Re: sms 2003 patch management is brutal!

From: James (lee.james_at_spartan.ab.ca)
Date: 11/13/04 

Date: 13 Nov 2004 13:42:18 -0800

Hi Cathy,

I seriously hope you meant to say 'will have to wait for SP2 or a
forthcoming add-on'.......I would be seriously choked if I implement
SMS with it's less than ideal patch management only to find if I want
it to work properly I'll have to upgrade to SMS 2005.

J.

"Cathy Moya [MS]" <camoya@online.microsoft.com> wrote in message news:<ebMO0VPyEHA.2892@TK2MSFTNGP14.phx.gbl>...
> You did, it just isn't called a synch host in the setup interface.
> <restraining myself from a tirade on interface design>
>
> It is screen #7 of the setup process and the text is:
> ----------------------------------
> Database Updates
> If you have internet acces, setup can configure a task to automatically
> obtain the latest database. Please specify the NetBIOS name of an existing
> SMS client computer to run this taks. This computer will be added to a
> collection, and a weekly assignment will run while you are logged into the
> computer you specify below. Leave the space below blank if you do not want
> to use this feature.
> Obtain updates using:
> <field>
> -------------------------------------
> Look ma, no synch host mentioned, but that's what it is. Office uses exactly
> the same setup wizard, and the same screen. There may be slight improvements
> in the screens when we release the WUS scanner (believe me, we're trying),
> but the real improvements will have to wait for another version of SMS. And
> we're working on it.
>
>
> --
> Cathy Moya, MCSE: Security
> Technical Writer, Enterprise Management Content Group
>
> Check out the SMS Technical FAQ:
> http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/default.mspx
> This posting is provided AS IS with no warranties and confers no rights.
>
>
> "yaba daba doo" <yabadabadoo@discussions.microsoft.com> wrote in message
> news:EB574130-5307-4DD6-98F1-CF11DE5A6EFE@microsoft.com...
> > Cathy,
> >
> > I never got the option to setup synch host during installation of scan
> > tools.
> >
> > "Cathy Moya [MS]" wrote:
> >
> >> The sync host is only selected once, during installation of the scan
> >> tool.
> >> You don't re-select it when running the Distribute Software Updates
> >> Wizard.
> >>
> >> --
> >> Cathy Moya, MCSE: Security
> >> Technical Writer, Enterprise Management Content Group
> >>
> >> Check out the SMS Technical FAQ:
> >> http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/default.mspx
> >> This posting is provided AS IS with no warranties and confers no rights.
> >>
> >> "yaba daba doo" <yabadabadoo@discussions.microsoft.com> wrote in message
> >> news:B649B4D0-B6BA-43AB-B65D-E0A9CAA73260@microsoft.com...
> >> >I am actually going thru implementing Patch Mgmt myself and I am running
> >> >into
> >> > alots of problem. Specially the wizard is not giving me the options
> >> > that
> >> > it's suppose to give me. I am not able to select a synch host, it
> >> > never
> >> > gives me that option in the wizard.
> >> >
> >> > But I do have to say that people on this newgroup are quite helpfull
> >> > with
> >> > answering the questions. I haven't given up on it yet.
> >> >
> >> > "Allan Tee" wrote:
> >> >
> >> >> i agree, i would rather also use SUS than SMS's software updates. but
> >> >> then
> >> >> again, SUS can only handle OS/IE patches. SMS patch management is
> >> >> extremely
> >> >> hard to implement!
> >> >>
> >> >> "Kim Oppalfens" wrote:
> >> >>
> >> >> > inline
> >> >> >
> >> >> > > I just started to play with patch management. I created an
> >> >> > > advertisement for the latest IE cumulative update (834707) using
> >> >> > > the
> >> >> > > Software Update Wizard. I then targeted it at my 'servers'
> >> >> > > collection.
> >> >> > > In the options I told it to defer rebooting for servers.
> >> >> > >
> >> >> > > Here's my experience with it:
> >> >> > >
> >> >> > > - The program ran on servers that already had the patch installed
> >> >> > > previously (isn't that the point of the scan tool, to determine
> >> >> > > what
> >> >> > > patches are needed?)
> >> >> > Yes, it is, are you sure the patch was installed and active? That
> >> >> > means
> >> >> > was the machine rebooted after the patch if needed? If a patch that
> >> >> > requires a reboot is installed without rebooting the patch isn't
> >> >> > really
> >> >> > alive and the scan tool will report it as such. By consequence the
> >> >> > patch
> >> >> > will reinstall.
> >> >> >
> >> >> > > - Despite telling it to not reboot the servers, lo and behold all
> >> >> > > the
> >> >> > > servers tell me they are rebooting and gave me the countdown timer
> >> >> > How did you tell it not to reboot the servers? I assume in the
> >> >> > distribute software updates wizard. Did you also use the suppress
> >> >> > reboot
> >> >> > switch on the patch? The wizard actually waits for the result of
> >> >> > every
> >> >> > patch you install if you suppress the reboot in the patch it will
> >> >> > write
> >> >> > to a log file that the reboot was suppressed. Once all patches have
> >> >> > installed the wizard will check the log file and verify whether any
> >> >> > reboots were suppressed. If so, the wizard tool might trigger a
> >> >> > reboot,
> >> >> > unless you suppress that reboot during the wizard.
> >> >> >
> >> >> > > - There's absolutely no logging in Event Viewer on the clients to
> >> >> > > say
> >> >> > > that the patch was installed
> >> >> > Not really an sms issue, this is something that the patches should
> >> >> > take
> >> >> > care of if we want that. Sms does generate a log file called
> >> >> > patchinstall.log and registers in wmi.
> >> >> >
> >> >> > >
> >> >> > > I think I'll stick with SUS........it's free, it's intuitive in
> >> >> > > comparison, and it works as it's designed.
> >> >> > I agree with all your observations on SUS, just want to add that sms
> >> >> > works as designed as well.
> >> >> >
> >> >> > I think Microsoft is well aware of the not so intuitive way sms
> >> >> > patch
> >> >> > management works.
> >> >> > >
> >> >> > > J.
> >> >> > >
> >> >> >
> >> >> > --
> >> >> > Kim Oppalfens
> >> >> > Proud father of Lennart Oppalfens
> >> >> > Since 05/11/2004 08.53 GMT+1
> >> >> >
> >>
> >>
> >>

