January 7, 2009 at 7:41 am
Fellow DBA's
Has anybody used wsus to deploy Sql Server Hot Fixes or Service Packs using WSUS?
if so can you let me know any pro's and Con's using WSUS..mainly CON's
Thanks,
January 7, 2009 at 7:50 am
do not use it myself, but did partake in a post on this forum where wsus caused problems, see
http://www.sqlservercentral.com/Forums/Topic612095-48-1.aspx
personally I would not want any automated process applying patches to SQL, I would want full control of this, not least so I could be sure system db backups were taken beforehand.
---------------------------------------------------------------------
January 7, 2009 at 8:01 am
Thanks For Your Reply.
We are not trying to update it automatically but more of a taking help of WSUS to push the patches after we take all the necessary backups.
Can this be done?
Thanks Again...
January 7, 2009 at 8:10 am
sorry I don't know wsus well enough to give a definitive answer, you would expect to be able to though.
personally I would be only applying service packs on a per server basis so would go the manual route. applying individual hotfixes or patches is quite rare so I don't see how wsus helps with SQL patching. I can see how it assists with OS patching but I don't think SQL patching is the same ballgame.
---------------------------------------------------------------------
January 7, 2009 at 8:35 am
George,
We have like 100 sql servers and suppose we have to install the latest and greatest hotfix or sp on all of them after testing on the test servers..will WSUS help us in anyway.
This is just a question..i am trying to find out...
Thanks in Advance!
January 7, 2009 at 9:47 am
sorry, as I said , don't feel qualified to give a steer either way..............
You would want to check if wsus has advantages over an unattended install from the command line using scripts.
---------------------------------------------------------------------
January 7, 2009 at 11:23 am
Thanks For Your Suggestions.
January 8, 2009 at 9:56 am
If I understand you correctly, you'd like to push out the service pack to all of your servers using WSUS, but then apply it manually on each server. This would depend on what kind of update schedule your servers are on. When you push updates out via WSUS, they do just sit until it's time for them to be applied. For example, our production servers only get updated once a month, but our Windows admins usually push them out as they approved from dev/test. We were thinking about using this to push out SP3 rather than having to physically copy it to every server, but I was just told that it's not available for SP3 yet.
January 8, 2009 at 10:10 am
Jennifer Vanderschans (1/8/2009)
If I understand you correctly, you'd like to push out the service pack to all of your servers using WSUS, but then apply it manually on each server. This would depend on what kind of update schedule your servers are on. When you push updates out via WSUS, they do just sit until it's time for them to be applied. For example, our production servers only get updated once a month, but our Windows admins usually push them out as they approved from dev/test. We were thinking about using this to push out SP3 rather than having to physically copy it to every server, but I was just told that it's not available for SP3 yet.
so you would use wsus to push the SP out to the servers but not actually apply it? How is this an advantage over say keeping a single copy of the SP on a fileshare available on the network or is the SP then applied as part of the monthly updates?
---------------------------------------------------------------------
January 8, 2009 at 12:08 pm
We were going to test applying it as part of the monthly updates, but since SP 3 is not available in WSUS yet, we probably won't do it this way. As far as pushing it out instead of running it over a network share, we find that the run time is much faster if we run patches and sp's locally than over the network. Maybe it's just our network, but I don't want to start a fight with the network guys by asking.
January 8, 2009 at 12:27 pm
Can we not contol when we can apply in WSUS rather than automatically apply whenever it's available?
This way we can do it after the backups are completed and the users are off the system..
Thanks,
January 9, 2009 at 11:03 am
I wasn't referring to when you push it out with WSUS, but to when it gets applied to the system. Not being sure how your WSUS is configured, I can't tell you for sure if your systems will wait to apply the patches being pushed out. But in our case, every system that gets its updates from WSUS has it's own schedule as to when it applies the updates that it downloads from WSUS. The same as it would if you were downloading the updates directly from Microsoft instead.
January 9, 2009 at 11:33 am
Thanks For Your Patience and Insight on this.
July 6, 2012 at 9:28 am
Best way you use WSUS
Set WSUS Server to use Group Policy ( with this u r setting your WSUS for "Client side Targeting")
Create WSUS Computer Groups
Create OUs in AD
Create one GPO per OU and enable "Client side targeting", specify WSUS Computer group you created
and "Download updates and install"
Now when you approve particular update it will be automatically installed on client machine and rebooted.
so even you have "Download updates and install" option enabled via GPO ,patches will not be pushed until they are approved.
Avinash
Viewing 14 posts - 1 through 13 (of 13 total)
You must be logged in to reply to this topic. Login to reply