issues and therefore you can then 'select' the good ones from the bad...

As for determining what updates are dodgy there are forums you can check out, or in my case I subscribe to http://www.patchmanagement.org/ - its a mailing list that individuals can send in known issues and through that process you will be informed of the current bugs/issues related to certain updates each month...great resource if you want to stay ahead of the patching problems that will occur from time to time...

So again its not always done, but I'd rather have control over my client environments than just letting the patch rollout happen automatically...and get into trouble
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.


Author Comment

ID: 38812300
I am DEFINITELY marking you as the solution, and thank you for the added info about subscribing to that list.. very helpful...   but I meant to ask the following also so I didn't want this to close out as RESOLVED before I got all the info I need....

Keep in mind I am doing this all remotely....

access the server, and access each local machine via the server? Does this have to be done via LOCAL admin or can these be installed by the users profile on the machine? or do I log in to any admin profile on THAT particular network machine... (by accessing the users machine through the desktop function on the server, thus logging in as the server admin )

does that make sense?

Thanks so much for your help
LVL 24

Expert Comment

ID: 38812319
Oh...just re-read your original post...

Ok, looks like the tech was manually doing this process to a certain extent...
The best way to do this is WSUS(are you familiar with that?)

WSUS runs on the server(is included with SBS 2008/2011 by default)
It downloads the updates to the server, then the client machines get their updates from the server...you run everything from the server WSUS console...

So in terms of installing the updates you don't do anything, once you 'Approve' the updates from the WSUS console they get installed on the client machines on a schedule(usually 3AM in the morning but this can be changed)

So its not as much work as you think, you approve the updates from the console and the rest takes place in the background...

Def check it out on the server to see if its already up and running, if not you need to start using it - its a life saver for time as well!

Author Comment

ID: 38812445
Ok I thought this was the case but they said the tech goes on each machine and runs MBR defrag and disk check.. which I think it's more to collect the $200 visit than anything because I didn't think it was that complicated.

i'm just doing a refresher course so to speak I used to use Server 2000 and then 2003.(and learning the new feature that they didnt have in those editions)

Author Closing Comment

ID: 38812823
Both of the responders gave me the answers I needed (2 answers needed)

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question