1 / 39

MAINTAINING THE OPERATING SYSTEM

Chapter 5. MAINTAINING THE OPERATING SYSTEM. CHAPTER OVERVIEW. Understand the difference between service packs and hot-fixes and the process of applying both using Windows Update, Automatic Updates, and group policies. Use Microsoft Baseline Security Analyzer.

benito
Télécharger la présentation

MAINTAINING THE OPERATING SYSTEM

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 5 MAINTAINING THE OPERATING SYSTEM

  2. Chapter 5: MAINTAINING THE OPERATING SYSTEM CHAPTER OVERVIEW • Understand the difference between service packs and hot-fixes and the process of applying both using Windows Update, Automatic Updates, and group policies. • Use Microsoft Baseline Security Analyzer. • Install and configure a Microsoft Software Update Services server. • Understand Per Server and Per Device or Per User licensing. • Configure licenses using the Choose Licensing Mode tool in Control Panel and using the Licensing tool.

  3. Chapter 5: MAINTAINING THE OPERATING SYSTEM WINDOWS OPERATING SYSTEM UPDATES • Update • A minor revision to a software product, usually intended to address specific performance issues rather than add new features • Upgrade • A major revision to a product that might include new features as well as all of the existing patches for the previous version of the product

  4. Chapter 5: MAINTAINING THE OPERATING SYSTEM SERVICE PACK • A collection of patches and other updates that are tested and packaged as a single unit. • Service packs are cumulative: SP3 contains all updates from SP1 and SP2. • Service pack releases are not on a schedule.

  5. Chapter 5: MAINTAINING THE OPERATING SYSTEM SERVICE PACK RELEASES • CD-ROM • Entire service pack on CD • Cost • Express download • Analyzes system and downloads only required components • Requires Internet connection • Network download • Entire service pack in a single .exe file • For network administrator

  6. Chapter 5: MAINTAINING THE OPERATING SYSTEM HOTFIXES • Designed to address a specific issue • Downloadable as a single executable • Normally directly associated with a KnowledgeBase article

  7. Chapter 5: MAINTAINING THE OPERATING SYSTEM WHEN SHOULD YOU UPDATE?

  8. Chapter 5: MAINTAINING THE OPERATING SYSTEM WHEN SHOULD YOU UPDATE? • Remain aware of new update releases • Determine which computers need to be updated • Test update releases on multiple system configurations • Deploy update releases on large fleets • Test and apply security patches

  9. Chapter 5: MAINTAINING THE OPERATING SYSTEM UNINSTALLING SERVICE PACKS • Requires considerable disk space • Service packs can be uninstalled through Add/Remove Programs in Control Panel • Should be done only if the service pack installation is causing new issues • Stored in folder $ntservicepackuninstall$

  10. Chapter 5: MAINTAINING THE OPERATING SYSTEM USING MICROSOFT BASELINE SECURITY ANALYZER

  11. Chapter 5: MAINTAINING THE OPERATING SYSTEM USING WINDOWS UPDATE

  12. Chapter 5: MAINTAINING THE OPERATING SYSTEM USING AUTOMATIC UPDATES • Available in Windows Server 2003, Windows XP (Service Pack 1), Windows 2000 (Service Pack 3). • Default is to automatically download updates and prompt the user to install them. • Configured via the Automatic Updates tab in System Properties. In Windows 2000, it is configured via the Automatic Updates control panel.

  13. Chapter 5: MAINTAINING THE OPERATING SYSTEM INSTALLING SERVICE PACKS MANUALLY

  14. Chapter 5: MAINTAINING THE OPERATING SYSTEM INSTALLING HOTFIXES MANUALLY • Hotfix filenames are formatted as: • OperatingSystem-KnowledgeBase#-Platform-Language.exe • Example: • WindowsServer2003-KB823980-x86-ENU.exe • Backup folder $NtUninstallKB823980$

  15. Chapter 5: MAINTAINING THE OPERATING SYSTEM CHAINING HOTFIXES • Use Qchain.exe to install multiple hotfixes at a single time. • All hot-fix includes Qchain.exe • Use /Z switch to prevent restarts. • Qchain.exe ensures that the system uses the correct version of that file when the installation is complete. • Can also use Update.exe /Z /U batch option • Update.exe /Z /U • WIndowsServer2003-KB123456-x86-ENU /Z /U • WIndowsServer2003-KB124686-x86-ENU /U

  16. Chapter 5: MAINTAINING THE OPERATING SYSTEM SLIPSTREAMING • Slipstreaming a service pack • Slipstreaming hotfixes • Example: • Update.exe /s:DistributionFolder • W2K3SP1.exe /s:DistributionFolder

  17. Chapter 5: MAINTAINING THE OPERATING SYSTEM USING GROUP POLICIES

  18. Chapter 5: MAINTAINING THE OPERATING SYSTEM USING MICROSOFT SOFTWARE UPDATE SERVICES • Allows software updates to be downloaded once for the entire organization • Provides administrative control over what updates are applied to clients • Does not update clients • Reduces Internet usage • Not on installation CD – must be download • http://www.microsoft.com /windowsserversystems /sus /default.mspx.

