Alright...I'll jump in here. It does not require admin rights to the local system. Everything works great here so long as they are W2K SP3 (and above) or XP SP1 (and above). I use two sets of scripts to get the reg/policy entries to the clients, one in the login script (KIX): ;********************************************* ;For Automatic Updates - Added by Dennis Parker ;********************************************* IF INSTR($Product, "Windows 2000 Pro") OR INSTR($Product, "Windows XP") IF SUBSTR(@WKSTA, 1, 3) <> "someexclusions" AND SUBSTR(@WKSTA, 1, 4) <> "someotherexclusions" IF @PRIV = "ADMIN" $SUSService = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" $ReturnValue = WRITEVALUE ( "$SUSService", "Start", "2", "REG_DWORD") $SUSKey = "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate" $ReturnValue = ADDKEY ("$SUSKey") $ReturnValue = WRITEVALUE ( "$SUSKey", "WUServer", "http://susserver.yourdomain.com";, "REG_SZ") $ReturnValue = WRITEVALUE ( "$SUSKey", "WUStatusServer", "http://susserver.yourdomain.com";, "REG_SZ") $SUSKey = "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" $ReturnValue = ADDKEY ("$SUSKey") $ReturnValue = WRITEVALUE ( "$SUSKey", "UseWUServer", "00000001", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "RescheduleWaitTime", "30", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "NoAutoRebootWithLoggedOnUsers", "1", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "NoAutoUpdate", "0", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "AUOptions", "4", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "ScheduledInstallDay", "6", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "ScheduledInstallTime", "07", "REG_DWORD") $ReturnValue = WRITEVALUE ( "$SUSKey", "UseWUServer", "1", "REG_DWORD") ELSE IF REDIRECTOUTPUT ("\\someserver\someshare\NOADMIN.LOG", 0) = 0 "" + @WKSTA ? ENDIF $discard = REDIRECTOUTPUT ("") ENDIF ENDIF ENDIF And for the people that don't have Admin rights to the local computer, I run a scheduled job that runs these two scripts: ---- susupd.cmd ---- if exist \\someserver\someshare\noadmin.log goto Run goto NoRun :Run for /F %%k in (\\someserver\someshare\noadmin.log) do call c:\sus3.cmd %%k del \\someserver\someshare\noadmin.log :NoRun ---- sus3.cmd (watch the wrapping) ---- reg add \\%1\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv /v Start /t REG_DWORD /d 2 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate /v WUServer /t REG_SZ /d http://fiservsus.eft.fiserv.net /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate /v WUStatusServer /t REG_SZ /d http://fiservsus.eft.fiserv.net /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer /t REG_DWORD /d 00000001 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v RescheduleWaitTime /t REG_DWORD /d 30 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v NoAutoRebootWithLoggedOnUsers /t REG_DWORD /d 1 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v NoAutoUpdate /t REG_DWORD /d 0 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v AUOptions /t REG_DWORD /d 4 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v ScheduledInstallDay /t REG_DWORD /d 6 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v ScheduledInstallTime /t REG_DWORD /d 07 /f reg add \\%1\HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer /t REG_DWORD /d 1 /f Dennis Parker, MCSE, CCA Senior Systems Analyst Fiserv EFT 4550 SW Macadam Ave, Ste 100 Portland, Or. 97239 Direct: 503-274-6785 Fax: 503-274-6619 This e-mail is confidential and may well be legally privileged. If you have received it in error, you are on notice of its status. Please notify us immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person. To do so could violate state and Federal privacy laws. Thank you for your cooperation. Please contact me if you need assistance. -----Original Message----- From: Andrew Rogers [mailto:Andrew.Rogers@xxxxxxxxxxxxxxxxxx] Sent: Friday, December 12, 2003 7:47 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Automatic Updates it does indeed - the problem with not having AD is pointing the clients to the server, as far as I can see.. thats next weeks mission :) Andrew --o-- >>> Angus.Macdonald@xxxxxxxxxxxxxxxxxxx 12/12/03 15:29:45 >>> I thought the client update service ran with local system privileges. -----Original Message----- From: dmauri@xxxxxx [mailto:dmauri@xxxxxx] Sent: 12 December 2003 15:25 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Automatic Updates But the users have to be local administrators? otherwise, How can install the patches if not? Rgds, "Andrew Rogers" <Andrew.Rogers@rennie-e Para: <thin@xxxxxxxxxxxxx> vans.co.uk> cc: Enviado por: Asunto: [THIN] Re: Automatic Updates thin-bounce@xxxxxxxxxxx rg 12/12/2003 16:18 Por favor, responda a thin I've just started using it a couple of days ago, with not a lot of success (things arent easy with windows when you dont have AD :( ). Plus it kind of takes over the IIS directory and makes it a bit of a mess (im very picky about stuff like that :) ) blasted things ignoring my proxy settings too, so its taking FOREVER to grab all the initial updates on the 64k line :( So far, im unimpressed..! Andrew --o-- >>> christine.easton@xxxxxxxxx 12/12/03 15:07:40 >>> With all this talk about MS SUS. How many people out there are actually using it successfully? What else is everyone using? Thanks Christine ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************* Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************* Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************* Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************* Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************* Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************* Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm