![]() All of our point of contacts understand why we don't allow admin rights, however, this leaves many end users frustrated. Back up.įirst step: What's the company's policy on administrative rights? If there isn't one, they need to put one in place. My team and I have been struggling to overcome a major hurdle: Letting end users that we support have admin rights on their machines. The best part is all of it is using free solutions. Now I can push those annoying (but important) Adobe Reader security exploit patches out the day Adobe releases the fix. This minimizes the interruption to the end user. ![]() I typically rebuild each OS from scratch every 12-18 months, and do a comprehensive software upgrade every 6 months. While not 100% hands free, I was able to patch 70 PC's by myself in an evening with 3-6 upgrades per machine, all by running the one task. I also created a single custom task in MDT that has logic to uninstall/upgrade applications based on if it the old application exists on the end workstation. It has made my life way easier, and reduced my time involved to just a few hours per month. The computers install them along with any Microsoft patches. Works like a charm-now I can push Adobe and Autodesk updates, which are our 2 most used application vendors. Plus: I just started using WSUS Package Publisher with our WSUS server to push 3rd party application patches out. On local computer > open GPO> run> gpedit.mscĬomputer Configuration -> Administrative Templates -> Windows Component -> Windows Update Enable "Allow non administrative to receive update notifications" ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |