?
Solved

patch management

Posted on 2016-09-21
7
Medium Priority
?
72 Views
Last Modified: 2016-09-22
We have a small windows 2012 domain with windows clients.  Is there a free way to handle patch management using a tool that pushes out updates from the server to the clients?
0
Comment
Question by:al4629740
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 13

Assisted Solution

by:Dustin Saunders
Dustin Saunders earned 332 total points
ID: 41809398
You can use WSUS for your update management.

Link on how to deploy:
https://redmondmag.com/articles/2015/06/17/wsus-in-windows-server.aspx
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 41809474
Nothing free that pushes. WSUS is free and good for Microsoft products, but relies om client queru/pull.
0
 

Author Comment

by:al4629740
ID: 41809516
So if I use WSUS, then I would have to manually execute it from the server in the client machine?
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 2

Assisted Solution

by:Nilesh Kamble
Nilesh Kamble earned 332 total points
ID: 41809523
WSUS is a free version from Microsoft to install patches on any client computers whether it is server operating system or client operating system create a group policy configure some of the settings you can get it on technet and enjoy patching.
https://technet.microsoft.com/en-us/library/hh852344(v=ws.11).aspx
0
 
LVL 59

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 332 total points
ID: 41809526
Nom you approve updates in a server console, and the next time a client checks in then it will pull down the update. The client can be configured yo automatically check in on a schedule, but it is still a pull technology.

Contrast that with a product like SCCM, which can wake machines with WoL, and can forcibly tell its agent to install an update immediately. That fits the traditional "push" definition.

For businesses that need push (high security environments with rapid response), push is a legit requirement. Even a scheduled pull can be too great a delay. This is sn instance where terminology matters, and push was listed as an initial requirement.
0
 
LVL 8

Accepted Solution

by:
Hector2016 earned 1004 total points
ID: 41810441
You can use WSUSOffline.

You need to install the tool on a PC with internet access, then run the Updater selecting the products you want to update. Then the tool will download all related updates and service packs. When finished, you will be able to share the CLIENT folder on the LAN, so the computers on your network must have access to that folder for read and execute. Later you can connect remotely to each computer and run the UpdateInstaller.exe launcher application, or create a start-up script that calls UpdateInstaller.exe and apply it to all computers in the domain.
0
 
LVL 8

Expert Comment

by:Hector2016
ID: 41810445
You can also do a  similar task by using a VBS script that forces the installation of pending updates on Windows computers connected to a WSUS server or using the Windows Update site. But if you don't have a WSUS working right now, it is better to use WSUSOffline, because you will not need to deal with updates approvals.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question