基础安装和配置:搭建Windows离线补丁服务器(Window2016)
手工指定补丁服务器:gpedit.msc(计算机配置->策略->管理模版->windows组件->windows更新)
gpupdate /force
用代码指定自己搭建的补丁服务器,需要重启才能生效:
//设置内网操作系统自动更新补丁
if bIsNW and IsCompanyIP and (mds.GetConst('WindowsUpdate','UseWUServer',0)=1) and (WUServer<>'') and (WUStatusServer<>'') then
begin
if Reg.OpenKey('SOFTWARE\Policies\Microsoft\windows\WindowsUpdate',True) then
begin
Reg.WriteInteger('AcceptTrustedPublisherCerts',1);
Reg.WriteString('WUServer',WUServer);
Reg.WriteString('WUStatusServer',WUStatusServer);
Reg.CloseKey;
end;
if Reg.OpenKey('SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU',True) then
begin
Reg.WriteInteger('UseWUServer',mds.GetConst('WindowsUpdate','UseWUServer',1));
Reg.WriteInteger('NoAutoUpdate',mds.GetConst('WindowsUpdate','NoAutoUpdate',0));
Reg.WriteInteger('AUOptions',mds.GetConst('WindowsUpdate','AUOptions',4));
Reg.WriteInteger('ScheduledInstallDay',mds.GetConst('WindowsUpdate','ScheduledInstallDay',0));
Reg.WriteInteger('ScheduledInstallTime',mds.GetConst('WindowsUpdate','ScheduledInstallTime',3));
Reg.WriteInteger('AutoInstallMinorUpdates',mds.GetConst('WindowsUpdate','AutoInstallMinorUpdates',1));
Reg.WriteInteger('RebootRelaunchTimeoutEnabled',mds.GetConst('WindowsUpdate','RebootRelaunchTimeoutEnabled',1));
Reg.WriteInteger('RebootRelaunchTimeout',mds.GetConst('WindowsUpdate','RebootRelaunchTimeout',30));
Reg.WriteInteger('DetectionFrequencyEnabled',mds.GetConst('WindowsUpdate','DetectionFrequencyEnabled',1));
Reg.WriteInteger('DetectionFrequency',mds.GetConst('WindowsUpdate','DetectionFrequency',$22));
Reg.WriteInteger('NoAutoRebootWithLoggedOnUser',mds.GetConst('WindowsUpdate','NoAutoRebootWithLoggedOnUser',1));
Reg.WriteInteger('RebootWarningTimeout',mds.GetConst('WindowsUpdate','RebootWarningTimeout',2));
Reg.WriteInteger('RebootWarningTimeoutEnabled',mds.GetConst('WindowsUpdate','RebootWarningTimeoutEnabled',1));
Reg.WriteInteger('RescheduleWaitTime',mds.GetConst('WindowsUpdate','RescheduleWaitTime',10));
Reg.WriteInteger('RescheduleWaitTimeEnabled',mds.GetConst('RescheduleWaitTimeEnabled','WUServer',1));
Reg.CloseKey;
end;
end
else
if mds.GetConst('WindowsUpdate','UseWUServer',1)=0 then
begin
if Reg.OpenKey('SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU',False) then
begin
Reg.DeleteValue('UseWUServer');
Reg.DeleteValue('NoAutoUpdate');
Reg.DeleteValue('AUOptions');
Reg.DeleteValue('ScheduledInstallDay');
Reg.DeleteValue('ScheduledInstallTime');
Reg.DeleteValue('AutoInstallMinorUpdates');
Reg.DeleteValue('RebootRelaunchTimeoutEnabled');
Reg.DeleteValue('RebootRelaunchTimeout');
Reg.DeleteValue('DetectionFrequencyEnabled');
Reg.DeleteValue('DetectionFrequency');
Reg.DeleteValue('NoAutoRebootWithLoggedOnUser');
Reg.DeleteValue('RebootWarningTimeout');
Reg.DeleteValue('RebootWarningTimeoutEnabled');
Reg.DeleteValue('RescheduleWaitTime');
Reg.DeleteValue('RescheduleWaitTimeEnabled');
Reg.CloseKey;
end;
if Reg.OpenKey('SOFTWARE\Policies\Microsoft\windows\WindowsUpdate',False) then
begin
Reg.DeleteValue('AcceptTrustedPublisherCerts');
Reg.DeleteValue('WUServer');
Reg.DeleteValue('WUStatusServer');
Reg.DeleteKey('AU');
Reg.CloseKey;
end;
if Reg.OpenKey('SOFTWARE\Policies\Microsoft\Windows',False) then
begin
Reg.DeleteKey('WindowsUpdate');
Reg.CloseKey;
end;
end;
在客户端上运行查询已经安装的补丁,并记录到数据库中:
mdsPatch.Close;
