My users don't like personal visits, Microsoft!
July 14, 2010 10:35 AM Subscribe
Microsoft is going to do BAD THINGS to my users' desktops when I release this month's patches. I could use some input from the hive mind on how to proceed.
So, this patch released on Tuesday was sent out to our test group via WSUS. After installing, all shortcuts pointing to Access databases had their icons reverted to the default Access icon. We have several databases that are coded with specific icons on everyone's desktop and this is likely to cause a good deal of confusion. Also, most everyone has customized shortcuts for username/password on their desktops so I can't just push out new ones after the patch drops. I'm looking at the following options:
Let the patch drop and have everyone suck it up until I can go around to each of their 40 machines and fix their icons (and they will want them fixed).
Don't release the patch, even though it is a critical update.
If anyone knows anything about this issue or can think of some sort of way to make this easier to deal with, it would be much appreciated. Any solution that involves asking the users to take some sort of action will by default involve me personally taking those actions for at least half of them, so automated solutions are preferred. We're a Server 2003/XP/Active Directory environment.
(And if the only solution is to suck it up and visit each computer, I have done so before and will do so again.)
So, this patch released on Tuesday was sent out to our test group via WSUS. After installing, all shortcuts pointing to Access databases had their icons reverted to the default Access icon. We have several databases that are coded with specific icons on everyone's desktop and this is likely to cause a good deal of confusion. Also, most everyone has customized shortcuts for username/password on their desktops so I can't just push out new ones after the patch drops. I'm looking at the following options:
If anyone knows anything about this issue or can think of some sort of way to make this easier to deal with, it would be much appreciated. Any solution that involves asking the users to take some sort of action will by default involve me personally taking those actions for at least half of them, so automated solutions are preferred. We're a Server 2003/XP/Active Directory environment.
(And if the only solution is to suck it up and visit each computer, I have done so before and will do so again.)
Best answer: Can you save the desktop to a network location before the patch, and copy them back afterwards? Perhaps even using Xcopy or something like that in a batch file?
posted by MikeWarot at 11:19 AM on July 14, 2010
posted by MikeWarot at 11:19 AM on July 14, 2010
Ditto to MikeWarot,
Backup and restore sounds like your best option, integrate it into their login scripts and you should be good to go. Run the backup for a couple days prior to to the patch to ensure maximum coverage, night of the patch install reverse the script and move the back.
posted by unvivid at 11:53 AM on July 14, 2010
Backup and restore sounds like your best option, integrate it into their login scripts and you should be good to go. Run the backup for a couple days prior to to the patch to ensure maximum coverage, night of the patch install reverse the script and move the back.
posted by unvivid at 11:53 AM on July 14, 2010
Response by poster: MikeWarot: "Can you save the desktop to a network location before the patch, and copy them back afterwards? Perhaps even using Xcopy or something like that in a batch file?"
Would restoring the desktop files back screw up their desktop icon arrangements?
posted by charred husk at 12:00 PM on July 14, 2010
Would restoring the desktop files back screw up their desktop icon arrangements?
posted by charred husk at 12:00 PM on July 14, 2010
(I work at MS on the team that does Windows security updates)
You should contact Microsoft Support (free for anything related to a security update) at 1-866-PCSAFETY and start the process of examining why this is happening for you.
Please also send me an email/memail so I can start the ball rolling from the engineering end of things.
posted by Diddly at 12:09 PM on July 14, 2010
You should contact Microsoft Support (free for anything related to a security update) at 1-866-PCSAFETY and start the process of examining why this is happening for you.
Please also send me an email/memail so I can start the ball rolling from the engineering end of things.
posted by Diddly at 12:09 PM on July 14, 2010
Best answer: Would restoring the desktop files back screw up their desktop icon arrangements?
I'm pretty sure that overwriting a file in the desktop folder with one of the same name won't mess up the positioning, but you can easily test that for yoursefl.
Also, if these are shortcuts, there'd be no point in backing up the entire desktop. I've seen desktops with 300Gb of files on them. Just back up the .lnk files.
posted by le morte de bea arthur at 12:41 PM on July 14, 2010
I'm pretty sure that overwriting a file in the desktop folder with one of the same name won't mess up the positioning, but you can easily test that for yoursefl.
Also, if these are shortcuts, there'd be no point in backing up the entire desktop. I've seen desktops with 300Gb of files on them. Just back up the .lnk files.
posted by le morte de bea arthur at 12:41 PM on July 14, 2010
Response by poster: Diddly: "You should contact Microsoft Support (free for anything related to a security update) at 1-866-PCSAFETY and start the process of examining why this is happening for you."
PC Safety is for viruses and also for home users, I don't think that applies to me. Any other contact options? The only ones I can find are costing over $100, and I'm not paying them to tell them about their own problems.
posted by charred husk at 12:44 PM on July 14, 2010
PC Safety is for viruses and also for home users, I don't think that applies to me. Any other contact options? The only ones I can find are costing over $100, and I'm not paying them to tell them about their own problems.
posted by charred husk at 12:44 PM on July 14, 2010
Best answer: Looks like the proper way for professionals to contact support for a security issue is via http://support.microsoft.com/oas/default.aspx?&prid=7552
posted by Diddly at 4:19 PM on July 14, 2010
posted by Diddly at 4:19 PM on July 14, 2010
Simplifying le morte de bea arthor's idea - just set the .lnk files to read-only, apply the patches, then remove the read-only flag. Should be easily scriptable.
posted by Diddly at 8:19 PM on July 14, 2010
posted by Diddly at 8:19 PM on July 14, 2010
You might also want to consider setting up a temporary share on your file server (where this patch presumably won't be run) and adding a read-only set of the shortcuts to it. Then add that share to existing login scripts. That way if the SHTF because something doesn't work as expected you can tell your users, "Don't freak out, just go to your X: drive and all of your shortcuts are there. You can either cut & paste them back to your desktop or we'll eventually get around to doing it for you."
posted by Pachycerianthus at 10:28 PM on July 14, 2010
posted by Pachycerianthus at 10:28 PM on July 14, 2010
Response by poster: Unless Microsoft comes up with something, looks like I'll be doing a .lnk backup and restore. Thanks for the help, everyone! Especially the folks from Microsoft that stepped up.
posted by charred husk at 7:41 AM on July 15, 2010
posted by charred husk at 7:41 AM on July 15, 2010
This thread is closed to new comments.
posted by le morte de bea arthur at 10:41 AM on July 14, 2010