Home > Articles > Operating Systems, Server > Microsoft Servers

  • Print
  • + Share This
This chapter is from the book

Patching and Updating Domain Controllers

Before continuing to configure any further services in the root domain, the root domain controllers should be patched and updated from the makeshift Windows Update Server (WUS). By installing WUS (or its predecessor Software Update Services [SUS])on the isolated network, all servers in the isolated network can pull down updates and patches to bring them to the latest patch level and to ensure that critical software updates, especially security updates, are applied.

The process of ensuring all root domain servers are regularly updated while being staged on the isolated network is as follows:

  1. Create a new group policy object at the domain level (root and child domains).

  2. Call the policy SoftwareUpdatePolicy.

This GPO is created so the policy can persist after security templates and group policy are imported into the default domain policy later in the installation process.

After the policy is configured, all Windows 2003 Server, Windows 2000 Server SP3 and later, and all Windows XP clients are serviced by the SUS server.

WUS is beyond the scope of this book, but it is critical in the maintenance of a high availabilty network. Microsoft publishes excellent white papers on update services. They can be accessed on the Microsoft Web site (simply search for SUS or WUS).

  • + Share This
  • 🔖 Save To Your Account