WSUS itself does not cost anything -- just the license and time for

setting up a Win2k3 server.

I hope to find out which give more comprehensive updates and is easier

or more efficient to use.

VUM seems to give only security updates but it is much easier than WSUS,

whereas WSUS will also do services packs and the like, for example, but

it is not as easy to use and takes more time than VUM.

Thank you, Tom

VUM seems to give only security updates but it is much easier than WSUS, whereas WSUS will also do services packs and the like, for example, but it is not as easy to use and takes more time than VUM.

You need to pick up a book on Windows 2003 Administration. WSUS isn't that hard, in fact it's easier than VM updates. Everything is done via OU or group policy. WSUS might be harder to setup, but once it's setup properly, you can drop machines into groups, and WSUS can automatically authorize critical updates, and ignore non-criticals, and those machines get patched, with no intervention. Remediation is done in order, WSUS is a parallel update, you can do your entire organization in minutes, whereas VM updates takes longer.

Maybe SP1 makes WSUS a little easier to work with, I hope!!!

I'll wait for more replies to come in today while this thread still has

some freshness, but it looks like WSUS for the Windows updates and VUM

for VMware itself.

I started this thread because I thought it might help not just me but

also other people.

The parallel aspect of WSUS is not something that's immediately obvious,

and it seems helpful.

When I tried WSUS before I had a policy for it to look at the WSUS

server and know what to do, I must look up how to ensure that not all

updates occur all at the same time because some servers depend on other

servers.

Thank you, Tom

When I tried WSUS before I had a policy for it to look at the WSUS server and know what to do, I must look up how to ensure that not all updates occur all at the same time because some servers depend on other servers

Well Microsoft took this into account. WSUS has a built in default of 10 minutes offset. So when updates are triggered, the client randomly select some seconds between 10 and 600 seconds, so they don't ALL start precisely at the same time. Also updates are done via OU, so you should have OU for Domain Controllers, domain machines, Servers, etc.. So that when you do the updates for these different OU they ALL don't get hit, that's why you target at the OU level, because if you do update and it causes that server to go offline it won't take down ALL your production servers at once..

WSUS 3.1 is the latest version, and it's much better than before.

Interesting comment about Windows Server 2008.

Can Windows Server 2008 servers exist in a Windows 2003 domain??

Is it necessary to add more TS CALs etc. specifically for the Win2k8

server(s)??

Thank you, Tom

Can Windows Server 2008 servers exist in a Windows 2003 domain??

Of course! Why not? It depends on your AD forrest / Domain level. You can set it to Windows 2000 or Windows 2003.

Windows 2008 can certainly be a member server on the domain in either of those. It's only the AD components, and it's between the DC not the member servers that makes the difference.