Post Your Server!!! - Page 160

I'm constantly logged into my servers. But then I tend to use my laptop as a thin client these days and write my software on the servers (better for back ups and also means I can access all my project files from anywhere in the world anytime I want them).

with the amount of VMs you have, you must still end up logging in regularly if just to run Windows updates.

normally i just browse for some insights and pics but this caught my eye. And sir im sorry to disapoint but i do infact pay for all of my music and movies now. im clearly in the middle class as im a student living at home with a part time job and i can afford it... just saying

They like to think that everyone does it, so that makes it ok to do it, themselves.

Windows Updates can be automated and pushed in bulk to multiple hosts (such that they don't require any user intervention).

http://en.wikipedia.org/wiki/Windows_Server_Update_Services
http://en.wikipedia.org/wiki/Windows_Deployment_Services

Yes, I'm aware of that. But it's very bad practice to automate updates. Particularly on Windows where it often causes downtime (reboots). But even that aside, updates do sometimes cause issues or require some level of manual intervention; that last part is particularly true for Linux. In fact I don't even trust automated updates on Linux and many distros have a much more streamlined update process than Windows does.

But that's just my experience from managing mission critical systems. I guess it's less of an issue on home servers.
Edited by Plan9 - 5/21/13 at 9:54am

Automatic updates on certain Linux distros on certain programs tends to break compatibility sometimes.

You trying to take a stab at Microsoft's update cycle? I actually use Microsoft System Center 2012 Configuration Manager to manage all updates in my environment, as well as antimalware definitions with Microsoft System Center Endpoint Protection. Updates are installed nightly, and my boxes do an automated rolling reboot on a weekly schedule, if needed. All automated and hands off.

I do have a Server 2012 VDI instance built out now, with a Windows 7 and Windows 8 image. I seem to log into those from my laptop more than I use my actual OS on my laptop. Just easier, and everything is stored safely on my storage box. I also have RD Gateway configured, so I can RDP into any box on my network over HTTPS. On top of that, I also have OpenVPN connectivity on my EdgeRouter Lite, if I need to use VPN.

While WSUS is the underlying technology used for automating updates, SCCM makes it even better. WDS on the other hand; that has nothing to do with updates, but is for OSD (via PXE or bootable media). WDS is something else SCCM utilizes to make it work even better.

Automatic updates isn't necessarily a bad practice. Not updating at all is a worse practice, of course. I work extensively with SCCM as a consulting, so this is a topic I assist a lot of enterprise companies with. Typically, updates are automatically deployed to a pilot group on a schedule, and a production deployment is also set on a schedule. If something breaks in the pilot during the testing period, that update is removed from the production deployment before it goes out, or the production deployment is put on hold. You can configure GPOs to prevent automatic reboots. Regardless, this applies 99% only to workstations and not servers. While SCCM is often utilized to patch Windows servers in a production setting, it is not an automatic thing.

No, I'm saying you have a lot of VMs and thus a lot of systems that need to be kept up to date. The same comment would apply if you were running Linux, Solaris, FreeBSD or whatever.
Well durr. We could be here all night if we're just going to list off things that are worse than automatic updates. However just because you're comparing automatic updates to worse things (which i clearly wasn't advocating) , it doesn't make it good practice.
That's good. Sounds like a pretty neat solution in fact
Edited by Plan9 - 5/21/13 at 12:32pm