none
Needing to update Windows Server 2003

    General discussion

  • Hi

    I am doing research in order to facilitate the ongoing update for Windows 2003 Server platform i have 100's of servers to update and our VPN prevents windows update from doing this process live

    i would want to download the updates standalone but where do i download these from? as there is no download list available that i could find

    is anyone able to help me with a list of critical updates for Windows Server 2003 SP2

    Monday, August 13, 2012 7:06 AM

All replies

  • >>

    i would want to download the updates standalone but where do i download these from? as there is no download list available that i could find

    is anyone able to help me with a list of critical updates for Windows Server 2003 SP2<<

    Use Microsoft Update Catalog for that purpose
    Monday, August 13, 2012 7:57 AM
  • >>

    i would want to download the updates standalone but where do i download these from? as there is no download list available that i could find

    is anyone able to help me with a list of critical updates for Windows Server 2003 SP2<<

    Use Microsoft Update Catalog for that purpose

    thanks very helpful

    would you know the batch file switch to run these patches silently and with out restart?

    its been soo long since i have had to do a batch file

    Tuesday, August 14, 2012 12:36 AM
  • would you know the batch file switch to run these patches silently and with out restart

    The Microsoft Catalog does not provide that capability, and for that consideration Siniy's answer is not correct.

    Personally, I'm more intrigued with the idea that you have hundreds of Windows Server 2003 systems, with a VPN that blocks Windows Update capabilities -- so how, exactly, have you been updating these systems for the past five years. (I'm assuming they're not new systems, or they would have Win2008 installed.)

    And even more intrigued that you would consider manually patching hundreds of Win2003 systems (that may have never been patched). Truth is, just finding and downloading all of the applicable updates for a Windows Server 2003 system could take a week all by itself!

    but.. to the point of your question, you'll want to start with this TechNet article:

    Guide for Installing and Deploying Updates for Microsoft Windows Server 2003

    or... you might consider installing a WSUS server, inasmuch as you're posting in the WSUS forum. :-)


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Product Manager, SolarWinds
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Tuesday, August 14, 2012 9:50 PM
  • I believe this has been done via approved patch cds perodically. i have come in at a very late stage of this and this task has been handed to me to resove and automate. A manual process was involved and a tech had to travel to 100's of locations which took 3 months.

    I have already defined the qty of patches needed it is actually only about 6 months worth of patches as this was done in feb last. My 1st suggestion was to manually make the patches available on the internet, create a batch file and via SQL server create a mapped drive pull down VPN and activate.

    This in theory should work. also allows me to remote access each system and activate script per server maybe 1 weeks work every 3 months, not a biggy. what would be your suggestions?

    p.s. I have noticed we are at the end of the year going to roll out new servers with win 2008 r2 on them in our new opeing locations. (before you ask win 2012 is out not an option due to international tech compliance regs). but this roll out will possibly take years to replace the old locations. so I have to find a solution till 2008 comes to my saving.

    Friday, August 17, 2012 1:25 AM
  • what would be your suggestions?

    Seriously.. I would pursue why the VPN has restrictions on allowing an automated patch management solution and lobby hard for using WSUS to distribute and manage updates to those servers. These days a Win2003 system six months behind in patching -- times 100 servers -- is an invitation for disaster.

    If you're already looking at a solution that involves transferring these update files across the VPN link, which tells me that the issue was never about the file traffic, but rather about the perceived risks of using Automatic Updates (apparently without consideration of the risks of not patching at all), then there's absolutely no reason why those client systems ought not be given access to talk to a centralized WSUS server, and those 100 servers can be managed through a centralized, automated process.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Product Manager, SolarWinds
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Friday, August 17, 2012 4:59 PM
  • thats all fine but i have never seen WSUS nor used it is it simple to use? i am only now starting to look into this as it was suggested to me by another IT team for this very use. thank you for your help i will investigate further.

    Thursday, August 23, 2012 12:50 AM
  • i have never seen WSUS nor used it is it simple to use?

    Answering that question is really a matter of perspective and personal expertise with the Windows Update process, but you're welcome to open a new discussion thread to get some feedback on that question. Personally I think it is simple to use, but then I've been using Windows Update since it was introduced in 1998, and I've been working with WSUS for over seven years, and I had 20 years of IT experience that predated that, including several years of maintaining and patching Unix systems, so my perspective on all of this may be a bit flavored.

    This would be your starting point: Windows Server Update Services Home Page


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Product Manager, SolarWinds
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    Thursday, August 23, 2012 10:20 PM