Mark Bill
asked on
WSUS advice windows updates
Hey Guys,
Long term WSUS user, find the console horrendous and the system completely unreliable compared to manually patching a workstation from the windows update website.
My company is now too big for manual patching, currently we have WSUS patching desktops and not important servers, unfortunately it is doing a terrible job and I just cannot rely on it.
I am looking for the best way to update my systems.
I pulled a random desktop machine WSUS said was "fully patched" "7500 updates installed/not applicable"
Checked it against the windows update website and it is missing all kinds of updates, 80+ on first check against windows update website.
So the best idea I have right now is
1. Use this script to possibly auto update all desktops off the windows update website in a controlled fashion.(https://community.spiceworks.com/topic/433260-managing-windows-updates-on-servers)
2. Then managing monthly checking the list manually and approving/monitoring
3. Same for not important servers, wiht the importance of my companies big servers they will continue to be patched manually.
4. FWIW I think reporting in WSUS is a complete joke, and yes I have all my computers reporting and checking succesfully.
5. Would like to make a final complaint on WSUS console, an absolute pile of garbage, not one improvement since the 2003 version and it badly needs it, Microsoft we need a system as reliable as the windows update website. I iknow WSUS is renowned for its awful programming/operations just wondering if someone can help.
M
Long term WSUS user, find the console horrendous and the system completely unreliable compared to manually patching a workstation from the windows update website.
My company is now too big for manual patching, currently we have WSUS patching desktops and not important servers, unfortunately it is doing a terrible job and I just cannot rely on it.
I am looking for the best way to update my systems.
I pulled a random desktop machine WSUS said was "fully patched" "7500 updates installed/not applicable"
Checked it against the windows update website and it is missing all kinds of updates, 80+ on first check against windows update website.
So the best idea I have right now is
1. Use this script to possibly auto update all desktops off the windows update website in a controlled fashion.(https://community.spiceworks.com/topic/433260-managing-windows-updates-on-servers)
2. Then managing monthly checking the list manually and approving/monitoring
3. Same for not important servers, wiht the importance of my companies big servers they will continue to be patched manually.
4. FWIW I think reporting in WSUS is a complete joke, and yes I have all my computers reporting and checking succesfully.
5. Would like to make a final complaint on WSUS console, an absolute pile of garbage, not one improvement since the 2003 version and it badly needs it, Microsoft we need a system as reliable as the windows update website. I iknow WSUS is renowned for its awful programming/operations just wondering if someone can help.
M
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER