Keeping Up with Service Packs and Updates


Service packs (SPs) and updates for both the operating system and applications are vital parts to maintaining availability, reliability, performance, and security. Microsoft packages these updates into SPs or individually.

There are several ways an administrator can update a system with the latest SP or update: CD-ROM, manually entered commands (see Table 22.1 and Table 22.2), Windows Update, or Microsoft Software Update Server (SUS).

Table 22.1. SP Command-Line Parameters

Service Pack (Update.exe) Parameters

Description

-f

Forces applications to close at shutdown.

-n

Prevents the system files from being backed up. This keeps SPs from being uninstalled.

-o

Overwrites OEM files.

-q

Indicates Quiet mode; no user interaction is required.

-s

Integrates the SP in a Windows Server 2003 share.

-u

Installs SP in unattended mode.

-z

Keeps the system from rebooting after installation.


Table 22.2. Update Command-Line Parameters

Hotfix.exe Parameters

Description

-f

Forces applications to close at shutdown.

-l

Lists installed updates.

-m

Indicates Unattended mode.

-n

Prevents the system files from being backed up. This keeps updates from being uninstalled.

-q

Indicates Quiet mode; no interaction is required.

-y

Uninstalls the update.

-z

Keeps the system from rebooting after installation.


Note

Thoroughly test and evaluate SPs and updates in a lab environment before installing them on production servers and client machines. Also, install the appropriate SPs and updates on each production server and client machine to keep all systems consistent.


Windows Update

Windows Update, shown in Figure 22.10, is a Web site that scans a local system and determines whether there are updates to apply to that system. Windows Update is a great way to update individual systems, but this method is sufficient for only a small number of systems. If administrators choose this method to update an entire organization, there would be an unnecessary amount of administration.

Figure 22.10. The Windows Update Web site.


Software Update Services

Realizing the increased administration and management efforts administrators must face when using Windows Update to keep up with SPs and updates for anything other than small environments, Microsoft has created the Software Update Services (SUS) client and server versions to minimize administration, management, and maintenance of mid- to large-sized organizations. Figure 22.11 illustrates the SUS interface. SUS communicates directly and securely with Microsoft to gather the latest SPs and updates.

Figure 22.11. Software Update Services.


The SPs and updates downloaded onto SUS can then be distributed to either a lab server for testing (recommended) or to a production server for distribution. After these updates are tested, SUS can automatically update systems inside the network.

Note

You can find more information on SUS and download the product from http://www.microsoft.com/windows2000/windowsupdate/sus/.


Maintaining Consistency

Maintaining a consistent level of patches and security fixes across an organization is a challenge. These challenges can be minimized if you're using SUS. If you're not using SUS, Microsoft provides other utilities to make maintenance and management of SPs and updates easier. They include but aren't limited to the following:

  • QChain This utility safely chains updates together to allow multiple updates to be installed with only one reboot.

  • Microsoft Security Notification Service Subscribing to this service ensures that administrators will be notified as security-related updates become available.

  • Microsoft Baseline Security Advisor (MBSA) MBSA is both a graphical and command linedriven tool that improves upon the capabilities of the HFNetCHK tool. It scans for common system security misconfigurations (in products such as Windows, IIS, SQL Server, Internet Explorer [IE], and Office) and missing security updates for other products as well.




Microsoft Windows Server 2003 Unleashed(c) R2 Edition
Microsoft Windows Server 2003 Unleashed (R2 Edition)
ISBN: 0672328984
EAN: 2147483647
Year: 2006
Pages: 499

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net