Hi,
We have 4 seperate WS2012R2 Hyper-v clusters located in 2 datacenters.
I want to setup Cluster aware updating - remotely managed.
The plan is to orchestrate the update process from a third location. Also on this third location the fileshare with the hotfixes will be located.
I will download the Hyper-V hotfixes and Failovercluster hotfixes and place them in the following folder structure:
\\MyFileServer\Hotfixes\Root\
DefaultHotfixConfig.xml
CAUHotfix_All\
Update1.msu
Update2.msi
Update3.msp
...
I will only use the MicrosoftHotfixPlugin.
I have made a share and set the ntfs permissions as
SYSTEM Full Control
Local Administrators Full Control
CREATOR Owner Full Control
TrustedInstaller Full Control
Users (local) Read&Execute
When I check the ACLs via Get-Acl -Path C:\Hotfixes\Root | fl AccessToString I get
...
BUITLIN\Users Allow ReadAndExecute,Sychronize
BUITLIN\Users Allow AppendData
BUITLIN\Users Allow CreateFiles
...
I set the encryption: Set-SmbShare -Name Hotfixes -EncryptData $True -Force
If I start the Preview Updates with paramteres I get the error: "One or more unexpected accounts with write permissions
were encountered wen checking the security for :\\MyFileServer\Hotfixes\Root\ Unexpected accounts:
{BUILTIN\Users, Sid:S1-...}.
Why is this happening? I haven't changed the permissions for the local users group?
Anybody else has implemented CAU with remotely managed using an SMB fileshare?
We have 4 seperate WS2012R2 Hyper-v clusters located in 2 datacenters.
I want to setup Cluster aware updating - remotely managed.
The plan is to orchestrate the update process from a third location. Also on this third location the fileshare with the hotfixes will be located.
I will download the Hyper-V hotfixes and Failovercluster hotfixes and place them in the following folder structure:
\\MyFileServer\Hotfixes\Root\
DefaultHotfixConfig.xml
CAUHotfix_All\
Update1.msu
Update2.msi
Update3.msp
...
I will only use the MicrosoftHotfixPlugin.
I have made a share and set the ntfs permissions as
SYSTEM Full Control
Local Administrators Full Control
CREATOR Owner Full Control
TrustedInstaller Full Control
Users (local) Read&Execute
When I check the ACLs via Get-Acl -Path C:\Hotfixes\Root | fl AccessToString I get
...
BUITLIN\Users Allow ReadAndExecute,Sychronize
BUITLIN\Users Allow AppendData
BUITLIN\Users Allow CreateFiles
...
I set the encryption: Set-SmbShare -Name Hotfixes -EncryptData $True -Force
If I start the Preview Updates with paramteres I get the error: "One or more unexpected accounts with write permissions
were encountered wen checking the security for :\\MyFileServer\Hotfixes\Root\ Unexpected accounts:
{BUILTIN\Users, Sid:S1-...}.
Why is this happening? I haven't changed the permissions for the local users group?
Anybody else has implemented CAU with remotely managed using an SMB fileshare?