In the production environment where I work, there are pretty strict ACL rules in place. So strict, in fact, that attempts to run the SQL update from Lync FEs fail because ports 445 and 139 are blocked.
First question: is there “danger” to an environmental state where CU3 is applied but the DB component is not? This appears to not be the case, but I'd like to be sure.
Second question: if the situation IS a suspect state, can the SQL update be run from the enterprise monitoring server? The monitoring server function is not co-located with the SQL back-end. At http://support.microsoft.com/?kbid=2493736, it's noted that the update should be run from an FE, but I’m wondering if that is an absolute requirement.
Third question: is it correct to say that, long term, ports 445 and 139 should be open between FEs and BEs to enable this functionality?
Deskpoet