How can I do patch files along with AD to run while the clients starts the machine (as an administrator)?
The Group Policies allow you to specific startup script and logon scripts. You can launch patch management scripts from there. You can also use Windows Update, which can also be configured in a group policy. If you would like to use a local server for patch updates so that you can better control which ones are being deployed in your enterprise, build a SUS server.
Additional Expert Help:
Be sure to check our Answer FAQ for more expert advice.
For faster answers, visit ITKnowledge Exchange.