Re: sms 2003 patch management is brutal!

From: yaba daba doo (yabadabadoo_at_discussions.microsoft.com)
Date: 11/12/04 

Date: Fri, 12 Nov 2004 10:14:02 -0800

Cathy,

I never got the option to setup synch host during installation of scan tools.

"Cathy Moya [MS]" wrote:

> The sync host is only selected once, during installation of the scan tool.
> You don't re-select it when running the Distribute Software Updates Wizard.
>
> --
> Cathy Moya, MCSE: Security
> Technical Writer, Enterprise Management Content Group
>
> Check out the SMS Technical FAQ:
> http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/default.mspx
> This posting is provided AS IS with no warranties and confers no rights.
>
> "yaba daba doo" <yabadabadoo@discussions.microsoft.com> wrote in message
> news:B649B4D0-B6BA-43AB-B65D-E0A9CAA73260@microsoft.com...
> >I am actually going thru implementing Patch Mgmt myself and I am running
> >into
> > alots of problem. Specially the wizard is not giving me the options that
> > it's suppose to give me. I am not able to select a synch host, it never
> > gives me that option in the wizard.
> >
> > But I do have to say that people on this newgroup are quite helpfull with
> > answering the questions. I haven't given up on it yet.
> >
> > "Allan Tee" wrote:
> >
> >> i agree, i would rather also use SUS than SMS's software updates. but
> >> then
> >> again, SUS can only handle OS/IE patches. SMS patch management is
> >> extremely
> >> hard to implement!
> >>
> >> "Kim Oppalfens" wrote:
> >>
> >> > inline
> >> >
> >> > > I just started to play with patch management. I created an
> >> > > advertisement for the latest IE cumulative update (834707) using the
> >> > > Software Update Wizard. I then targeted it at my 'servers'
> >> > > collection.
> >> > > In the options I told it to defer rebooting for servers.
> >> > >
> >> > > Here's my experience with it:
> >> > >
> >> > > - The program ran on servers that already had the patch installed
> >> > > previously (isn't that the point of the scan tool, to determine what
> >> > > patches are needed?)
> >> > Yes, it is, are you sure the patch was installed and active? That means
> >> > was the machine rebooted after the patch if needed? If a patch that
> >> > requires a reboot is installed without rebooting the patch isn't really
> >> > alive and the scan tool will report it as such. By consequence the
> >> > patch
> >> > will reinstall.
> >> >
> >> > > - Despite telling it to not reboot the servers, lo and behold all the
> >> > > servers tell me they are rebooting and gave me the countdown timer
> >> > How did you tell it not to reboot the servers? I assume in the
> >> > distribute software updates wizard. Did you also use the suppress
> >> > reboot
> >> > switch on the patch? The wizard actually waits for the result of every
> >> > patch you install if you suppress the reboot in the patch it will write
> >> > to a log file that the reboot was suppressed. Once all patches have
> >> > installed the wizard will check the log file and verify whether any
> >> > reboots were suppressed. If so, the wizard tool might trigger a reboot,
> >> > unless you suppress that reboot during the wizard.
> >> >
> >> > > - There's absolutely no logging in Event Viewer on the clients to say
> >> > > that the patch was installed
> >> > Not really an sms issue, this is something that the patches should take
> >> > care of if we want that. Sms does generate a log file called
> >> > patchinstall.log and registers in wmi.
> >> >
> >> > >
> >> > > I think I'll stick with SUS........it's free, it's intuitive in
> >> > > comparison, and it works as it's designed.
> >> > I agree with all your observations on SUS, just want to add that sms
> >> > works as designed as well.
> >> >
> >> > I think Microsoft is well aware of the not so intuitive way sms patch
> >> > management works.
> >> > >
> >> > > J.
> >> > >
> >> >
> >> > --
> >> > Kim Oppalfens
> >> > Proud father of Lennart Oppalfens
> >> > Since 05/11/2004 08.53 GMT+1
> >> >
>
>
>