If you have the permissions and payed the bills.
Okay, honestly I hate Windows. Partly this is based on my daily routine, working with it and maintaining a few hundred of these damn things.
If you have to do everything by hand, and on every single system you will go mad.
Fortunately there are some tools out there making your life a little easier
First: WSUS, or Windows Server Update Service
This tool-set works as a distribution-point for updates supplied by Microsoft.
You can update a lot of their stuff, but nothing else.
Second: System Center Suite (SCCM, SCOM, SCVMM, DPM & SCSM)
These are System Center Configuration Manager, basically the same as WSUS, but with more options and support for third party stuff.
System Center Operation Manager, for managing permissions and monitoring systems and stuff.
System Center Virtual Machine Manager, for managing your Hyper-V systems, no support for VMWare, or more precisely no working support.
Data Protection Manager, for managing file-servers, local-shares, cloud-storage and backups.
And finally System Center Service Manager, which sounds great, but I am not sure what it actually does.
With these you have the opportunity to do a little bit of management (WSUS) or pay a huge bunch of money to manage every fart of someone, but with about 1 million years of learning how to do so.
So I am stuck with this huge truckload of software, and I don't really want to use it, as it's far to complex for keeping all your software up to date. But I have to go all-in, or stick to WSUS and keep updating all the other programs by hand.
When I want to update the Unix systems I have to work with, this whole procedure gets a lot easier.
The steps are basically:
- ssh to the monitoring system
- start a .sh script
- drink coffee
- query DB for unix-hosts
- ssh to the host and execute local update
- go to 1 until there are no systems left
- send e-mail with summary
Or actually the updates are nearly always a success, at least more often than with Windows.