Hello,
if you are using WSUS for workstations it is more or less easy, you set GPO to automatically download and install. Then you approve/reject updates in WSUS console. However for server it's better to setup automatically download. The installation itself should be manual. To automate the manual patch installation use this script:
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=199&start=1
Put this script on the file share, together with follwing cmd
c:\windows\system32\cscript.exe \\server\UpdateHF\updatehf.vbs action:install mode:silent email:yourname@yourdomain.com restart:1
Then you can use GUI for psexec or LANGuard Network Security Scanner or other tools to run this command remotely.
1 comment:
Good post.
Post a Comment