WSUS server for offline network - offline

First post on this forum,
I work on an offline network with a lot of computers on an active directory. I would like to automatically update Windows on all of them. I found WSUS offline but it only works on a single computer. I also found WSUS Server but from what I understood, it needs to be connected to another WSUS machine with Internet (which is not possible for me).
What I wish to do is a mix between them: being able to download updates on a computer, transfer them manually to a WSUS Server, and change the windows update source through GPO to my WSUS Server.
I've found other software like batchpatch or autopatcher but none of them could do that.
Does anyone know if it is possible ?

Yes, you can configure a WSUS server to operate offline, check the MS documentation regarding this:
https://learn.microsoft.com/de-de/security-updates/windowsupdateservices/18127442
Hope this help

Related

How exactly does the WiX 'Service Install' work internally?

I have a problem with a web service that is installed and started with a .msi that is created with the WiX toolset.
The service can be installed and started on all the machines I tested so far (shown as running in the Services Manager) but on some machines it is not reachable (for example via a browser) and not shown in the list of listening ports on that machine (displayed with 'netstat -a').
I am trying to figure out what's going wrong but I am not really familiar with web service development and configuration. It's a third party service, thus I don't know how it works internally.
A good starting point for me would be to find out, what exactly happens when a service is installed and started during the execution of the .msi-file.
Maybe I could try to tackle the problem on a lower level then.
Below is my code in the ServiceInstall-Element:
<ServiceInstall
Id="ServiceID"
Type="ownProcess"
Vital="yes"
Name="ServiceName"
DisplayName="ServiceDisplayName"
Description="Lorem Ipsum"
Start="auto"
Account="LocalSystem"
ErrorControl="normal"
Interactive="no"
Arguments="action=run">
</ServiceInstall>
The argument is important - without it, the service won't start or run.
Maybe someone else encounterd the same or a similar problem and can help me out.
Thanks already in advance - each hint is appreciated.
EDIT I (15.04.18):
As it might be a problem with the specific service, I will add some further information here:
It's a third party software called CryptoLicensing:
http://www.ssware.com/cryptolicensing/cryptolicensing_net.htm
Part of this software is that specific program, that serves as a License Server and does the license registration, for example in a customer's network.
The service can be run as a Windows application or installed and run as a Windows service. In both cases it should be listening on a (pre-)specified port on the installed machine.
Whenever I start the .exe as an application, everything works as intended. The service is reachable (for example with the browser) and can be accessed from other machines in the network.
When the .exe is installed and started as a service, it does not work as intended on every machine. For example if I install and start the service on my laptop, it is shown as running in the Services Manager, but is not reachable on its assigned URL (not even on the localhost) nor is the specific port displayed in the active listening ports, for example with 'netstat -a'.
The service itself starts without any error messages and does not log any errors or exceptions as it seems to be running without any problems.
I contacted the vendor, but sometimes he doesn't reply quickly and he is not very specific in his replies.
Before asking the question I assumed that it was a problem with the Windows user rights and the WiX installer but during the discussion here I had the feeling that it might a problem with the service itself.
I hope this 'new' piece of information helps in isolating and location the problem.
Thanks to everyone who helped so far!
Hopefully not stating the obvious here, but WiX doesn't do much except populate the ServiceInstall table in the MSI file, so this is about why Windows Installer won't start the service. ServiceInstall table:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa371637(v=vs.85).aspx
Also, this isn't really about ServiceInstall - it's probably about the ServiceControl element in your WiX source, but it's not clear whether that's how you're starting it or if you're starting it manually later on. That does make a difference. What is the error message and where are you getting it, and is it a 1920 or 1921 error (in the context of ServiceControl).
The main reason a service will start on one system but not another is missing dependencies. If your service is C++ based (the post doesn't say) then there are probably dependencies on C runtimes, UCRT runtimes, MFC or ATL runtimes and so on.
First: are you sure this service is intended to run as LocalSystem? (MSDN, SO).
Second: did you check the event logs in detail for anything obvious? If the service is good you should find a hint at least. Something to start with. I find that I sometimes miss the actual logs in the event viewer because it is so "crowded". My take on it: empty the log and stop and restart the service.
Something locking / blocking: If the service installs and runs OK I would suspect other factors such as firewalls (hardware & software), security software in general (anti-virus, malware scanners), network configuration issues (proxies, WINS, DNS and all the complexities involved in networking). Is the service trying to reach an UNC path?
Diverse Machines: What are the target machines? Are they virtual, are they physical, are they test machines, are they operative SOE machines in corporate networks? Are they the same OS version and edition?
Further Ideas: It is not quite related, but maybe skim this list of suggestions for debugging from another answer (I am not sure why it was down-voted, I think it is an OK list to inspire debugging ideas): Windows Application Startup Error Exception code: 0xe0434352 (maybe just skim the bolded words for ideas - Recommended).
sc.exe: And finally, perhaps check the sc.exe tool (Service Control) and see if it can provide you with some useful information for debugging.
sc.exe in the context of killing hung services (sample use).
sc.exe from MSDN
Some further links:
Windows Services Frequently Asked Questions (FAQ). Content seems to be up to date - at face value at least. These guys claim to be experts on services. I have no idea who they are.
Essential Tools for Windows Services: SC.EXE
Run Service Control (sc.exe) command on secure port
After almost 20 months we finally (and accidentally) found a solution to the problem! For the few machines, on which the service did not run properly, setting the NoInteractiveServices value in the registry to 0 did the trick. A value of 1 (which is default) means that no service is allowed to run interactively, regardless of whether it has the SERVICE_INTERACTIVE_PROCESS property. More information on Interactive Services.
I am not completely satisfied with the solution, because on all the other machines NoInteractiveServices is set to 1 AND the service runs properly anyway. However, on the machines where the service did not run interactively this solution worked for us. Thus I will accept this as an answer.
If anyone has more information on this issue and can explain why this works, feel free to
add them - I would be very interested!

