We used to use a batch script using psexec to patch 500 Windows NT Server systems because management wouldn't pay for anything. We had to do the OS, Internet Explorer (all versions), Adobe, Office, all the other stuff. We started off using a text file full of data being parsed for the relevant systems so that we'd know what to install on each system as they were discovered. Someone (me) ended up working on this data file and the script almost full time, spending hours after every patch release working out where the files were updated, how to test if it applied, which systems needed it, and how to work the logic into the batch script to make sure it didn't go where it didn't. And this is in the pre-64-bit and virtualisation days. I can't imagine how complex it would be now.
Most sensible accounts at this time paid for UpdateExpert or HfNetChk. When MS released WSUS, we all breathed a collective sigh of relief and went back to other day-to-day admin tasks. We, as others probably do, only use psexec for one-off tasks now. Patching is far too complex a beast for it, unless you like having to spend all your time what MS will do for you for nothing. 2009/8/31 tony patton <tony.pat...@quinn-insurance.com> > Hey all, > > Following on from IE8 doesn't work thread, management here wants start > using PSEXEC to patch applications. > > I'm a bit hesitant to use it for patching 2800 desktops for Adobe reader, > flash, firefox and UltraVNC, fine for running scripts and such, just not > sure about patching. > > Logging is a whole other thing, personally, I don't want to be able to log > which machines were successful, failed or not on > as there would be no incentive to get a proper patching solution. > I can wrap a batch file around it to re-direct output to a file, so the > possibility of logging is there. > > What are the pitfalls that any of you that use this approach have come > across? > > Also thanks to Sam Cayze for the PSEXEC command for Adobe, hadn't attempted > to work out the command for Flash but this does it, saved me a bit of work > :-) > > Slightly off-topic, don't know why anyone would want to leave this list, > keeps me sane most days. > > Sorry if this is a bit all over the place, 11am and been here before 7 :-( > All information greatly appreciated. > > Regards > > Tony Patton > Desktop Operations Cavan > Ext 8078 > Direct Dial 049 435 2878 > email: tony.pat...@quinn-insurance.com > > ====================================================================http://www.quinn-insurance.com > > This e-mail is intended only for the addressee named above. The contents > should not be copied nor disclosed to any other person. Any views or > opinions expressed are solely those of the sender and > do not necessarily represent those of QUINN-Insurance, unless otherwise > specifically stated . As internet communications are not secure, > QUINN-Insurance is not responsible for the contents of this message nor > responsible for any change made to this message after it was sent by the > original sender. Although virus scanning is used on all inbound and > outbound e-mail, we advise you to carry out your own virus check before > opening any attachment. We cannot accept liability for any damage sustained > as a result of any software viruses. > > ==================================================================== > > QUINN-Life Direct Limited is regulated by the Financial Regulator. > QUINN-Insurance Limited is regulated by the Financial Regulator and > regulated by the Financial Services Authority for the conduct of UK > business. > > ==================================================================== > > QUINN-Life Direct Limited is registered in Ireland, registration number > 292374 and is a private company limited by shares. > QUINN-Insurance Limited is registered in Ireland, registration number > 240768 and is a private company limited by shares. > Both companies have their head office at Dublin Road, Cavan, Co. Cavan. > > > > > > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." http://raythestray.blogspot.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