Relevant Pages

  • Re: Moving SMS Servers Between Domains
    ... > I run the setup without make any changes, but the option fo "modify or reset ... >> it should automatically offer to do a reset. ... >> processes with regards to the SMS services. ... Because the installation is a different version, ...
    (microsoft.public.sms.admin)
  • Secondary site creation
    ... OK I'm very new to SMS administration and am just starting to deploy SMS in ... I've setup the primary site server at our HQ location and am ... I've added the primary site server's computer account to our domain admins ...
    (microsoft.public.sms.setup)
  • Re: Office 2003 Deployment
    ... have a windows 2003 domain and SMS 2003 SP1 already in place. ... entSetup.exe, we could deploy the local files first then run setup from the ... > installation source on users' computers." ... > - Organizations with consistent hardware and software configurations on both ...
    (microsoft.public.office.setup)
  • Advanced client installation issues
    ... We have an SMS 2003 with SP 1 setup running in our enterprise. ... Connection Properties on all machines. ... but the client shows installed on only a total of 145. ...
    (microsoft.public.sms.setup)
  • Re: Exit Code 1603 When Setting Up Visual Studio .NET 2003 Using SMS
    ... To get exact message yu will have to look into VS setup log which is created ... > I've created the collections, packages, programs and advertisements for ... > returned to SMS and the following message appears in the advertisement ... > the program's exit code to determine status. ...
    (microsoft.public.sms.admin)