Xenserver - Access guest VM directly from host

I've got a decent PC that I'd like to install xenserver on, but it's also my primary workstation. Wondering if it's possible to access guests directly from the host machine -- meaning, can I use the monitor, input devices, etc that are attached to the host, to interact with the guests.
Currently setup as a dual boot Linux and Windows machine. I need them both running simultaneously while still being able to treat the host like a workstation. Already using Virtualbox, which is great but not what I'm aiming for.
I've searched high and low for an answer to this question. Maybe I wasn't searching with the right terms. I've found a package in the Ubuntu repos that adds an entry in grub along the lines of 'Ubuntu with Xen Hypervisor', but that was on a test machine that couldn't actually run Xen.
Normally, I'd just wipe this puppy and find out for myself, but there are really good reasons why I can't just jump into it this time, so I'm turning to the community.
Thanks for any and all info!
You can use a simple text console on the host to interact with the guests
xe console vm=guest
but I don't know of a way to access a graphical interface from the host.

WMI error. RPC Server not available

I know this is similar to a lot of questions on here, but I feel it's worth a new question since I have yet to discover a question that fully encompasses my problem. I've been struggling with this for a couple weeks, read pretty much every answer to every question about it on here, as well as countless blogs, articles and other Q&A forums. So, here goes:
I created a service to monitor several things on our network and update a database with the information. Moved it to a server and went threw a lot of frustration with getting the WMI and DCOM settings right so that it would work.
I recently had my computer crash on me and so I lost my code and had to recreate the service from scratch/memory. It runs perfectly fine on my laptop. I moved it to a server(different than the one that is running the old version of the service). It runs there, but it is unable to reach the PCs I am monitoring. I try running the command line WMI query and can't connect there either. Getting the 'RPC Server is unavailable' error.
I've tried changing settings as per all of the articles/answers I've been able to find and cannot get it to connect.
A few relevant things:
All the RPC/WMI related services are running on both server and
monitored PCs.
The firewall is disabled on both server and monitored PCs.
I know the user and password are correct and have admin rights
on monitored PCs.
Server in question is (I believe, will confirm with someone later)
Windows Server 2008 R2 on a virtual server, if that makes a
difference.
Able to ping PCs and run tracert from server.
Here's where it doesn't make sense to me. I am able to run the wmic command from my laptop to the monitored PC. And from my laptop to the server. Wmic works locally on the server, but whenever I try to make a remote call, it fails with the RPC error.
I don't know much about networking, and we are a small company so we don't really have a Network Admin or anything. So, any and all advice would be appreciated.

Installing Wamp on a Network Drive

Ok, I have a quick question to ask all the veteran Wamp users on this board.
At work, we are currently working on a web application. We are trying to use Wamp to design everything, but we have a problem. All the computers right now have wamp installed to the default location (C:/wamp).
Our problem is, we all want to have access to the same MySQL database so we can edit it at the same time. Right now, only one person can edit it at a time to prevent losing the work of someone else.
When done, we just dump the mySQL folder onto a network drive so whoever wants to edit it next can take it and use it.
This isn't very time efficient, so we're wondering if its possible to install Wamp directly to a network drive in some way. We tried doing it just now but we can't get Wamp to start services.
So any type of advice will be helpful
i think these two thing would help you :
1: install wamp in only one system then in apache configuration file listen to his lan ip in order to others can access it in this way you have just one database server
2: as you've installed wamp to all systems choose one system's database as main and in mysql configuration define a new server wich server's ip is that system's lan ip
then users instead of using localhost for connecting to mysql will use that ip

How to detect internet disconnectivity in c++/QT based installer

We are developing win-mac file sync installer which is quite similar to Dropbox. The installer is built with c++ and QT. We had a use case, where if the internet is disconnected(plugged out network cable (or) not connected to any wifi) so basically no access to web, During this case we need to make the installer into offline.
I tried few approaches like polling continuously to our web servers. If we are not able to reach then we detect as internet dis-connectivity. Due to some reasons we wanted to have clean native implementation which will look for machines network connectivity.
I even tried http://msdn.microsoft.com/en-us/library/aa965303%28VS.85%29.aspx for windows but this is failing in wifi cases even though we don't connect to wifi this example is saying "Network connected".
Can anyone suggest other alternatives. Platform specific solutions also invited.
You probably want to look at INetworkManager::GetConnectivity, and check for NLM_CONNECTIVITY_IPV4_INTERNET or NLM_CONNECTIVITY_IPV6_INTERNET in the response.