Page 1 of 1

Linux WSUS server

PostPosted: 21.11.2017, 18:55
by ojonathacardoso
Hi everyone!

I work in a public agency, where some computers use Windows. But our servers are Debian, and we don't have and there isn't any plan to buy and/or install a Windows Server.

But we have some problems with Windows Update. For example, the updates searching don't work in some computers, some updates that need administrator rights to install... And we want to use a local offline server.

I have used WSUS to install in some computers, but I would ask if is possible creating a Linux server to be used - maybe with WSUS - as update server for all our computers.

Thanks

Re: Linux WSUS server

PostPosted: 22.11.2017, 01:38
by Dalai
Hi, and welcome to the forum :).

Since you wrote that you're using Windows clients in conjunction with Debian servers I guess that at least one of them has some Samba shares. The easiest thing to do (IMO) is to place WSUS Offline on a separate share on (one of) the server(s). The downloading part of WSUS Offline can run natively on Linux thanks to hbuhrmester's scripts.

The installation could be launched via script, either directly from the Samba share or from a mapped network drive. Be aware that network drives are user-specific, or, in other words: the administrator doesn't see network drives connected by the user and vice versa. What I'm trying to say is that, if you want to use network drives, you need some kind of elevation of the script and mapping the network drive there, before running WSUS Offline's installation part.

At work we have a similar scenario in a domain without WSUS. WSUS Offline is located on a Windows system's share, users are not members of the administrators group, UAC is disabled on all systems. We do it like this: In the domain logon script we run a small program called RunAs Professional which launches a script as administrator. This script maps the network share to a drive letter and calls WSUS Offline's Update.cmd with the required parameters. Actually there's a little more to it like logging, starting/stopping services and stuff, but I boiled it down to the core parts.

I don't know of any software with all the features of WSUS that can run on Linux, you know, all the remote management stuff, overview of the Windows clients' patch level and so on. But that doesn't mean there isn't any out there. So far we didn't need any such fancy software because WSUS Offline gets the job done.

I hope this helps you :).

Regards
Dalai