We had a fanatastic session on patch managment at ITPRO delhi and in fact it turned out to be Remote infrastructure managment Session. Not just the scope of the Session was covered but the discussions lengthened beyond the scope.
Following topics and Tools where covered in theory as well as hands on
MBSA- microsoft baseline security Analyser
SUS - Software Update Service
Windows update Catalogue
and last but not least SMS
Usage of Active directory w.r.t GP and then using SUS for downloading the Patches amd doing their manamgent across the Desktops in LAN/WAN environment is a techinique very handy.
Note Make sure we dont select all languages when checking for patch updates
(I made this wonderful mistake and consumed lot of time)
SMS was awesome..somthing I wrote and leart last summer with other tools in this arena..making Advertisements,Packages , collections and what not...doing inventory managment without any trouble is a noteowrthy point
How much has gone into these SMS pratcices needs to be understood when I came across the a new feature Setting SMS sites in hirarchical order and make communication possible by saving much of the band width ..
What best can we have in security with Security Modes,Accounts,groups and Object level Securty in SMS ..
we can have the mixed mode of usage where SMS 2.0 along side SMS2003 with SP4.
We can have multilingualgal SMS sites in the same herarchy
As vineeet pointed out We cant straight jump any organisatiuob to the SMS 2003
but the IT maturity needs to be seen first whether the OU has set such standard that it can use SMS to the best..For example if the OU doesn't use AD features very well or the size of OU is too small it would be of no use to start using SMS2003
After this session I feel today I can manage a Network of 1000s of Desktops from my Home.. :):):):):)