Solved

WSUS Updates Install.

Posted on 2009-05-14
4
247 Views
Last Modified: 2012-05-07
in the WSUS policy, I set it up to:
-auto Donwload and schedule the install, every day at 3:00
-Allow Automatic Updates immediate installation
Automatic Updates detection frequency:Check for updates at the following interval (hours):  20

on Thursday morning at 8:00 am  when I checked the computer to which the policy is applied I saw the following logs in the event viewer:


3:00:20 Windows Server 2003 Hotfix KB967715 was installed.
3:00:26 Installation Successful: Windows successfully installed the following update: Update for Windows Server 2003 (KB967715)
3:00:26 Windows Server 2003 Hotfix KB956802 was installed.

Then the computer rebooted at 3:00:27

then it threw this log:

Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, May 15, 2009 at 3:00 AM:
- Update for Windows Server 2003 (KB955839)
- Security Update for Windows Server 2003 (KB938464)

My question is why it didn't install all the updates at one time instead of installing just a few of them and leaving the rest(it shows just 2) for the next day?
Actually there are around 60 updates needed on this computer.

Any idea why the updates are not installed at one time ?

Thanks
0
Comment
Question by:jskfan
  • 3
4 Comments
 
LVL 19

Accepted Solution

by:
PeteJThomas earned 500 total points
ID: 24384351
Hi again jskfan :)

This is almost definitely because some updates require a restart before the update process can continue. For example, some updates are reliant on other updates already being installed - So once all the 'prerequisite' updates have gone on, the machine reboots, to finalise installing those updates.

After that reboot, it will not attempt to install the rest until the next scheduled install time. This is exactly what happens on all of our clients too, and is normal behaviour... :)

Pete
0
 

Author Comment

by:jskfan
ID: 24384435
in this case you will always see in the WSUS console that the computer has updates "Not Approved" and "Not Installed" is this normal ? even if you see 60-70 updates Not approved, Not Installed?

I am afraid if I Approve them from WSUS console, it will install immediately and reboot the computer if required. which is not convenient if it's not at the scheduled time.
0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 24384617
Yes, this is perfectly normal. If you want the updates to be installed, approve them - The clients will then download the updates the next time the auclient checks in with the WSUS server, but the updates will NOT install until the scheduled time.

If you're worried, approve the updates for ONLY a test machine that is near you, and you can watch the behaviour on this machine and see for yourself. I know it doesn't always help to be told these things, especially if there are bad consequences if the info is wrong... :)

If in doubt, try it out... (but carefully and in a test environment) :D

Pete
0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 24384646
Oh and I'm afraid WSUS is quite messy, which is why I only ever use the filtered view that I created myself. There's always LOADS of updates not installed etc, and this is not a problem. As a best practise I try to decline as many updates as possible so that they disappear from the view completely.

This keeps the list of updates to look through and possibly approve down to a manageable level... :)

Pete
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question