Obviously, it all starts with knowing what patches our systems need. Step 1: Figure Out Which Patches Are Needed Great, now let's dive a little deeper into each step and see how we can automate that step with Puppet. ![]() ▶️ Related: How Puppet Supports DevOps Workflows in the Windows Ecosystem Steps To Automate the Windows Patching Process With Puppet, we have more control over both enforcement and reporting Windows patches, and thus we can build a better solution on top of WSUS. You only notice that the pie chart in the WSUS console looks different than before. There is no evidence of which updates were installed or when reboots happened. You simply approve updates centrally on the WSUS server, and then wait (or hope) that systems will autonomously download the updates, install them at the correct times, and reboot afterwards. Compared to simply scanning against the public Windows Update site, WSUS controls the scans for products, languages, and categories of updates.īut when it comes to enforcing updates, WSUS is similar to Active Directory GPO in that it only provides a ‘spray gun' method to enforcement. Like most patch management solutions for Windows, the solution described below leverages WSUS to better control which updates are detected as necessary on systems. Why not just use Windows Server Update Services (WSUS) for patch management? Windows Server Update Services (WSUS) is a free software application provided by Microsoft Windows that releases software updates and patches for Windows systems. What Is Windows Server Update Services (WSUS)? ![]() I would rather see a real example of what you can do first and then modify that to fit my specific needs.Īs an example of automating the Windows patching process using tools from Puppet, I thought I'd share the automated patch management process for Windows that I've built for my own environment. ![]() Because if you're like me, you're probably not thrilled about the idea of a you-can-do-anything-you-set-your-mind-to blank canvas. ![]() This means it will probably be slightly different across different users and companies. Instead, Puppet helps you to orchestrate the patch management process in a way that works for your organization. Puppet does not prescribe one specific, absolute way that you should do patch management.
0 Comments
Leave a Reply. |