If you are deploying Office 2000 for the first time or if you have never patched your administrative installation point beyond Office 2000 SR1a, then distributing client patches (including service packs) directly to users is usually the most efficient and reliable way to keep clients up-to-date.
Note The Office Resource Kit has published new and improved information for updating client installations. For more information about patching strategies, see "Strategies for Updating Office 2000 Installations" in the Office Admin Update Center.
If you have already patched your administrative image, you must re-establish a new baseline and recache and reinstall Office with every service pack. Between service packs, however, you still have the option to distribute client updates.
Microsoft recommends distributing client updates if you:
- Have experienced synchronization problems between clients and the source in the past. Applying a client patch does not modify the locally cached Office MSI file. This behavior helps to prevent scenarios in which the client has one version of the MSI file and the source has another.
- Distribute software updates gradually or selectively. It is not necessary to update all client computers that depend on the administrative image at once. Deployment can be targeted at one group or at individual users, as necessary.
- Have network resource limitations. Distributing client patches requires considerably less bandwidth than does recaching and reinstalling Office.
Note Client patches stay applied to a client computer, even if you change files associated with the updated application. If a client computer is missing a file and the user downloads the original one from the source, that file will still have the patch applied to it, ensuring that the installation is always up-to-date.
This update strategy comes with the following requirements:
- You must be running Windows Installer 2.0 or later to distribute client patches to users. Office 2000 shipped with Windows Installer 1.0. You can download the updated Windows Installer 2.0 for Windows 95, Windows 98, and Windows ME or Windows Installer 2.0 for Windows NT 4.0 (SP-6) and Windows 2000 at the Microsoft Download Center.
- Users typically need access to the source to apply a client patch.
- Client computers must be updated to the most recent baseline version in order to apply a client patch.
- When new clients install Office 2000 from the baseline administrative image, you must separately deploy any previously distributed patches. You can use a batch file or log-on script to accomplish this additional step.
- To maintain control over the update level throughout your organization, it is recommended that you block users' access to updates on Office Online and distribute all client patches yourself.
- Organizations that run any Office applications from the source cannot use this patching strategy.
If a client patch is applied to a client computer that is running an application from the source, the application is downloaded to the local computer and no longer runs from source.
Note If you have already patched your administrative image, you must re-establish a new baseline and recache and reinstall Office with every service pack. Between service packs, however, you still have the option to distribute client updates.
Updating existing installations
Client updates are run separately on each local computer. Client patch files can be kept in a folder on the administrative server, or in any network share that is accessible to all clients on the network. There is no need to have a separate server to host the patches, although it can be set up that way.
Since the client updates are released as EXE files, users can run them to install the updates on their computers. You can use a variety of methods to distribute the patches to your users:
- Deploy the update by using a software deployment mechanism such as Systems Management Server or Tivoli.
- Post the EXE on a network share and direct all users to run it.
Alternatively, you can extract the individual update files (MSP files) from the EXE package and use OHotFix, a supplied utility program, to apply the patch to the computers. By running OHotFix from a command line, you can then control such features as the display level and log file creation.
When OHotFix runs, it applies all the MSP files in its folder in case-sensitive (A-Z, then a-z) alphabetical order. You can place as many MSP files in the folder as you need. If you are updating computers that are at different states of currency, you can include all of the update files needed by the most out-of-date computer. OHotFix automatically detects whether an update file is applied to a computer and will not attempt to reapply the same patch.
Microsoft strongly recommends, however, that you keep only the latest updates for each application in the update folder, as the most recent update for an application contains all of the fixes in previously released updates. If updates are applied in the wrong order, it is possible that an older update may be applied over a newer one. For a list of latest updates for Office 2000, see Office 2000 Resource Kit Downloads on the Office Admin Update Center.
By extracting the MSP files and storing them in a permanent folder on a server, you can create a resilient network source for the update. This practice is useful when the user of a client computer accidentally deletes the local MSP file and needs to recover the update. If the local MSP is deleted, Windows Installer looks for the MSP file at the path from which the patch was originally installed. If the network source is available, then Windows Installer recaches the MSP file without failing or prompting the user for the MSP file.
You extract the files from the update EXE file by using a command line similar to the following:
C:\[path to update file]\MyUpdate.exe /c /t:C:\[folder for extracted files]
For example, the client update file for the Excel 2000: KB830349 is named Office2000-kb830349-client-enu.exe. When you extract the files from this EXE file, you see the following:
||OHotFix patching program
||Lists the settings that can be modified to control the behavior of Ohotfix.exe and Windows Installer
||Library file for the OHotFix program
||Excel 2000 security patch file
The OHotFix program runs automatically when you double-click the binary patch package. It first checks the state of the client computer, and then if appropriate, passes a command line to Windows Installer to apply the update. You can modify the behavior of OHotFix by changing settings in the OHotFix.ini file. Complete information on the available settings is included within OHotFix.ini itself.
Note Many Office 2000 update packages were released with a previous version of the OHotFix utility named OHotFix9.exe. OHotFix9 did not include an INI file, but instead relied upon a set of command-line switches to control the installation. Because the current version of OHotFix replaces OHotFix9, you can use the current version of this tool to apply any of the client updates for either Office 2000. For more information on OHotFix and a link to a downloadable version of this utility, see Installing Client Update Files with OHotFix in the Office Resource Kit.
Deploying full-file client patches
In Office 2000, the full-file, or administrative, versions of updates were originally intended only to patch an administrative image. Beginning with Office 2000 SP3, however, you can apply full-file patches directly to clients.
Full file patches can be used to help address some common patching frustrations. In environments with limited network bandwidth, for example, distributing a full-file client patch may be more efficient than having all users recache and reinstall Office over the network.
Under certain conditions, Office 2000 clients can also use the full-file version of a patch to avoid being prompted for the source (either the Office 2000 CD or the administrative installation point). In this scenario, traveling users who are out of sync with the source can apply the full-file version of a critical security update now and then recache and reinstall from the updated source later.
In order to take advantage of full-file patches in this way, however, users must first update the Office file hash table. This update allows Windows Installer to verify unversioned files, which are the most common cause of prompts for the source. The Office 2000 file hash patch is available only for English and Japanese language versions of Office 2000. For more information, see Apply Office 2000 Full-File Patches Without the Source.
Note The file hash table update and full-file patches do not eliminate the source requirement in every case. If a file on the user's computer is damaged or missing, and it is not included in the patch, that user may still be prompted for the source.
Both binary (client) and full-file (administrative) patches are available from the same page on the Microsoft Download Center. The procedures for extracting, distributing, and applying both types of updates are the same. For both the binary and full-file versions of a given patch, double-clicking the EXE file applies the patch to the local computer. Regardless of whether you are deploying the binary or full-file version, you use the same command line to extract the MSP file from the EXE file:
[path\name of EXE file] /c /t:[location for extracted MSP file]
In a managed environment, Microsoft recommends that you block users' access to Office updates on Office Online. By setting a single registry subkey or policy, you can prevent users from downloading client patches on their own and still allow them to take advantage of all the other resources on Office Online. For more information, see Blocking Users' Access to Office Update.
The strategies for applying updates to Multilingual User Interface Packs are identical to those for updating the core Office installation. For more information, see Deploying Office 2000.