Re: SMS2003 -Direct Internet Connection?
From: Richard Threlkeld
Date: 04/19/04
- Next message: Rack: "Re: Critical patch deployment"
- Previous message: Richard Threlkeld
: "Re: Critical patch deployment" - Maybe in reply to: Matthew: "SMS2003 -Direct Internet Connection?"
- Next in thread: Matthew Edwards: "Re: SMS2003 -Direct Internet Connection?"
- Reply: Matthew Edwards: "Re: SMS2003 -Direct Internet Connection?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 19 Apr 2004 16:31:47 -0700
Sorry for the late reply Matthew, missed this one the other day...
Can you run the DSUW from an Admin workstation that has internet access?
This way the admin workstation can speak to your site server and pull down
the updates without your site server needing internet access.
-- Richard Threlkeld Microsoft MVP - SMS Looking to get more involved in the SMS community? Join the SMS email discussion list today: http://lists.listleague.com/mailman/listinfo/mssms "Matthew" <matthew.edwards@blue-source.com> wrote in message news:8BD9010E-2671-4B48-93C9-92BD8FA5E656@microsoft.com... > Thanks for your quick reply Richard, > > I don't think that these suggestions address the issue however :-( > > The problem we have is that SMS will not let you pull down a patch from Microsoft unless it can talk simultaneously to the Site server. This breaks our security (the synch client can talk to the Internet or our SMS site server - but not at the same time.) This used to work quite well with SUS as we could switch the SUS NICs to the Internet connection and download the patches and then switch the SUS server back to the LAN to approve and deploy them. > > Do you have any other ideas? > > Thanks > > Matthew > > ----- Richard Threlkeld <MVP> wrote: ----- > > The Sync Host can be any SMS client in your site heirarchy, and if you want > it to automatically download the latest catalog it can be configured to do > so if it has an internet connection. You can also use patchdownloader.exe > to use a user account of your choice. If you don't want this either, you > can manually download the latest security update bulletin catalog > (mssecure.cab) from http://go.microsoft.com/fwlink/?LinkId=23130 and place > it in the Scan Tool package Data Source, then refresh your Distribution > Points. Or you could do the same process you did with your SUS Server and > muli-NIC your Sync Host. > > -- > Richard Threlkeld > Microsoft MVP - SMS > > Looking to get more involved in the SMS community? > Join the SMS email discussion list today: > http://lists.listleague.com/mailman/listinfo/mssms > > "Matthew" <matthew.edwards@blue-source.com> wrote in message > news:A4E73EE6-7815-4297-835F-3C457D7AFCD2@microsoft.com... > > Hi - I have found what appears to be a major disadvantage of SMS2003 vs > SUS. > >> Up until now we have been using SMS 2.0 with SUS to roll out hotfixes etc. > >> Because of tight security we cannot connect our network directly to the > internet. So we have two NICs in the SUS server (one private and the other > public) and disable the private NIC whilst retrieving updates from MS. > >> We are trying to roll out SMS2003 with a Software synchronization client, > but it would appear that the synchronization server requires direct access > to the SMS site server and MS at the same time, which is impossible with our > security restrictions. Is there any way around this? I had thought of > building a phantom site server on the public network and using DTS or some > other tool to replicate table changes to the live site server. > >> Can you help? > >
- Next message: Rack: "Re: Critical patch deployment"
- Previous message: Richard Threlkeld
: "Re: Critical patch deployment" - Maybe in reply to: Matthew: "SMS2003 -Direct Internet Connection?"
- Next in thread: Matthew Edwards: "Re: SMS2003 -Direct Internet Connection?"
- Reply: Matthew Edwards: "Re: SMS2003 -Direct Internet Connection?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
