SW, I just don't get it
-
I feel like you guys are just talking past each other. WSUS itself is free but requires a Windows license. That's all that needed to be said at the beginning and I think none of that thread would have occurred.
-
@StrongBad said:
I feel like you guys are just talking past each other. WSUS itself is free but requires a Windows license. That's all that needed to be said at the beginning and I think none of that thread would have occurred.
That's what I said then I get chew out for everything for no reason...
-
@Bill-Kindle said:
@thecreativeone91 unnecessary escalation on your part. Sorry, but that's how I read it.
Uh, I didn't escalate anything, I posted that it needed a windows license, and then I get chew out.
-
@thecreativeone91 said:
@Bill-Kindle said:
@thecreativeone91 unnecessary escalation on your part. Sorry, but that's how I read it.
Uh, I didn't escalate anything, I posted that it needed a windows license, and then I get chew out.
I'm pretty much done with all these IT forums. It's just full of this crap. I'm going back to the Live Sound forums people are much nicer.
I think it's the tone you are taking, just like now. Why are you so confrontational? If you have a problem with moderation over there, here isn't really the place to discuss it. It's better to talk to a CM about it.
-
@Bill-Kindle
Nothing confrontational about what I just posted.
Of course the ones I posted on spice works were after the mods got confrontational with me.
-
@Bill-Kindle said:
@thecreativeone91 said:
@Bill-Kindle said:
@thecreativeone91 unnecessary escalation on your part. Sorry, but that's how I read it.
Uh, I didn't escalate anything, I posted that it needed a windows license, and then I get chew out.
I'm pretty much done with all these IT forums. It's just full of this crap. I'm going back to the Live Sound forums people are much nicer.
I think it's the tone you are taking, just like now. Why are you so confrontational? If you have a problem with moderation over there, here isn't really the place to discuss it. It's better to talk to a CM about it.
I've read it and I don't see him being confrontational. He stated the reasons for why he didn't pay for a license and why he felt it wouldn't apply here and everyone acted like he never said that and then it got weird.
-
One really important lesson that we've learned and hopefully taken to heart here is that open discussion only causes so many problems. But "official" moderation takes a relatively benign situation and escalates it to a very heated level. You have to have moderation and you have to have a kill switch and you have to delete somethings that PSX posts. But by and large you can just let the forums sort themselves out. People get into debates, people "talk past each other", etc. It happens. But if you let people have the discussion and work it out it mostly fixes itself. Unnecessary moderation makes situations dramatically worse. It's hard to maintain the right balance. We are lucky that we get to learn from much busier and older sites than us so that we get to garner their wisdom rather than making the mistakes first ourselves.
-
Handbags at dawn. Ignore it and move on before you both look even more silly.
Regarding WSUS. I don't find it the easiest system to install and manage. For SMBs with little in-house IT expertise it does seem like overkill. I'd like something simpler, but having nothing is perhaps too far the other way.
In terms of the listed advantages of WSUS:
Bandwidth: a decent proxy server will cache the downloads anyway, I believe, so this might not be an issue.
Reporting: a decent antivirus/security system will normally report on Windows updates and list any clients that haven't installed critical updates. And this is normally more user friendly that WSUS.
Testing: do people really test updates? How common is this. I'd never find the time. Updates are released weekly, so you'd be testing constantly. And there are loads and loads of updates. Plus, by having a testing strategy in place, you are delaying the roll-out of updates. For critical security updates, this is leaving your systems exposed to zero-day threats. Isn't the risk of having an unpatched system greater than the risk of an update breaking a system? There was an IE update recently that broke our ERP system and I was advised in advance by the ERP vendor not to install it so I configured WSUS accordingly. But this left me in a dilemma, the ERP vendor was effectively dictating that we run IE unpatched and this is not a good place to be. What should you do in this scenario? Or do you release all critical updates and just test non-critical ones?
So generally, I use WSUS and authorise all updates for client PCs without doing any testing. Nothing generally gets broken, and if it did there's normally a way of uninstalling the update or otherwise working around the problem. I'm more lax when it comes to servers. Too lax, and I need to step it up, it's a big weakness of mine.
-
Yeah, Windows Updates in general are basically never "tested" anymore for less than production servers. It does not make financial sense. The time it would take would be huge and not worth the investment on desktops that can be reimaged in an hour. A controlled deployment would potentially be worth it as even reimaging 100 desktops would be a time waster. But generally anything that is broken by a Windows Update is fairly minor when looking at the history of updates over the last few years.
For servers, it really comes down to available resources. None of my clients have the resources to allow me to setup a non production server and test something like this. Instead I simply make a snapshot. Install updates and reboot. Check the main LoB apps and if all good, delete the snapshot. If not, revert.
Now for the servers, I do usually wait until the first week of the month to run those updates. This lets me hear about anything bad just in case.
