lordbobcup
New Member
- Messages
- 1
- Reaction score
- 0
- Points
- 1
Hi All,
I am looking for ways to successfully deploy software updates to enterprises where you are faced with a number of issues, such as desktop vs laptop availability, not losing work on forced maintenance window reboots etc.
We have a workforce that use anything from PCs that might be on or off at night, to laptops that might or might not be in the office or on or even in a drawer at a given maintenance window.
I am trying to devise a strategy to get the highest deployment of monthly patches possible, while causing the lest interruption to users. Naturally the asking the users to install didn't work so now we need to automate it the least intrusive way possible.
Ideally, my 'perfect world vision' would be something along the lines of a 8 hour, out of office hours maintenance window, once a month, where any machine that was on, would patch itself (thats the easy bit). Then somehow during office hours, when the user logs in, they get informed that there is a pending reboot, give them the standard 2 hour warning, with the 1 hour where they cant hide it before a forced reboot, but only after the user has logged in so they are aware of it and it is their choice not to save their open work and reboot themselves. Where machines that are not in the office during the given maintenance window, they would install the updates after the deadline had been reached and then get the reboot warning. This would mean that updates were being installed as they were trying to work on the machine which is less than ideal but that is partially their fault for not leaving the machine in the office during the maintenance window (which I wouldn't expect them to anyway).
I haven't come across a way to devise my perfect world yet and updates are starting to slip behind which doens't make the security guys that happy. What do others do in these sorts of environments? Has anyone found any good recommendations or documentation of well working designs?
I look forward to peoples recommendations.
Thanks
I am looking for ways to successfully deploy software updates to enterprises where you are faced with a number of issues, such as desktop vs laptop availability, not losing work on forced maintenance window reboots etc.
We have a workforce that use anything from PCs that might be on or off at night, to laptops that might or might not be in the office or on or even in a drawer at a given maintenance window.
I am trying to devise a strategy to get the highest deployment of monthly patches possible, while causing the lest interruption to users. Naturally the asking the users to install didn't work so now we need to automate it the least intrusive way possible.
Ideally, my 'perfect world vision' would be something along the lines of a 8 hour, out of office hours maintenance window, once a month, where any machine that was on, would patch itself (thats the easy bit). Then somehow during office hours, when the user logs in, they get informed that there is a pending reboot, give them the standard 2 hour warning, with the 1 hour where they cant hide it before a forced reboot, but only after the user has logged in so they are aware of it and it is their choice not to save their open work and reboot themselves. Where machines that are not in the office during the given maintenance window, they would install the updates after the deadline had been reached and then get the reboot warning. This would mean that updates were being installed as they were trying to work on the machine which is less than ideal but that is partially their fault for not leaving the machine in the office during the maintenance window (which I wouldn't expect them to anyway).
I haven't come across a way to devise my perfect world yet and updates are starting to slip behind which doens't make the security guys that happy. What do others do in these sorts of environments? Has anyone found any good recommendations or documentation of well working designs?
I look forward to peoples recommendations.
Thanks
