Dam Good Admin

Or at least not entirely useless

Software Update Maintenance Script Updated: All the WSUSness

Things got real last week and ‘all of a sudden’ organization realized that what the product MVPs have been saying for years is true and simply not optional: you must be running a software update maintenance script. I’ve updated mine to be more useful. Because I’m like that I guess.

So … You Want to Write a PowerShell Script

With the Olympics over, my MMSMOA¬†session drafts in, taxes done, and a thousand or so pages of classic sci-fi read it’s time to post something. My degree is software engineering and for a brief period of time I was a professional developer.¬† Instead of a profession it’s become more of a hobby that I enjoy […]

We Need To Talk About Your ADRs (ConfigMan’s Flair)

Configuration Manager’s Automatic Deployment Rules are the ‘killer app’ that makes the product one of the most powerful tools for software updates. However, with that power and flexibility comes complexity that can be daunting for the uninitiated. In this post I try to brain-dump the lessons I had to learn when coming up to speed in the hope that it might help others.

Yet Another Software Update Dashboard

When looking to prove that Configuration Manager was actually patching devices I quickly found the built-in reports lacking. I looked at existing solutions but I wanted something just stupidly simple that I could send to management and be informative at that level. At the same time I wanted to be able to drill-down so that administrators could identify and resolve any issues. Here’s what I came up with … let me know what you think in the comments section.

Compliance Report For Latest Cumulative Updates

There’s lots of ways to define compliance but if/when you move to the cumulative update model the biggest question is simply: do I have the latest cumulative update applied. You’d think that’d be easy to report on but it gets messy quickly. Here I’ve released my first shot at it.

How to Install Software Updates During Task Sequences

Installing updates during operating system deployment should be easy. I mean there’s a step called Install Software Updates for crying out loud. How hard could it be?

How to Handle Driver/Firmware/BIOS Vulnerabilities

It has not been a good year for hardware manufacturers or the companies that slap parts together to create end-user devices. Apparently when they write drivers the put safety first and security was somewhere on the second page. Here’s how I’ve been trying to handle this. If you have a better way, I’d love to hear it.

Software Update Maintenance: It’s a Thing. That You Should Do.

Historically it’s been considered taboo to touch WSUS when part of a Configuration Manager environment. Those times have now past and if you’re not actively maintaining WSUS on a regular basis it’s more than likely failing causing scan failures.

Managing Workgroup (Non-Domain) Clients With Configuration Manager

For reasons you may not want to share at Configuration Manager administrator parties you may find yourself managing clients that are not domain joined. Often administrators assume Configuration Manager can’t do that or is severely limited. Read on for all the gory details.

Patch Tuesday Is A Lie

For well over a decade there’s been a social contract of sorts with Microsoft. Security patches are released on the second Tuesday of the month at 10 AM Pacific Time. They release and we start our patching processes. Well … what if they didn’t?

« Older posts

© 2018 Dam Good Admin

Theme by Anders NorenUp ↑