Announcement

Collapse
No announcement yet.

Automatic Reboots after updates installed via WSUS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Automatic Reboots after updates installed via WSUS

    We use WSUS to manage our Windows Update installations, but I would like to disable the automatic reboots all together, so I can schedule them for a time when our cluster failovers and reboots happen on other machines.

    Is this possible? I have looked through all the GP settings related to windows updates, but I only see the option to delay the reboot or deny the reboot if users are logged in.

    Thanks in advance

  • #2
    Re: Automatic Reboots after updates installed via WSUS

    There is an option in WSUS to disable auto reboot. Someone else will have to provide directions as I don't have it setup where I am at the moment.
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: Automatic Reboots after updates installed via WSUS

      I don't think there is -- there is "No auto-restart with logged on users" which is not quite the same thing.

      You could get around it by leaving your servers logged on and locked or by giving them the "download but do not install" option for updates -- thats my preference as it puts ME back in control (but adds to the workload and monitoring). Clients can have "scheduled install", "auto restart" and "damn the users" enabled
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Automatic Reboots after updates installed via WSUS

        I can't find an option in the GP to disable this. I have looked in WSUS itself, but its options seem to be related only to update functionality, (unless I am overlooking something), The only reboot options are deny if user is logged in and delay xx minutes after updates are installed.

        You could get around it by leaving your servers logged on and locked or by giving them the "download but do not install" option for updates -- thats my preference as it puts ME back in control (but adds to the workload and monitoring).
        This is basically what I am doing now and scheduling the reboots when we have our failovers etc. scheduled. Again MS has missed the only useful option in a pretty good product.

        Comment


        • #5
          Re: Automatic Reboots after updates installed via WSUS

          It seems to me that this is fairly logical behaviour.

          From the sounds of it, you are approving the updates to be installed and then trying to leave the servers up and running for an extended amount of time before the reboot.

          I don't know about you, but to me that implies leaving the system in a state that could possibly be unstable. I know I've had updates in the past that leave this or that not able to work properly until the reboot so personally I'd want to get the reboot done and out of the way as soon as possible after the installation.

          My understanding of the group policies was that they were there to allow you to delay the installation till a time when you can install them and reboot them there and then.

          Still, having said that the options for delaying the install are not fantastic as you can only specify a particular day of the week which gives you a maximum of 7 days after you approve the updates with WSUS..

          Comment


          • #6
            Re: Automatic Reboots after updates installed via WSUS

            Georgeeye,

            I was in exactly the same position as you with this. The solution that we came up with was to configure the group policy options to download and prompt for install. From there you can use a script to install the updates and prevent an automated restart.

            A copy of the script we used is on my blog, you can invoke this using either PSExec or a scheduled task on the servers. We chose the scheduled task option given the number of servers. The scheduled tasks is scheduled to run every Friday during the night and but this will only progress when there are approved updates. We then come in on a Saturday and handle a controlled restart.

            Script is here:
            http://www.shockwave.me.uk/?p=36

            The script has a prompt for the restart option but you can remove this.

            Rob.
            Rob.
            ----
            There are 10 types of people in the world: Those who understand binary, and those who don't...

            Comment

            Working...
            X