mdsPatch.SQL := Format('select * from PMIS_WINDOWS_PATCHES where MachineID=''%s'' order by ID',[MachineID]);
if mdsPatch.OpenDataSet and mdsPatch.Active then
begin
//查询本机安装的补丁包
FSWbemLocator := CreateOleObject('WbemScripting.SWbemLocator');
FWMIService := FSWbemLocator.ConnectServer('localhost', '', '', '');
FWbemObjectSet:= FWMIService.ExecQuery('SELECT * FROM Win32_QuickFixEngineering','WQL',wbemFlagForwardOnly);
oEnum := IUnknown(FWbemObjectSet._NewEnum) as IEnumVariant;
while oEnum.Next(1, FWbemObject, iValue) = 0 do
begin
if not VarIsNull(FWbemObject.Caption) then Caption:= FWbemObject.Caption;
if not VarIsNull(FWbemObject.CSName) then CSName:= FWbemObject.CSName;
if not VarIsNull(FWbemObject.Description) then Description:= FWbemObject.Description;
if not VarIsNull(FWbemObject.FixComments) then FixComments:= FWbemObject.FixComments;
if not VarIsNull(FWbemObject.HotFixID) then HotFixID:= FWbemObject.HotFixID;
if not VarIsNull(FWbemObject.InstallDate) then InstallDate:= FWbemObject.InstallDate;
if not VarIsNull(FWbemObject.InstalledBy) then InstalledBy:= FWbemObject.InstalledBy;
if not VarIsNull(FWbemObject.InstalledOn) then InstalledOn:= FWbemObject.InstalledOn;
if not VarIsNull(FWbemObject.Name) then Name:= FWbemObject.Name;
if not VarIsNull(FWbemObject.ServicePackInEffect) then ServicePackInEffect:= FWbemObject.ServicePackInEffect;
if not VarIsNull(FWbemObject.Status) then Status:= FWbemObject.Status;
if not mdsPatch.Locate('HotFixID',HotFixID,[loCaseInsensitive]) then
begin
mdsPatch.Append;
mdsPatch.FieldByName('ID').AsInteger := mdsPatch.GetNewRecID('MainFrame');
mdsPatch.FieldByName('MachineID').AsString := MachineID;
mdsPatch.FieldByName('Caption').AsString := Caption;
mdsPatch.FieldByName('CSName').AsString := CSName;
mdsPatch.FieldByName('Description').AsString := Description;
mdsPatch.FieldByName('FixComments').AsString := FixComments;
mdsPatch.FieldByName('HotFixID').AsString := HotFixID;
mdsPatch.FieldByName('InstallDate').AsString := InstallDate;
mdsPatch.FieldByName('InstalledBy').AsString := InstalledBy;
mdsPatch.FieldByName('InstalledOn').AsString := InstalledOn;
mdsPatch.FieldByName('Name').AsString := Name;
mdsPatch.FieldByName('ServicePackInEffect').AsString := ServicePackInEffect;
mdsPatch.FieldByName('Status').AsString := Status;
mdsPatch.Post;
end;
if not cdsWP.Locate('HotFixID',HotFixID,[loCaseInsensitive]) then
begin
cdsWP.Append;
cdsWP.FieldByName('Caption').AsString := Caption;
cdsWP.FieldByName('CSName').AsString := CSName;
cdsWP.FieldByName('Description').AsString := Description;
cdsWP.FieldByName('FixComments').AsString := FixComments;
cdsWP.FieldByName('HotFixID').AsString := HotFixID;
cdsWP.FieldByName('InstallDate').AsString := InstallDate;
cdsWP.FieldByName('InstalledBy').AsString := InstalledBy;
cdsWP.FieldByName('InstalledOn').AsString := InstalledOn;
cdsWP.FieldByName('Name').AsString := Name;
cdsWP.FieldByName('ServicePackInEffect').AsString := ServicePackInEffect;
cdsWP.FieldByName('Status').AsString := Status;
cdsWP.Post;
end;
FWbemObject:=Unassigned;
end;
mdsPatch.Last;
while not mdsPatch.Bof do
begin
if not cdsWP.Locate('HotFixID',mdsPatch.FieldByName('HotFixID').AsString,[loCaseInsensitive]) then
mdsPatch.Delete;
mdsPatch.Prior;
end;
if not mdsPatch.SaveDataSet then
gLogger.error(mdsPatch.GetLastErrMsg);
end;记录补丁服务器搭建的主要步骤,特别注意最后一张图的内存配置。
如何删除角色
