Dam Good Admin

Or at least not entirely useless

Page 2 of 2

How to Handle Driver/Firmware/BIOS Vulnerabilities

It has not been a good year for hardware manufacturers or the companies that slap parts together to create end-user devices. Apparently when they write drivers the put safety first and security was somewhere on the second page. Here’s how I’ve been trying to handle this. If you have a better way, I’d love to hear it.

Software Update Maintenance: It’s a Thing. That You Should Do.

Historically it’s been considered taboo to touch WSUS when part of a Configuration Manager environment. Those times have now past and if you’re not actively maintaining WSUS on a regular basis it’s more than likely failing causing scan failures.

Managing Workgroup (Non-Domain) Clients With Configuration Manager

For reasons you may not want to share at Configuration Manager administrator parties you may find yourself managing clients that are not domain joined. Often administrators assume Configuration Manager can’t do that or is severely limited. Read on for all the gory details.

Patch Tuesday Is A Lie

For well over a decade there’s been a social contract of sorts with Microsoft. Security patches are released on the second Tuesday of the month at 10 AM Pacific Time. They release and we start our patching processes. Well … what if they didn’t?

Fully Automate Software Update Maintenance in Configuration Manager

While some maintenance tasks have been long understood others have gained importance and understanding more recently. Either way, all of them should be fully automated as part of your patching process. I’ve created and released a script that does exactly that for every software update maintenance task that I can think of and does it in an extensible way that any organization should be able to utlize.

Server Group Patching: Troubleshooting

I tried … and failed … to implement Server Group Patching to automate patching our Exchange clusters. That doesn’t mean I didn’t learn a few useful things about how the feature works and how to troubleshoot it.

Server Group Patching: Node Scripts

One of the exciting parts of the pre-release Server Group Patching feature is the ability to run scripts before and after the patching process. This is key to automating workload migrations in clusters like Exchange or SQL. While it sounds promising, reality is a little underwhelming.

Server Group Patching: Busted (A.K.A. We are the QA Team)

Hoping to use the Server Group Patching pre-release feature to patch a group of servers in order? It appears to be broken. We are the real QA team.

Newer posts »

© 2018 Dam Good Admin

Theme by Anders NorenUp ↑