-
I know exactly what you mean. David just deleted two of my posts because I asked if the OP was drunk for wanting to tell off everyone in his office.
What is up with mods lately?
-
@CHaynes2013 said:
I know exactly what you mean. David just deleted two of my posts because I asked if the OP was drunk for wanting to tell off everyone in his office.
What is up with mods lately?
Why don't you ask them directly?
-
What thread was that?
-
@Carnival-Boy said:
Testing: do people really test updates? How common is this. I'd never find the time. Updates are released weekly, so you'd be testing constantly. And there are loads and loads of updates. Plus, by having a testing strategy in place, you are delaying the roll-out of updates. For critical security updates, this is leaving your systems exposed to zero-day threats. Isn't the risk of having an unpatched system greater than the risk of an update breaking a system? There was an IE update recently that broke our ERP system and I was advised in advance by the ERP vendor not to install it so I configured WSUS accordingly. But this left me in a dilemma, the ERP vendor was effectively dictating that we run IE unpatched and this is not a good place to be. What should you do in this scenario? Or do you release all critical updates and just test non-critical ones?
I think with 20+ PCs to manage, WSUS is a good solution for managing the updates. Testing is pretty easy too. As you probably are aware, you just setup a different Group Policy for those PCs you wish to test. Out of the 30 odd that I deal with, I've got about 4-5 that I let suck down and auto-install. I agree that most of the time there are no issues, but there have been, and as recently less than a year, that Microsoft released a hastily, untested patch that screwed people. While that happens infrequently, I don't wish to be the one having to deal with that. In addition, I also time my synchronizations a good 8 hours later than when MS does their patch Tuesday thing, so I can catch and deny one if need be even before it gets to the test PCs.
Honestly, I'd rather have a total solution to include app updates, but as we all know, not every company will pay for that software so we all make do.
-
@Bill-Kindle I did. He informed me that I was "attacking" the OP, and that I should only use humor if "it's a close friend or colleague, obviously it's a bit different than an internet stranger."
Basically, because I haven't met Frank in person, I should avoid making any jokes about his post. Even though the thread I asked if he was drunk got deleted because the OP was that ridiculous.
-
@scottalanmiller My post was deleted out of: http://community.spiceworks.com/topic/548723-closed-due-to-financial-reasons?page=1&source=navbar-community-notifications#entry-3598107
But the main "offending" comment was in a now deleted thread called "how to tell everyone there welcome"
-
@CHaynes2013 said:
@Bill-Kindle I did. He informed me that I was "attacking" the OP, and that I should only use humor if "it's a close friend or colleague, obviously it's a bit different than an internet stranger."
Basically, because I haven't met Frank in person, I should avoid making any jokes about his post. Even though the thread I asked if he was drunk got deleted because the OP was that ridiculous.
Frank is French-Canadian, and is often scatter brained. I've had a many of back and forth's with him as so have a few others. You have to know how to deal with his posts, which can take a while to get info out of, in order to help him with whatever it is that he's trying to do.
TL:DR?
Frank doesn't do English well. -
@Bill-Kindle I understand if his English isn't near perfect, but I was commenting on his demeanor of "everyone can go screw themselves, I'm out of here!"
I think it's a gross overgeneralization by mods to just go around deleting posts. But then again, I probably shouldn't be bitching about mods, it's not exactly productive.
-
As a mod I will say it is hard to be a community mod, we are still small here but we still watch everything and try to stay out of the way. I hope you have noticed around here we don't really moderate much other than bad language. Even @PSX_Defector only gets words [moderated] out, his whole post stays, and for anyone that knows him or his reputation, you know what should have been there.
Moderation is not about being PC but it sounds like that is what it has turned into. I do want to point out we don't want to become the "over there" bashing society here though.
-
@CHaynes2013 said:
@Bill-Kindle I understand if his English isn't near perfect, but I was commenting on his demeanor of "everyone can go screw themselves, I'm out of here!"
I think it's a gross overgeneralization by mods to just go around deleting posts. But then again, I probably shouldn't be bitching about mods, it's not exactly productive.
If you have problems with moderation over there, reach out the the moderator or CM over there.
-
@DenisKelley said:
As you probably are aware, you just setup a different Group Policy for those PCs you wish to test.
No I'm not, can you explain? What I have done is setup different groups within WSUS - one for Accounts dept, one for Sales dept and one for everyone else. That way I can approve for Accounts dept first, and then assuming that goes well, I can approve for Sales dept and then everyone else. So I'm staggering the installations, so that if there is a problem, I only have to deal with a handful of PCs rather than every PC.
One thing I'm not sure about with this process is how I should approve updates for other departments once I've approved for Accounts dept. How do I view which updates have been approved only for Accounts, so that I can then select them and approve for other users?
You can probably tell I'm a newbie when it comes to WSUS.