  19. Chapter 5: MAINTAINING THE OPERATING SYSTEM DEPLOYING SUS • SUS components • Synchronize server • Intranet Windows update server • Install a SUS server • Synchronize SUS server with Windows updates • Approve updates • Configure automatic updates clients

  20. Chapter 5: MAINTAINING THE OPERATING SYSTEM INSTALLING SUS

  21. Chapter 5: MAINTAINING THE OPERATING SYSTEM SYNCHRONIZING SUS

  22. Chapter 5: MAINTAINING THE OPERATING SYSTEM APPROVING UPDATES

  23. Chapter 5: MAINTAINING THE OPERATING SYSTEM CONFIGURING AUTOMATIC UPDATES

  24. Chapter 5: MAINTAINING THE OPERATING SYSTEM SUS Configuration • SUS files • Patch files • Metafile specifying platform and language • Language settings for locally stored files • Update approval settings • Automatic update • Wait for approval

  25. Chapter 5: MAINTAINING THE OPERATING SYSTEM Configuring SUS Automatic Updates • Automatic update options • Notify For Download and Notify For Install • Auto Download and Notify For Install • Auto Download and Schedule The Install • Specify where clients obtain updates • Automatic update scheduling • Time 1 to 60 minutes • Next schedule if client is offline • No Auto-Restart for scheduled automatic updates

  26. Chapter 5: MAINTAINING THE OPERATING SYSTEM BUILDING SUS TOPOLOGY • Multiple-server topology • Each SUS server synchronize with WUS • Strict parent/child topology • SUS servers synchronize with bridge head • Loose parent/child topology • Mix the above

  27. Chapter 5: MAINTAINING THE OPERATING SYSTEM SUS MONITORING • On the server, SUS monitoring information can be viewed through: • Monitor Server page • Synchronization Log • Approval Log • IIS statistic file “wutrack.bin” • On the client, SUS-related information can be viewed through: • Windows Update Log

  28. Chapter 5: MAINTAINING THE OPERATING SYSTEM SUS SYSTEM EVENTS • SUS-generated events are written to System log of Event Viewer: • Each time a synchronization is performed • Unable to connect • Install ready – no recurring schedule • Install ready – recurring schedule • Installation success • Installation failure • Restart required – no recurring schedule • Restart required – recurring schedule • When updates are approved

  29. Chapter 5: MAINTAINING THE OPERATING SYSTEM TROUBLESHOOTING SUS • Reloading the memory cache • No new update • Restarting the synchronization service • Possible restart due to problem • Restarting IIS

  30. Chapter 5: MAINTAINING THE OPERATING SYSTEM ADMINISTERING SOFTWARE LICENSES • The End-User License Agreement (EULA) is a binding contract that gives you the legal right to use a piece of software. • In an enterprise environment, managing software licenses is critically important.

  31. Chapter 5: MAINTAINING THE OPERATING SYSTEM OBTAINING A CLIENT ACCESS LICENSE • A Client Access License (CAL) is required for each user or device that will connect to the server. • CALs are normally obtained in bundles (5, 10, 25, 50, 100). • CALs are not a physical object, but an entitlement to connect to a Windows network.

  32. Chapter 5: MAINTAINING THE OPERATING SYSTEM PER SERVER LICENSING • Each server permits a certain number of concurrent connections. • Once the limit is reached, connections are refused. • Usually only practical in environments with a single server.

  33. Chapter 5: MAINTAINING THE OPERATING SYSTEM PER DEVICE OR PER USER LICENSING • Each user or device requires a license. • Licensed users or devices can connect to any number of servers. • Common in environments with multiple servers.

  34. Chapter 5: MAINTAINING THE OPERATING SYSTEM LICENSING TOOLS • Licensing in Control Panel • Manages licensing for a single computer running Windows Server 2003 • Licensing in Administrative Tools • Centralized control of licensing and license replication in a site-based model

  35. Chapter 5: MAINTAINING THE OPERATING SYSTEM ADMINISTERING SITE LICENSING • License Logging service assigns and tracks licenses. • Licensing information is replicated to a centralized licensing database. • Use the Licensing tool in the Administrative Tools program group to view and manage licensing for an entire site.

  36. Chapter 5: MAINTAINING THE OPERATING SYSTEM THE SITE LICENSE SERVER

  37. Chapter 5: MAINTAINING THE OPERATING SYSTEM ADMINISTERING SITE LICENSES

  38. Chapter 5: MAINTAINING THE OPERATING SYSTEM LICENSE GROUPS • A license group is a collection of users who share one or more CALs. • License groups are created when: • A single user uses more than one device, such as a computer. • More than one user uses a single device, such as a computer.

  39. Chapter 5: MAINTAINING THE OPERATING SYSTEM SUMMARY • A service pack is a collection of updates that have been tested together and approved for installation on all computers. • A hotfix is a patch that addresses a single issue. Hotfixes are intended only for computers that perform certain tasks or are experiencing a particular problem. • Microsoft Software Update Services enables you to centralize and manage the approval and distribution of Windows critical updates and Windows security rollups. • Tracking and managing licenses and compliance is an important part of an administrator’s job.

More Related