hi all ....After installing squid, i went to some experiments such as determining which host to allow and deny. One of those is allowing all clients machine to update their winblows without any authentication by adding .microsoft.com to one rule that can be connected without authentication from all clients.
It 's look like gonna be successful, but somehow it failed in the end.IE browser went to MSwin updates web site and detected which updates should be applied properly. But when users start to install the updates, IE told that all updates is failed to be installed. There's even no folder called WUTemp in local machine which usually created during the updates to store temporary files. So, there's even no files being downloaded. I suspect that it use a different port ( or what ... i don't wanna care about ). So, what kind of ACL should be applied to squid to have this winblows update successfully ? Some windblowshead in the ms newsgroups suggest me to deploy SUS, which is surely, i don't wanna do it for godsake ! ------- what kind of idiot do deploying a windblows server in a machine that connected directly to the internet. .....meanwhile, I start wondering if there's some webapps that could be use to deploy winblows updating locally in an internal network. so users just go to an internal web server in the network via their preffered browser and start updating there without having to connect to the internet ... ;-)
cheers, --me--
Attachment:
signature.asc
Description: OpenPGP digital signature