Is it possible to write a script which would patch (Windows) 1000's of machines instead of going through and doing it one by one?

You may want to check THIS (http://www.microsoft.com/windows2000/windowsupdate/sus/default.asp)
It's a tool from Micro$oft that may be able to help you out.

Cheers & good luck:

If you are using Active Directory you can use a group policy to send out and install the Patch. (If you have the correct rights)

http://www.altiris.com/ can do this for you (and a lot more, or so I was told :P )

commed you can't use to anything:

Damn every body shud run Linux... Then it just was the boot script there shud be changed.... It whoud take 2-3 min......

Truti

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by Truti
commed you can't use to anything:

Damn every body shud run Linux... Then it just was the boot script there shud be changed.... It whoud take 2-3 min......

Truti

First, there are tools and ways like previous posters said, and second, you could do the exact same (change boot script) in windows domains...

Ammo

Are all of the machines the same? If not, then I would recommend either using SUS like DjM suggested, or setting up an RIS server. If all of the machines are the same, just get an imaging package (such as Ghost), set up one machine exactly how you want it, and blast the rest of the machines with the image.

AJ

MS Software Update Services is only for workstations running win2k (sp2 at least) and XP. It
s really a mechanism for keeping the critical updates patches up to date. If you are running an older OS you'll have to try a different solution. Not to promote a Microsoft product but I've used MS System Management Server before and I know it's pretty easy to work with. It is expensive though.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by AngryBob
Is it possible to write a script which would patch (Windows) 1000's of machines instead of going through and doing it one by one?

You are talking about many machines :D.

If you have a fileserver, domainserver.. Then you can use the login script to run a batchfile/script which copies the patch locally (for slow connections) or if you have a fast connection (all machines on a fast connection) then you can run the patch from a server with a batchfile/script.

Its easy to deploy the patch(es).. The problem is to verify that the patch has been deployed everywere and grant administrator rights locally when the update process will run.. You can have the batchfile to log to a central text file (pipe the text), or locally and then copy the file to a server.. Its always issues with it if you want to have lots of info from every computer..

Hmm I can keep talking and talking.. There are so many ways to do this and no right or wrong way and I can't give you a good advice since I dont know the network or client setup.

My advice:
Use Foot-LAN (manual work) to deploy the patch and at the same time prepare the network for a automatic management system of any kind. Atleast if you cant find a good way to do this automatically.

There are many tools available, Im using ZENworks (Novell) and it works like a dream, but its a lots of work to set everything up, it's running on Netware and the hardest thing with ZEN is to learn the technicians to use it :).

Anyway, I wish you good luck.

~micael

Foot-LAN
also known as "SneakerNet" ;)

Ammo

Well have little info to go on here is it possible to patch 1000 Win boxes answer is yes. How to do it not knowing the network is another story as everyone here has valid answers. In most cases though I'm going with Ammo on this one Foot-Lan if you are only one foot gawd help you. Chances are in may be a mixed Win enviro and you may have to do a bit of each and expect 16 to 18 hour days. Is this about Redmonds latest patches? In short unless your network is set up to push changes from the servers even in a mixed enviro you got much foot work:) Is called walking in the IT macosson syndrone, ya never understand until you walk it :)